Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Win7 (64): positive find ads

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.02.2015, 18:36   #1
Wolf99
 
Win7 (64): positive find ads - Standard

Win7 (64): positive find ads



Hallo allerseits!
Seit zwei Tagen werden meine Browser (Firefox und Google Chrom) mit Werbung offenbar von Ads by Positive Finds zugekleistert.
Löschen in der Systemsteuerung und Neustart brachte keinen Erfolg.
Ich wäre sehr dankbar für jede Hilfe!
Mit freundlichen Grüßen
Wolf99

Alt 07.02.2015, 18:39   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7 (64): positive find ads - Standard

Win7 (64): positive find ads



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!




Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 08.02.2015, 11:09   #3
Wolf99
 
Win7 (64): positive find ads - Standard

Win7 (64): positive find ads



Danke für die schnelle Reaktion.
Kein früherer Log vorhanden.


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2015
Ran by User (ATTENTION: The logged in user is not administrator) on WOLF-PC on 08-02-2015 11:01:49
Running from C:\Users\User\Downloads
Loaded Profiles: User (Available profiles: Wolf & User & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> csrss.exe
Failed to access process -> wininit.exe
Failed to access process -> winlogon.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> lsm.exe
Failed to access process -> svchost.exe
Failed to access process -> nvvsvc.exe
Failed to access process -> nvSCPAPISvr.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> spoolsv.exe
Failed to access process -> svchost.exe
Failed to access process -> nvxdsync.exe
Failed to access process -> svchost.exe
Failed to access process -> nvvsvc.exe
Failed to access process -> schedul2.exe
Failed to access process -> armsvc.exe
Failed to access process -> afcdpsrv.exe
Failed to access process -> AppleMobileDeviceService.exe
Failed to access process -> AVTHelper.exe
Failed to access process -> BtwRSupportService.exe
Failed to access process -> mDNSResponder.exe
Failed to access process -> btwdins.exe
Failed to access process -> SkypeC2CAutoUpdateSvc.exe
Failed to access process -> SkypeC2CPNRSvc.exe
Failed to access process -> svchost.exe
Failed to access process -> dgnsvc.exe
Failed to access process -> fshoster32.exe
Failed to access process -> fsorsp.exe
Failed to access process -> HauppaugeTVServer.exe
Failed to access process -> fsgk32.exe
Failed to access process -> NvNetworkService.exe
Failed to access process -> nvstreamsvc.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> psia.exe
Failed to access process -> plugincontainer.exe
Failed to access process -> StarMoneyOnlineUpdate.exe
Failed to access process -> CaptureGenPCI.exe
Failed to access process -> svchost.exe
Failed to access process -> TeamViewer_Service.exe
Failed to access process -> TomTomHOMEService.exe
Failed to access process -> svchost.exe
Failed to access process -> SearchIndexer.exe
Failed to access process -> CaptureDLNA.exe
Failed to access process -> CaptureDLNA.exe
Failed to access process -> CaptureDLNA.exe
Failed to access process -> loggerservice.exe
Failed to access process -> Plugin.exe
Failed to access process -> Plugin.exe
Failed to access process -> Plugin.exe
Failed to access process -> Plugin.exe
Failed to access process -> FSMA32.EXE
Failed to access process -> FSHDLL64.EXE
Failed to access process -> updater.exe
Failed to access process -> svchost.exe
Failed to access process -> fssm32.exe
Failed to access process -> WUDFHost.exe
Failed to access process -> nvstreamsvc.exe
Failed to access process -> conhost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Failed to access process -> GoogleCrashHandler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Ashampoo Media GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo Snap 7\ashsnap.exe
(Secomba GmbH) C:\Program Files (x86)\BoxCryptor\Boxcryptor.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(App Dynamic) C:\Program Files (x86)\AirMediaServer\AirMediaServer.exe
(Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Avatron Software, Inc) C:\Program Files\Avatron\Air Display\AirDisplay.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Users\User\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\Ir.exe
(Broadcom Corporation) C:\Program Files (x86)\Belkin\Bluetooth Software\BTTray.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
Failed to access process -> GoogleCrashHandler64.exe
Failed to access process -> svchost.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Acronis) C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Tracker Software Products) C:\Program Files (x86)\Mindjet\MindManager 5\sys\PDF\GER\W2K\PDFSaver.exe
Failed to access process -> iPodService.exe
(Bartels Media GmbH) C:\Program Files (x86)\PhraseExpress\phraseexpress.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(BitLeader) C:\Program Files (x86)\lg_fwupdate\fwupdate.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Identive GmbH) C:\Program Files (x86)\CHIPDRIVE\CHIPDRIVE MyKey\MyKey\MyKey.exe
Failed to access process -> wmpnetwk.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Dropbox, Inc.) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Users\User\AppData\Local\Apps\Evernote\Evernote\EvernoteClipper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(SCM Microsystems) C:\Program Files (x86)\CHIPDRIVE\CHIPDRIVE MyKey\MyKey\SCMSOK.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
Failed to access process -> PhotoshopElementsFileAgent.exe
() C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\3\Plugin.exe
Failed to access process -> PhotoshopElementsFileAgent.exe
Failed to access process -> FABS.exe
Failed to access process -> LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
Failed to access process -> UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
Failed to access process -> OSPPSVC.EXE
Failed to access process -> SeaPort.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-06] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [391192 2010-08-02] (Acronis)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5452488 2010-08-02] (Acronis)
HKLM-x32\...\Run: [TrayServer] => C:\Program Files (x86)\MAGIX\Video_deluxe_17_Plus\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [SAOB Monitor] => C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe [2570648 2010-08-02] (Acronis)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-12-08] (Bitleader)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111928 2013-05-03] (Intel Corporation)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [310312 2013-11-26] (F-Secure Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2011-09-28] (cyberlink)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-01-20] (Apple Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [MyKey] => c:\program files (x86)\chipdrive\chipdrive mykey\mykey\mykey.exe [3757000 2012-12-03] (Identive GmbH)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [F-Secure Hoster (666)] => C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2014-07-08] (F-Secure Corporation)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-01-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Run: [3C315CB7C05A2A2BFAEAFA05AE1603CA95A938F0._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-04] (Google Inc.)
HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Run: [AshSnap] => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 7\ashsnap.exe [5728600 2014-09-09] (Ashampoo Media GmbH & Co. KG)
HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Run: [Boxcryptor.exe] => C:\Program Files (x86)\Boxcryptor\Boxcryptor.exe [1063680 2014-08-06] (Secomba GmbH)
HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Run: [AirMediaServer] => C:\Program Files (x86)\AirMediaServer\AirMediaServer.exe [774032 2012-04-12] (App Dynamic)
HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Run: [SkyDrive] => C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation)
HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Run: [BoxCryptor] => C:\Program Files (x86)\BoxCryptor\BoxCryptor.exe [1063680 2014-08-06] (Secomba GmbH)
HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Run: [Air Display Support] => C:\Program Files\Avatron\Air Display\AirDisplay.exe [4189688 2013-12-04] (Avatron Software, Inc)
HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Run: [Smart Driver Updater] => C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe [391792 2013-11-18] (Avanquest Software)
HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Run: [Amazon Music] => C:\Users\User\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2015-01-22] (Google Inc.)
HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Run: [Google+ Auto Backup] => C:\Users\User\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3746120 2014-08-12] (Google Inc.)
HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\MountPoints2: {e9b2d50c-4129-11e2-ac3f-806e6f6e6963} - X:\start-win.exe
HKU\S-1-5-18\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Internet Explorer\iexplore.exe [813744 2014-11-27] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk
ShortcutTarget: AutoStart IR.lnk -> C:\Program Files (x86)\WinTV\Ir.exe (Hauppauge Computer Works)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
ShortcutTarget: BTTray.lnk -> C:\Program Files (x86)\Belkin\Bluetooth Software\BTTray.exe (Broadcom Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NewShortcut4.lnk
ShortcutTarget: NewShortcut4.lnk -> C:\Program Files (x86)\Mindjet\MindManager 5\sys\PDF\GER\W2K\PDFSaver.exe (Tracker Software Products)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress.lnk
ShortcutTarget: PhraseExpress.lnk -> C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Bartels Media GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status.lnk
ShortcutTarget: WinTV Recording Status.lnk -> C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe (Hauppauge Computer Works, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Users\User\AppData\Local\Apps\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
SSODL: EldosMountNotificator-cbfs4 - {A42D514D-60A5-431C-B3F3-8B6FAF92C3AC} - C:\Windows\system32\cbfsMntNtf4.dll (EldoS Corporation)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator-cbfs4 - {A42D514D-60A5-431C-B3F3-8B6FAF92C3AC} - C:\Windows\SysWOW64\cbfsMntNtf4.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [0WualaOverlayIcon1] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Wuala OverlayIcons\OverlayIcon.dll (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon2] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Wuala OverlayIcons\OverlayIcon.dll (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon3] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Wuala OverlayIcons\OverlayIcon.dll (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon4] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Wuala OverlayIcons\OverlayIcon.dll (LaCie AG)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {D3FC7241-7C2F-4DE1-BDA2-D723B7F32CE5} => C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs4] -> {A6E6F62E-A5F0-472C-A01D-F9EDFBECD437} => C:\Windows\system32\cbfsMntNtf4.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [1EldosIconOverlay] -> {D3FC7241-7C2F-4DE1-BDA2-D723B7F32CE5} => C:\Windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs4] -> {A6E6F62E-A5F0-472C-A01D-F9EDFBECD437} => C:\Windows\SysWOW64\cbfsMntNtf4.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3911170492-2722250824-168465764-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3911170492-2722250824-168465764-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
HKU\S-1-5-21-3911170492-2722250824-168465764-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&q={searchTerms}&installDate=16/10/2013
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&q={searchTerms}&installDate=16/10/2013
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&q={searchTerms}&installDate=16/10/2013
SearchScopes: HKU\S-1-5-21-3911170492-2722250824-168465764-1003 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&q={searchTerms}&installDate=16/10/2013
SearchScopes: HKU\S-1-5-21-3911170492-2722250824-168465764-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: QuickShare WidgetEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} ->  No File
BHO: F-Secure Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll (F-Secure Corporation)
BHO: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\dgnriaie_x64.dll (Nuance Communications, Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} ->  No File
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Positive Finds -> {30c85a3d-1d96-4589-b63f-91fb7ef45a41} -> C:\Program Files (x86)\Positive Finds\Extensions\30c85a3d-1d96-4589-b63f-91fb7ef45a41.dll ()
BHO-x32: QuickShare WidgetEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: F-Secure Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll (F-Secure Corporation)
BHO-x32: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\dgnriaie.dll (Nuance Communications, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} ->  No File
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-3911170492-2722250824-168465764-1003 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {65EEE2E1-B8D5-4724-8489-048B551045BF} https://chipkarte.santanderbank.de/Estatico/ALP_EBANDE_SmartCardPres_E/Recursos/SantanderChipcardPlugin2610.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\Windows\SysWOW64\btxppanel.dll (Broadcom Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\em7xfk6t.default
FF DefaultSearchEngine: Ixquick HTTPS
FF SelectedSearchEngine: Ixquick HTTPS
FF Homepage: https://ixquick.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=10.15.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: nuance.com/DgnRia2_x86_64 -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\npDgnRia2_x64.dll (Nuance Communications, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.dpliveupdate.com/DealPlyLive Update;version=3 -> C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF Plugin-x32: @tools.dpliveupdate.com/DealPlyLive Update;version=9 -> C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: nuance.com/DgnRia2 -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\npDgnRia2.dll (Nuance Communications, Inc.)
FF Plugin HKU\S-1-5-21-3911170492-2722250824-168465764-1003: @tools.google.com/Google Update;version=3 -> C:\Users\User\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3911170492-2722250824-168465764-1003: @tools.google.com/Google Update;version=9 -> C:\Users\User\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\em7xfk6t.default\searchplugins\ixquick-https.xml
FF Extension: iCloud Bookmarks - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\em7xfk6t.default\Extensions\firefoxdav@icloud.com [2014-02-07]
FF Extension: Flashblock - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\em7xfk6t.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013-08-07]
FF Extension: EPUBReader - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\em7xfk6t.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2013-12-02]
FF Extension: Evernote Web Clipper - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\em7xfk6t.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2013-12-21]
FF Extension: Santander Chipcard Plugin - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\em7xfk6t.default\Extensions\{fd639891-5cc6-45ae-9055-a7a6abb5a7a9} [2013-08-07]
FF Extension: Classic Theme Restorer - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\em7xfk6t.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-05-11]
FF Extension: FireTube - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\em7xfk6t.default\Extensions\jid0-w1UVmoLd6VGudaIERuRJCPQx1dQ@jetpack.xpi [2013-06-11]
FF Extension: Clearly - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\em7xfk6t.default\Extensions\readable@evernote.com.xpi [2013-02-06]
FF Extension: Safe Preview - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\em7xfk6t.default\Extensions\safepreview@everhelper.me.xpi [2013-10-12]
FF Extension: Zotero - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\em7xfk6t.default\Extensions\zotero@chnm.gmu.edu.xpi [2013-04-13]
FF Extension: Positive Finds - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\em7xfk6t.default\Extensions\{29e2f58a-a791-4ede-8083-4f6919d1cb6d}.xpi [2015-02-02]
FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\em7xfk6t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-11]
FF Extension: DownThemAll! - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\em7xfk6t.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-10-13]
FF Extension: Google Privacy - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\em7xfk6t.default\Extensions\{ea61041c-1e22-4400-99a0-aea461e69d04}.xpi [2013-10-12]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-27]
FF HKLM-x32\...\Firefox\Extensions: [{839dafec-9de6-44cb-92ec-28be76b89c58}] - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https
FF Extension: Browsing Protection - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https [2014-11-13]
FF HKLM-x32\...\Firefox\Extensions: [{FACC66B7-E49F-49ed-997E-66A221FD956D}] - C:\Program Files (x86)\CHIPDRIVE\CHIPDRIVE MyKey\MyKey\FireFox
FF Extension: MyKey Interface - C:\Program Files (x86)\CHIPDRIVE\CHIPDRIVE MyKey\MyKey\FireFox [2014-01-25]
FF HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Firefox\Extensions: [safesearch@f-secure.com] - C:\Users\User\AppData\Roaming\F-Secure\SafeSearch\FFPlugIn
FF Extension: F-Secure Search - C:\Users\User\AppData\Roaming\F-Secure\SafeSearch\FFPlugIn [2014-02-24]
FF HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=hp&installDate=16/10/2013"
CHR DefaultSearchKeyword: Default -> ixquick.com_
CHR DefaultSearchURL: Default -> https://ixquick.com/do/search?query={searchTerms}&cat=web&pl=chrome&language=deutsch
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-22]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-22]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-22]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-05]
CHR Extension: (Office Mini Golf) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnecahfomcahannbpejkkalmmoeeihbg [2013-02-12]
CHR Extension: (McAfee Security Scan+) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-21]
CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-05]
CHR Extension: (WGT Golf Challenge) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg [2013-02-11]
CHR Extension: (Dragon Weberweiterung) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddaloccgjfibfpkalenodgehlhkgoahe [2014-09-05]
CHR Extension: (Billard Meister) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahncjchcngjbfldflhkcigkcidcaeod [2013-02-22]
CHR Extension: (Google Tabellen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-22]
CHR Extension: (Stoppuhr / Timer) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggnidjbcahhbnleinchgobfnabopeioh [2013-02-22]
CHR Extension: (Search by F-Secure) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkmikccifolokanfakbeadbmgchomeli [2014-10-25]
CHR Extension: (MapsGalaxy) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcjipjkegmphfmkkbikeabjiliiacoke [2014-09-27]
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2014-04-02]
CHR Extension: (Skype Click to Call) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-11-05]
CHR Extension: (DealPly Germany) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf [2013-07-30]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-07]
CHR Extension: (Evernote Web Clipper) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2013-02-07]
CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-05]
CHR HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Chrome\Extension: [gkmikccifolokanfakbeadbmgchomeli] - C:\Program Files (x86)\F-Secure\apps\SafeSearch\Chrome\main.crx [2014-06-19]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:/Program Files (x86)/F-Secure/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx [2014-06-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [mphpbdjcljebbcnfopfngmfdackbbdgf] - C:\Program Files (x86)\DealPly\DealPly.crx [2013-07-30]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-09] (Adobe Systems) [File not signed]
R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2014-08-31] (Adobe Systems Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 AVTHelper; C:\Program Files\Avatron\Air Display\AVTHelper.exe [237048 2013-12-04] (Avatron Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2227992 2012-11-02] (Broadcom Corporation.)
R2 btwdins; C:\Program Files (x86)\Belkin\Bluetooth Software\bin\btwdins.exe [163840 2004-10-01] (Broadcom Corporation) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink)
S2 dealplylive; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-07-30] (DealPly Technologies Ltd)
S3 dealplylivem; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-07-30] (DealPly Technologies Ltd)
R2 DragonLoggerService; C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe [137280 2014-07-23] (Nuance Communications, Inc.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2012-11-01] (Macrovision Europe Ltd.) [File not signed]
R2 fshoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2014-07-08] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2013-11-26] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [60456 2014-06-24] (F-Secure Corporation)
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [579584 2014-02-14] (Hauppauge Computer Works) [File not signed]
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
R2 Service Mgr PositiveFinds; C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugincontainer.exe [577272 2015-02-07] ()
R2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
R2 Update Mgr PositiveFinds; C:\Program Files (x86)\Common Files\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\updater.exe [384760 2015-02-07] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R3 AirDisplay; C:\Windows\System32\DRIVERS\AVVideoCard.sys [15352 2013-12-04] (Windows (R) Win 7 DDK provider)
R3 AirDisplayMirror; C:\Windows\System32\DRIVERS\AVVideoCardMirror.sys [15352 2013-12-04] (Windows (R) Win 7 DDK provider)
R3 AirDisplayWDDM; C:\Windows\System32\DRIVERS\AVWDDMMiniPort.sys [48632 2013-12-04] (Windows (R) Win 7 DDK provider)
S3 ASPI; C:\Windows\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [File not signed]
R0 AVPCIFilter; C:\Windows\System32\DRIVERS\AVPCIFilter.sys [36344 2013-12-04] (Windows (R) Win 7 DDK provider)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [169240 2012-11-02] (Broadcom Corporation.)
S0 BTKRNL; C:\Windows\SysWOW64\drivers\btkrnl.sys [1241482 2004-10-01] (Broadcom Corporation) [File not signed]
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R1 cbfs4; C:\Windows\system32\drivers\cbfs4.sys [387776 2013-11-15] (EldoS Corporation)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [207400 2014-11-30] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [71112 2014-11-30] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-09-09] ()
R0 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [42248 2013-03-01] ()
R3 fsni; C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\fsni64.sys [89640 2014-12-02] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-06-24] ()
R3 hcw88rc5; C:\Windows\System32\Drivers\hcw88rc5.sys [15872 2012-11-20] (Hauppauge Computer Works, Inc.)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37392 2009-04-08] (Paragon Software Group)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-10-22] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-10-22] (RapidSolution Software AG)
R3 S3XXx64; C:\Windows\System32\DRIVERS\S3XXx64.sys [73984 2014-06-16] (Identive)
R0 tdrpman258; C:\Windows\System32\DRIVERS\tdrpm258.sys [1477728 2012-11-04] (Acronis)
R3 vpnpbus; C:\Windows\System32\DRIVERS\vpnpbus.sys [18624 2013-11-15] (EldoS Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-08 11:01 - 2015-02-08 11:02 - 00048206 _____ () C:\Users\User\Downloads\FRST.txt
2015-02-08 11:01 - 2015-02-08 11:01 - 00000000 ____D () C:\FRST
2015-02-08 11:00 - 2015-02-08 11:00 - 02132992 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2015-02-06 19:26 - 2015-02-06 19:26 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\User\Downloads\SpyHunter-Installer.exe
2015-02-06 14:59 - 2015-02-06 14:59 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-06 14:59 - 2015-02-06 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-06 14:59 - 2015-02-06 14:59 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-06 14:59 - 2015-02-06 14:59 - 00000000 ____D () C:\Program Files\iTunes
2015-02-06 14:59 - 2015-02-06 14:59 - 00000000 ____D () C:\Program Files\iPod
2015-02-06 14:53 - 2015-02-06 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-02-06 14:51 - 2015-02-06 14:51 - 00001895 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2015-02-06 14:51 - 2015-02-06 14:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-02-06 14:51 - 2015-02-06 14:51 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-02-03 19:23 - 2015-02-03 19:23 - 00000000 ____D () C:\Users\User\AppData\Local\Lavasoft
2015-02-03 12:19 - 2015-02-03 12:29 - 00000108 ____H () C:\Users\User\Documents\.picasa.ini
2015-02-02 17:44 - 2015-02-02 17:44 - 00049990 ____N () C:\Users\User\Documents\Sprachmemo 013.amr
2015-02-02 14:10 - 2015-02-02 14:10 - 00000000 ____D () C:\Users\User\AppData\Roaming\TuneUp Software
2015-02-02 14:10 - 2015-02-02 14:10 - 00000000 ____D () C:\Users\User\AppData\Local\TuneUp Software
2015-02-02 12:22 - 2015-02-07 17:55 - 00000000 ____D () C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602
2015-02-02 12:22 - 2015-02-02 12:22 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\TuneUp Software
2015-02-02 12:22 - 2015-02-02 12:22 - 00000000 ____D () C:\Users\Wolf\AppData\Local\TuneUp Software
2015-02-02 12:22 - 2015-02-02 12:22 - 00000000 ____D () C:\Program Files (x86)\Positive Finds
2015-02-02 12:21 - 2015-02-02 12:23 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-02-02 12:21 - 2015-02-02 12:21 - 00001460 _____ () C:\Users\Public\Desktop\Free Audio Editor.lnk
2015-02-02 12:21 - 2015-02-02 12:21 - 00001297 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-02-02 12:21 - 2015-02-02 12:21 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-02-02 12:21 - 2015-02-02 12:21 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\FreeAudioEditor
2015-02-02 12:21 - 2015-02-02 12:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-02-02 12:20 - 2015-02-02 12:20 - 00005128 _____ () C:\Windows\SysWOW64\LavasoftTcpService.ini
2015-02-02 12:20 - 2015-02-02 12:20 - 00002824 _____ () C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-02-02 12:20 - 2015-02-02 12:20 - 00002824 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-02-02 12:20 - 2015-01-23 06:39 - 00378832 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-02-02 12:20 - 2015-01-23 06:39 - 00332216 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-02-02 12:18 - 2015-02-02 12:21 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-02-02 12:18 - 2015-02-02 12:18 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\RHEng
2015-02-02 12:17 - 2015-02-02 12:21 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\DVDVideoSoft
2015-02-02 12:15 - 2015-02-02 12:15 - 03529672 _____ (DVDVideoSoft Ltd. ) C:\Users\Wolf\Downloads\FreeAudioEditor.exe
2015-02-02 11:52 - 2015-02-02 11:53 - 00308709 _____ () C:\Users\User\Downloads\mp3DC220.exe
2015-01-31 18:25 - 2015-02-01 00:10 - 00000262 _____ () C:\Users\User\Documents\Beisitzer.csv
2015-01-30 13:30 - 2015-01-30 13:30 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-30 13:30 - 2015-01-30 13:30 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-30 13:25 - 2015-01-30 13:25 - 00960176 _____ (Adobe Systems Incorporated) C:\Users\Wolf\Downloads\flashplayer16_uninstall_win.exe
2015-01-30 13:00 - 2015-01-30 13:00 - 00000000 ___RD () C:\Users\Wolf\Creative Cloud Files
2015-01-30 12:59 - 2015-01-30 12:59 - 00001371 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-01-30 12:59 - 2015-01-30 12:59 - 00001359 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-01-30 11:33 - 2015-01-30 11:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evernote
2015-01-27 10:59 - 2015-01-27 10:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-22 12:17 - 2015-02-08 10:43 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3911170492-2722250824-168465764-1003UA.job
2015-01-22 12:17 - 2015-02-08 10:43 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3911170492-2722250824-168465764-1003Core.job
2015-01-22 12:16 - 2015-01-22 12:16 - 00880784 _____ (Google Inc.) C:\Users\User\Downloads\ChromeSetup.exe
2015-01-13 19:43 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 19:43 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 19:43 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 19:43 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 19:43 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 19:43 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 19:42 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 19:42 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 19:42 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 19:42 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 19:42 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 19:42 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 19:42 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-12 14:31 - 2015-01-12 14:31 - 00000000 ____D () C:\Users\User\Downloads\qr_code
2015-01-12 14:24 - 2015-01-12 14:24 - 00001411 _____ () C:\Users\User\Downloads\qr_code.zip
2015-01-09 10:54 - 2015-01-09 10:54 - 06388344 _____ (Tim Kosse) C:\Users\User\Downloads\FileZilla_3.10.0_win32-setup.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-08 11:02 - 2013-07-30 13:57 - 00000902 _____ () C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2015-02-08 11:02 - 2012-10-29 13:33 - 00000000 ____D () C:\Users\Wolf\Documents\Outlook-Dateien
2015-02-08 10:57 - 2014-02-07 16:03 - 00000000 ____D () C:\Users\User\AppData\Local\BBB3BACB-1331-4C59-9E6C-C1E084172206.aplzod
2015-02-08 10:57 - 2013-07-30 13:57 - 00000286 _____ () C:\Windows\Tasks\Dealply.job
2015-02-08 10:48 - 2009-07-14 05:45 - 00028320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-08 10:48 - 2009-07-14 05:45 - 00028320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-08 10:45 - 2012-10-26 16:11 - 01573924 _____ () C:\Windows\WindowsUpdate.log
2015-02-08 10:43 - 2012-10-27 02:02 - 00702964 _____ () C:\Windows\system32\perfh007.dat
2015-02-08 10:43 - 2012-10-27 02:02 - 00150604 _____ () C:\Windows\system32\perfc007.dat
2015-02-08 10:43 - 2009-07-14 06:13 - 01629436 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-08 10:42 - 2012-11-29 21:27 - 00000000 ___RD () C:\Users\User\Dropbox
2015-02-08 10:42 - 2012-11-29 21:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\Dropbox
2015-02-08 10:41 - 2014-11-09 18:29 - 00000000 ___RD () C:\Users\User\iCloudDrive
2015-02-08 10:41 - 2014-10-16 15:12 - 00000276 _____ () C:\Windows\Tasks\AbelssoftBackupStart.job
2015-02-08 10:41 - 2013-10-11 09:42 - 00000248 _____ () C:\Windows\Tasks\PC Fresh.job
2015-02-08 10:41 - 2013-07-30 13:57 - 00000898 _____ () C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
2015-02-08 10:41 - 2012-11-05 16:18 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-08 10:38 - 2009-07-14 05:51 - 00231483 _____ () C:\Windows\setupact.log
2015-02-08 10:37 - 2012-10-26 16:23 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-08 10:37 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-08 00:06 - 2012-11-05 16:18 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-07 18:41 - 2012-11-05 15:31 - 00000000 ____D () C:\Users\User\Documents\PhraseExpress
2015-02-06 19:24 - 2012-12-10 15:21 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2015-02-06 15:08 - 2010-11-21 04:47 - 00334944 _____ () C:\Windows\PFRO.log
2015-02-06 14:59 - 2014-05-16 14:25 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-06 14:59 - 2012-11-02 10:41 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-06 14:48 - 2012-10-29 13:42 - 00000000 ____D () C:\Users\Wolf\AppData\Local\Adobe
2015-02-06 14:47 - 2012-12-08 12:52 - 00000272 _____ () C:\Windows\lgfwup.ini
2015-02-06 14:47 - 2012-12-08 12:51 - 00000000 ____D () C:\Program Files (x86)\lg_fwupdate
2015-02-06 14:47 - 2012-10-29 13:51 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\Dropbox
2015-02-06 14:01 - 2013-12-07 12:40 - 00002221 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-04 12:00 - 2012-10-27 11:50 - 00000000 ____D () C:\ProgramData\TEMP
2015-02-04 11:42 - 2013-09-06 10:42 - 00000288 _____ () C:\Windows\Tasks\AdvancedDriverUpdater_UPDATES.job
2015-02-04 10:51 - 2012-11-07 14:56 - 00002995 _____ () C:\Users\User\AppData\Roaming\SAS7_000.DAT
2015-02-03 12:19 - 2014-04-21 10:19 - 00000000 ____D () C:\Users\User\Documents\Ashampoo Burning Studio 12
2015-02-03 12:19 - 2012-11-15 17:48 - 00125440 ___SH () C:\Users\User\Documents\Thumbs.db
2015-02-02 18:09 - 2013-01-07 13:59 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2015-02-02 12:55 - 2014-02-10 17:29 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\Smart Driver Updater
2015-01-30 13:31 - 2012-10-26 16:11 - 00000000 ____D () C:\Users\Wolf
2015-01-30 13:11 - 2012-11-05 15:31 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2015-01-30 13:01 - 2012-10-29 13:42 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\Adobe
2015-01-30 13:00 - 2012-10-29 13:37 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-30 12:59 - 2014-09-21 15:46 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-30 12:56 - 2012-10-29 13:41 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-29 20:41 - 2014-02-08 12:34 - 00007680 _____ () C:\Users\User\Documents\Ordner-breit-Liecke.zdl
2015-01-29 20:41 - 2014-02-06 20:08 - 00008192 _____ () C:\Users\User\Documents\Ordner-Liecke.zdl
2015-01-29 20:39 - 2014-12-29 15:49 - 00000132 _____ () C:\Users\User\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2015-01-27 20:00 - 2012-10-29 15:09 - 795582867 _____ () C:\Windows\MEMORY.DMP
2015-01-27 20:00 - 2012-10-29 15:09 - 00000000 ____D () C:\Windows\Minidump
2015-01-27 20:00 - 2012-10-27 11:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-22 23:01 - 2012-10-27 11:54 - 01602780 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-22 18:47 - 2014-01-16 17:20 - 00000000 ____D () C:\Users\User\Documents\My Digital Editions
2015-01-22 12:23 - 2014-01-14 17:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2015-01-22 12:23 - 2012-11-05 16:18 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2015-01-21 19:04 - 2012-10-29 11:53 - 00000000 ____D () C:\Users\Wolf\Documents\PhraseExpress
2015-01-19 12:58 - 2012-11-14 09:54 - 00000000 ____D () C:\Users\User\Documents\MailStore Home
2015-01-19 12:58 - 2012-11-14 09:53 - 00000000 ____D () C:\ProgramData\firebird
2015-01-15 00:05 - 2013-11-01 12:25 - 00000000 ____D () C:\Users\User\AppData\Local\Abelssoft
2015-01-13 23:42 - 2013-07-16 12:04 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-13 23:31 - 2012-10-27 11:05 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-09 16:25 - 2012-11-13 18:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2015-01-09 11:00 - 2012-11-28 17:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\FileZilla

==================== Files in the root of some directories =======

2009-04-21 09:02 - 2012-10-31 20:10 - 114672640 _____ () C:\Program Files (x86)\Paragon-128-PRG_WinInstallSNx64_9.0.99.9293_000_64BIT.msi
2009-04-21 09:01 - 2012-10-31 20:10 - 115772928 _____ () C:\Program Files (x86)\Paragon-128-PRG_WinInstallSN_9.0.99.9293_000_32BIT.msi
2014-12-29 15:49 - 2015-01-29 20:39 - 0000132 _____ () C:\Users\User\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2013-10-10 12:05 - 2014-11-15 16:41 - 0000096 _____ () C:\Users\User\AppData\Roaming\Camdata.ini
2013-10-10 12:05 - 2014-11-15 16:41 - 0000408 _____ () C:\Users\User\AppData\Roaming\CamLayout.ini
2013-10-10 12:05 - 2014-11-15 16:41 - 0000408 _____ () C:\Users\User\AppData\Roaming\CamShapes.ini
2013-10-10 12:05 - 2014-11-15 16:41 - 0004509 _____ () C:\Users\User\AppData\Roaming\CamStudio.cfg
2013-10-10 15:55 - 2013-10-10 18:12 - 0000098 _____ () C:\Users\User\AppData\Roaming\CamStudio.Producer.command
2013-10-10 16:10 - 2013-10-10 18:14 - 0000000 _____ () C:\Users\User\AppData\Roaming\CamStudio.Producer.Data.ini
2013-10-10 16:10 - 2013-10-10 18:14 - 0001207 _____ () C:\Users\User\AppData\Roaming\CamStudio.Producer.ini
2014-04-26 11:07 - 2014-10-17 10:35 - 0000448 _____ () C:\Users\User\AppData\Roaming\com.appdynamic.airmediaserver.plist
2013-05-04 15:41 - 2013-05-04 16:01 - 0038443 _____ () C:\Users\User\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
2012-11-07 14:56 - 2015-02-04 10:51 - 0002995 _____ () C:\Users\User\AppData\Roaming\SAS7_000.DAT
2012-11-10 15:52 - 2014-12-27 15:34 - 0008704 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-03 20:02 - 2013-10-03 20:02 - 0000000 _____ () C:\Users\User\AppData\Local\{1B8E53E0-D58E-41CC-9289-9D4AE841EA02}
2014-10-02 17:12 - 2014-10-02 17:12 - 0000000 _____ () C:\Users\User\AppData\Local\{61F56323-0902-402F-A26C-90626B8FAE9E}
2014-02-18 15:12 - 2014-02-18 15:12 - 0000000 _____ () C:\Users\User\AppData\Local\{8D386BE5-8679-4312-8C1C-1759550C6A36}
2014-06-17 14:11 - 2014-06-17 14:11 - 0000000 _____ () C:\Users\User\AppData\Local\{E7518FE6-E7B5-4789-9152-4D2B1E0ED038}
2014-10-31 15:37 - 2014-10-31 18:02 - 0003933 _____ () C:\ProgramData\StreamingMediaTechnologyLog.txt

Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjxjwma.dll
C:\Users\User\AppData\Local\Temp\SkypeSetup.exe
C:\Users\User\AppData\Local\Temp\vlc-2.1.5-win64.exe
C:\Users\Wolf\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\Wolf\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Wolf\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Wolf\AppData\Local\Temp\Execute2App.exe
C:\Users\Wolf\AppData\Local\Temp\F-SecureNetworkInstaller.exe
C:\Users\Wolf\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\Wolf\AppData\Local\Temp\FreeAudioEditor.exe
C:\Users\Wolf\AppData\Local\Temp\fsc37E1.tmp.exe
C:\Users\Wolf\AppData\Local\Temp\fsc7E53.tmp.exe
C:\Users\Wolf\AppData\Local\Temp\fscD7E7.tmp.exe
C:\Users\Wolf\AppData\Local\Temp\fscF66F.tmp.exe
C:\Users\Wolf\AppData\Local\Temp\HPDiscoPM5412.dll
C:\Users\Wolf\AppData\Local\Temp\ICReinstall_Windows8_64bit.exe
C:\Users\Wolf\AppData\Local\Temp\Installer.exe
C:\Users\Wolf\AppData\Local\Temp\mgxfonts.exe
C:\Users\Wolf\AppData\Local\Temp\MgxVistaTools.dll
C:\Users\Wolf\AppData\Local\Temp\msvcp90.dll
C:\Users\Wolf\AppData\Local\Temp\msvcr90.dll
C:\Users\Wolf\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Wolf\AppData\Local\Temp\ose00000.exe
C:\Users\Wolf\AppData\Local\Temp\readSTILog.dll
C:\Users\Wolf\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Wolf\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Wolf\AppData\Local\Temp\SetupAssistant.exe
C:\Users\Wolf\AppData\Local\Temp\shutdown1402416774.exe
C:\Users\Wolf\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Wolf\AppData\Local\Temp\SpOrder.dll
C:\Users\Wolf\AppData\Local\Temp\vhnolbao.dll
C:\Users\Wolf\AppData\Local\Temp\vlc-2.1.5-win64.exe
C:\Users\Wolf\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-02-2015
Ran by User at 2015-02-08 11:02:38
Running from C:\Users\User\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Antivirus (Enabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17}
AS: Antivirus (Enabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1-abc.net Database (Remove only) (HKLM-x32\...\1-abc.net Database) (Version:  - )
4Musics Multiformat Converter 5.2 (HKLM-x32\...\4Musics Multiformat Converter 5.2_is1) (Version:  - NeSoft)
AbAlarm (HKLM-x32\...\AbAlarm_is1) (Version: 8.1 - Abelssoft)
Abelssoft Backup (HKLM-x32\...\Abelssoft Backup_is1) (Version: 4.0.5 - Abelssoft)
Acronis*True*Image*Home 2011 (HKLM-x32\...\{257D8E32-4971-4199-BE23-093A00A6DE91}) (Version: 14.0.5041 - Acronis)
Adobe Acrobat  9 Standard - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}) (Version: 9.5.5 - Adobe Systems)
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM-x32\...\{AC76BA86-1033-F400-BA7E-000000000004}_955) (Version:  - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.0.465 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe GoLive CS2 Deutsch (HKLM-x32\...\Adobe GoLive CS2 Deutsch) (Version: 8.0 - Ihr Firmenname)
Adobe InDesign CS2 (HKLM-x32\...\Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}) (Version: 004.000.000 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 13 (HKLM-x32\...\{609818B9-23EB-4196-B466-EFE05E92A32F}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
Advanced Driver Updater (HKLM-x32\...\Advanced Driver Updater_is1) (Version: 2.1.1086.15131 - Systweak Inc)
Air Display Support (HKLM\...\{F51E7212-5D41-4EFA-9E92-BF23C98EBD71}) (Version: 2.0.3.440 - Avatron Software, Inc)
Air Media Server 1.0.19 (HKLM-x32\...\{400007B6-409E-4C11-85DA-1D8C59EA432B}) (Version: 1.0.19 - App Dynamic)
Amazon Kindle (HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Amazon Kindle) (Version:  - Amazon)
Amazon Music (HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 12 v.12.0.5 (HKLM-x32\...\{91B33C97-93EB-244C-F687-71D85E45A206}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 2012 v.10.0.15 (HKLM-x32\...\Ashampoo Burning Studio 2012_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 7 v.7.0.9 (HKLM-x32\...\{C92AB6F1-9C93-0F51-ED50-15ABBCBDD142}_is1) (Version: 7.0.9 - Ashampoo GmbH & Co. KG)
Assistant 5.05.010 (HKLM-x32\...\Assistant) (Version: 5.5.10.0 - Medion)
Audials (HKLM-x32\...\{9116E9E6-E1F9-4835-95B8-31E7F158E9F7}) (Version: 10.0.50301.100 - Audials AG)
AxCrypt 1.7.2931.0 (HKLM\...\{E191812E-F3A0-4F87-98D9-DCD03321278D}) (Version: 1.7.2931.0 - Axantum Software AB)
Belkin Bluetooth Software (HKLM-x32\...\{90535871-81B9-4D99-8A13-A7EE97F2D7FE}) (Version: 3.0.1.912 - WIDCOMM, Inc.)
Bing Bar (HKLM-x32\...\{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}) (Version: 7.1.361.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Boxcryptor 2.0 (HKLM-x32\...\{7719E084-D193-4AF1-B0E7-E347150EB76C}) (Version: 2.0.431.403 - Secomba GmbH)
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{982E1601-0DFC-4FD3-A427-AC6570697858}) (Version: 12.55.01 - Broadcom Corporation)
Buzzdock (HKLM-x32\...\{cfd32d46-7d3f-483f-bace-7172aec5592d}) (Version:  - Alactro LLC) <==== ATTENTION
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
CamStudio version 2.7 (HKLM-x32\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
CHIPDRIVE MyKey (HKLM-x32\...\CHIPDRIVE MyKey_CDInst21) (Version:  - Identive GmbH)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Computer Security 14.99.103.0 (release) (x32 Version: 14.99.103.0 - F-Secure Corporation) Hidden
concept/design onlineTV 8 (HKLM-x32\...\{D2AC7034-15AC-4F62-85BD-1E48021E45D6}_is1) (Version: 8.5.0.20 - concept/design GmbH)
DDBAC (HKLM-x32\...\{021BC94E-D464-4B9D-96F1-C6566B476A71}) (Version: 5.3.3 - DataDesign)
Dealply (HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Dealply) (Version:  - ) <==== ATTENTION
DealPly (remove only) (HKLM-x32\...\DealPly) (Version: 4.8.7.2 - DealPly Technologies Ltd.) <==== ATTENTION
Designer 2.0 (HKLM-x32\...\Designer 2.0_is1) (Version: 7.9.4 - Fomanu AG)
DesignPro 5 (HKLM-x32\...\InstallShield_{AC610C8A-67CB-4633-9211-81A5E104FAD4}) (Version: 5.0.1056 - Avery Dennison)
DesignPro 5 (x32 Version: 5.0.1056 - Avery Dennison) Hidden
Deutsche Post E-Porto (HKLM\...\{AFEF38CC-13B4-45E9-AD68-1A842627B203}) (Version: 2.3.0 - Deutsche Post AG)
Dragon NaturallySpeaking 13 (HKLM-x32\...\{33EA20FB-5389-4938-BA59-2BCD9BB68F41}) (Version: 13.00.000 - Nuance Communications Inc.)
Dropbox (HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
DW 1525 Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 8.0 - Dell)
Elements 10 Organizer (x32 Version: 10.0 - Ihr Firmenname) Hidden
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Evernote v. 5.8.1 (HKLM-x32\...\{4FD2D1C8-8636-11E4-9D21-00163E98E7D6}) (Version: 5.8.1.6061 - Evernote Corp.)
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Free Audio Editor version 1.0.8.128 (HKLM-x32\...\Free Audio Editor_is1) (Version: 1.0.8.128 - DVDVideoSoft Ltd.)
Free M4a to MP3 Converter 8.0 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
F-Secure (HKLM-x32\...\F-Secure ServiceEnabler 666) (Version: 2.15.358.0 - F-Secure Corporation)
F-Secure (x32 Version: 2.15.358.0 - F-Secure Corporation) Hidden
F-Secure CCF Reputation (x32 Version: 2.0.1337.0 - F-Secure) Hidden
F-Secure CCF Scanning 1.51.111.300 (release) (x32 Version: 1.51.111.300 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.02.141 (x32 Version: 1.02.141 - F-Secure Corporation) Hidden
F-Secure SafeSearch 1.03.159.0 (release) (x32 Version: 1.03.159.0 - F-Secure Corporation) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Google+ Auto Backup (HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.06) (Version: 9.06 - Artifex Software Inc.)
GSview 5.0 (HKLM\...\GSview 5.0) (Version: 5.0 - Ghostgum Software Pty Ltd)
Hauppauge WinTV 7 (HKLM-x32\...\Hauppauge WinTV 7) (Version: v7.0.32211 (CD 3.7) - Hauppauge Computer Works)
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{AF43C18E-693D-4126-B190-8F55E3623D5D}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Incomedia WebSite X5 v11 - Evolution Demo (HKLM-x32\...\{F7565F59-64EE-41B6-B159-D7A6224F86F1}_is1) (Version: 11.0.2.14 - Incomedia s.r.l.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.2.50.1050 - Intel Corporation)
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
KeyDepot (HKLM\...\KeyDepot_is1) (Version: 3.00 - Abelssoft)
K-Lite Mega Codec Pack 9.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.2.0 - )
Launcher for Skype (HKLM-x32\...\{82799854-39DF-4EC3-8778-918CE0C81A3F}_is1) (Version: 1.6.8 - binaerkombinat)
LG Burning Tool (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.6009 - CyberLink Corp.)
LG Burning Tool (x32 Version: 6.2.6009 - CyberLink Corp.) Hidden
LG CyberLink BD Advisor (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: 2.0.4606 - CyberLink Corp.)
LG CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2820 - CyberLink Corp.)
LG CyberLink Media Suite (x32 Version: 8.0.2820 - CyberLink Corp.) Hidden
LG CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3424.52 - CyberLink Corp.)
LG CyberLink PowerDVD (x32 Version: 10.0.3424.52 - CyberLink Corp.) Hidden
LG CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3718 - CyberLink Corp.)
LG CyberLink YouCam (x32 Version: 2.0.3718 - CyberLink Corp.) Hidden
LG Tool Kit (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Luminance HDR 2.3.0 (HKLM\...\{7020FC34-6E04-4858-924D-354B28CB2402}_is1) (Version:  - Luminance HDR Dev Team)
Macromedia Dreamweaver 4 (HKLM-x32\...\{ABDA9912-5D00-11D4-BAE7-9367CA097955}) (Version: 4.0 - Macromedia)
Macromedia Extension Manager (HKLM-x32\...\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}) (Version: 1.2 - Macromedia)
MAGIX Foto Manager MX Deluxe (HKLM-x32\...\MAGIX_{6E6FF6CD-9CF3-4434-BB5D-24943FD54FFC}) (Version: 9.0.2.251 - MAGIX AG)
MAGIX Foto Manager MX Deluxe (Version: 9.0.2.251 - MAGIX AG) Hidden
MAGIX Fotos auf DVD easy (HKLM-x32\...\MAGIX_{15551AB4-B400-4F56-8DC1-86655F329206}) (Version: 1.0.3.15 - MAGIX AG)
MAGIX Fotos auf DVD easy (Version: 1.0.3.15 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\{B1FEBE01-42BB-4D05-8180-6C5ABD91E97E}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare 4.3.6.1987 (D) (HKLM-x32\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Slideshow Maker 2 (HKLM-x32\...\MAGIX_{48897B17-3DD2-4BAA-A81D-4E4EA8E9FD51}) (Version: 2.0.1.9 - MAGIX AG)
MAGIX Slideshow Maker 2 (Version: 2.0.1.9 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{E35C4E27-2BA0-40D3-876E-6D3C28DE622D}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video deluxe 15 8.0.0.62 (D) (HKLM-x32\...\MAGIX Video deluxe 15 D) (Version: 8.0.0.62 - MAGIX AG)
MAGIX Video deluxe 17 Plus (HKLM-x32\...\MAGIX_MSI_Videodeluxe17_plus) (Version: 10.0.0.32 - MAGIX AG)
MAGIX Video deluxe 17 Plus (x32 Version: 10.0.0.32 - MAGIX AG) Hidden
MAGIX Video deluxe 2013 Plus (HKLM-x32\...\MAGIX_{2B9CA7F6-64A9-4346-9238-CDC3604A8D66}) (Version: 12.0.0.30 - MAGIX AG)
MAGIX Video deluxe 2013 Plus (Version: 12.0.0.30 - MAGIX AG) Hidden
MAGIX Video deluxe Plus 2013 Update (Version: 12.0.4.2 - MAGIX AG) Hidden
MailStore Home 7.1.0.7815 (HKLM-x32\...\MailStore Home_universal1) (Version: 7.1.0.7815 - MailStore Software GmbH)
Marketsplash Schnellzugriffe (HKLM-x32\...\{7A108EBC-C9DF-4E14-93A8-42CF316F1ECF}) (Version: 1.0.1.7 - Hewlett-Packard)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Outlook 2010 (HKLM-x32\...\Office14.OUTLOOKR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft_VC100_CRT_x64 (HKLM\...\{17106CA8-E65A-4D02-95BE-79AF8C698935}) (Version: 1.0.0 - Microsoft)
MindManager X5 Pro (HKLM-x32\...\{49F4C76E-EB85-4977-BC20-73D17F862014}) (Version: 5.0.878 - Mindjet LLC)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 17.0.2 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.2 (x86 de)) (Version: 17.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
myEcho for Windows 1.0.0.2 (HKLM-x32\...\{AF26BC68-6024-42FA-BDCC-FB1609AB164E}_is1) (Version: 1.0.0.2 - Scott Hanselman and Greg Shackles)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
NetObjects Fusion 12.0 (HKLM-x32\...\{1FC5FB51-567F-484A-99C8-9420BD7A1069}) (Version: 12 German - NetObjects)
NetObjects Fusion 12.0 (x32 Version: 12.00.5000.5222 - NetObjects) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.2 - )
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
NVIDIA 3D Vision Controller-Treiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.49 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.49 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5856 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
OGS Mahjong 1.1.0 (HKLM-x32\...\OGS Mahjong) (Version: 1.1.0 - Opensource Game Studio)
Online Safety 2.115.2783.1598 (x32 Version: 2.115.2783.1598 - F-Secure Corporation) Hidden
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Paragon Partition Manager™ 10.0 Professional (HKLM\...\{A35001F0-F1E4-11DD-A38B-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Fresh (HKLM-x32\...\PC Fresh_is1) (Version: 2014 - (Abelssoft) Ascora GmbH)
Philipp Winterberg - Namibia 2.00 (HKLM-x32\...\Philipp Winterberg - Namibia 2.00) (Version: 2.00 - Philipp Winterberg)
PhraseExpress v10.1.28 (HKLM-x32\...\PhraseExpress_is1) (Version: 10.1.28 - Bartels Media GmbH)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Positive Finds (HKLM-x32\...\Positive Finds) (Version: 2.0.5510.39956 - Positive Finds)
PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
QuickShare (HKLM-x32\...\{CC1C2EE8-8E03-4D79-9758-C208D4438A3E}) (Version: 1.146.60.12450 - Linkury Inc.) <==== ATTENTION
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5953 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.) Hidden
SCR3xxx Smart Card Reader (HKLM-x32\...\{17B0906A-26ED-45D0-B51B-83EF1AADCCFE}) (Version: 8.52 - Identive)
Scribus 1.4.1 (HKLM-x32\...\Scribus 1.4.1) (Version: 1.4.1 - The Scribus Team)
Secunia PSI (3.0.0.7011) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7011 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-001A-0000-0000-0000000FF1CE}_Office14.OUTLOOKR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
simplitec simplicheck (HKLM-x32\...\{183D780B-28F9-41BA-A2CB-605F324A5781}) (Version: 1.3.10.0 - simplitec GmbH)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Smart Driver Updater v3.1 (HKLM-x32\...\Smart Driver Updater_is1) (Version: 3.1 - Avanquest Software)
SmartTools Publishing • Outlook Ferien & Feiertags-Assistent 2014 (HKLM-x32\...\SmartToolsFerien & Feiertags-Assistent 2014v7.00) (Version: v7.00 - SmartTools Publishing)
StarMoney (x32 Version: 3.0.5.8 - StarFinanz) Hidden
StarMoney 8.0  (HKLM-x32\...\{889D72C6-0615-4D55-A010-2FC4B45905FF}) (Version: 8.0 - Star Finanz GmbH)
Studie zur Verbesserung von HP Officejet 6500 E710n-z Produkten (HKLM\...\{E8C633FD-8719-448F-9A55-F04CFDD53E67}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.0 - Krzysztof Kowalczyk)
Suunto Golf Manager (HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\InstallShield_{B9E868EA-FB87-4C44-B3C2-9BE267806404}) (Version: 1.00.0000 - Suunto Oy)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64) (HKLM\...\{4A5A427F-BA39-4BF0-7777-9A47FBE60C9F}) (Version: 11.0.0 - Nuance Communications Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9603 - Broadcom Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinSCP 5.6.4 RC (HKLM-x32\...\winscp3_is1) (Version: 5.6.4 RC - Martin Prikryl)
WinX Free WMV to MP4 Converter 2.0.4 (HKLM-x32\...\WinX Free WMV to MP4 Converter_is1) (Version:  - Digiarty Software,Inc.)
Wuala (HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\Wuala) (Version: 1.0.444.0 - LaCie)
Wuala CBFS (HKLM-x32\...\Wuala CBFS) (Version: 3.2.107.0 - LaCie)
Wuala OverlayIcons (HKLM-x32\...\Wuala OverlayIcons) (Version: 1.0.0.2 - LaCie)
XAMPP (HKU\S-1-5-21-3911170492-2722250824-168465764-1003\...\xampp) (Version: 5.6.3-0 - Bitnami)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

ATTENTION: System Restore is disabled.
Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: C:\Windows\Tasks\AbelssoftBackupStart.job => ?
Task: C:\Windows\Tasks\AdvancedDriverUpdater_UPDATES.job => ?
Task: C:\Windows\Tasks\Dealply.job => ?
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3911170492-2722250824-168465764-1003Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3911170492-2722250824-168465764-1003UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PC Fresh.job => ?

==================== Loaded Modules (whitelisted) ==============

2014-12-19 15:57 - 2014-12-19 15:57 - 01039008 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-25 09:55 - 2013-08-25 09:55 - 00860160 _____ () C:\Program Files\Avatron\Air Display\libGLESv2.dll
2013-08-25 10:10 - 2013-08-25 10:10 - 01043968 _____ () C:\Program Files\Avatron\Air Display\platforms\qwindows.dll
2013-08-25 09:56 - 2013-08-25 09:56 - 00052736 _____ () C:\Program Files\Avatron\Air Display\libEGL.dll
2014-10-12 15:12 - 2014-12-08 07:27 - 06277952 _____ () C:\Users\User\AppData\Local\Amazon Music\Amazon Music Helper.exe
2012-09-13 00:38 - 2012-09-13 00:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2015-02-07 22:33 - 2015-02-07 22:33 - 00701176 _____ () C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\3\plugin.exe
2014-12-19 15:57 - 2014-12-19 15:57 - 05979808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Registry Areas =====================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3911170492-2722250824-168465764-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-3911170492-2722250824-168465764-500 - Administrator - Disabled)
Gast (S-1-5-21-3911170492-2722250824-168465764-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-3911170492-2722250824-168465764-1002 - Limited - Enabled)
User (S-1-5-21-3911170492-2722250824-168465764-1003 - Limited - Enabled) => C:\Users\User
Wolf (S-1-5-21-3911170492-2722250824-168465764-1000 - Administrator - Enabled) => C:\Users\Wolf

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/08/2015 10:38:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/07/2015 06:43:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/07/2015 06:39:39 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054

Error: (02/07/2015 00:28:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8003

Error: (02/07/2015 00:28:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8003

Error: (02/07/2015 00:28:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/07/2015 00:28:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7004

Error: (02/07/2015 00:28:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7004

Error: (02/07/2015 00:28:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/07/2015 00:28:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6006


System errors:
=============
Error: (02/08/2015 10:41:36 AM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Ein an das System angeschlossenes Gerät funktioniert nicht.SCM Microsystems Inc. SCR33x USB Smart Card Reader 00x3136b012 XX XX XX

Error: (02/08/2015 10:41:36 AM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Die Anforderung wird nicht unterstützt.SCM Microsystems Inc. SCR33x USB Smart Card Reader 0GET_ATTRIBUTE03 01 01 00

Error: (02/08/2015 10:39:44 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (02/08/2015 10:39:42 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
BTKRNL

Error: (02/08/2015 10:37:55 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{67c73122-1f7e-11e2-9dc5-806e6f6e6963}" können nicht gelesen werden.

Error: (02/07/2015 06:45:05 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (02/07/2015 06:44:58 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
BTKRNL

Error: (02/07/2015 06:43:09 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Ein an das System angeschlossenes Gerät funktioniert nicht.SCM Microsystems Inc. SCR33x USB Smart Card Reader 00x3136b012 XX XX XX

Error: (02/07/2015 06:43:09 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Die Anforderung wird nicht unterstützt.SCM Microsystems Inc. SCR33x USB Smart Card Reader 0GET_ATTRIBUTE03 01 01 00

Error: (02/07/2015 06:42:24 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{67c73122-1f7e-11e2-9dc5-806e6f6e6963}" können nicht gelesen werden.


Microsoft Office Sessions:
=========================
Error: (02/08/2015 10:38:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/07/2015 06:43:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/07/2015 06:39:39 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054

Error: (02/07/2015 00:28:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8003

Error: (02/07/2015 00:28:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8003

Error: (02/07/2015 00:28:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/07/2015 00:28:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7004

Error: (02/07/2015 00:28:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7004

Error: (02/07/2015 00:28:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/07/2015 00:28:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6006


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU 880 @ 3.07GHz
Percentage of memory in use: 49%
Total physical RAM: 8151.08 MB
Available physical RAM: 4137.82 MB
Total Pagefile: 16300.34 MB
Available Pagefile: 11705.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:443.13 GB) (Free:140.74 GB) NTFS
Drive d: (Daten) (Fixed) (Total:488.28 GB) (Free:402.83 GB) NTFS
Drive x: (Video-Training) (CDROM) (Total:2.59 GB) (Free:0 GB) CDFS
Drive z: (32_00_00) (Fixed) (Total:931.51 GB) (Free:382.9 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================
         
__________________

Alt 08.02.2015, 13:49   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7 (64): positive find ads - Standard

Win7 (64): positive find ads



Zitat:
Ran by User (ATTENTION: The logged in user is not administrator) on WOLF-PC on 08-02-2015 11:01:49
Unsere Tools brauchen Adminrechte

Zukünftig bitte beachten:
Zitat:
Running from C:\Users\User\Downloads
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 08.02.2015, 19:08   #5
Wolf99
 
Win7 (64): positive find ads - Standard

Win7 (64): positive find ads



Sorry, mein Fehler - ich war unaufmerksam.

Also hier der 2. Versuch.

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2015
Ran by Wolf (administrator) on WOLF-PC on 08-02-2015 18:49:29
Running from C:\Users\Wolf\Desktop
Loaded Profiles: Wolf (Available profiles: Wolf & User & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avatron Software) C:\Program Files\Avatron\Air Display\AVTHelper.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation) C:\Program Files (x86)\Belkin\Bluetooth Software\bin\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureDLNA.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureDLNA.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureDLNA.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSHDLL64.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE
() C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugincontainer.exe
() C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\4\Plugin.exe
() C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\3\Plugin.exe
() C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\5\Plugin.exe
() C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\8\Plugin.exe
() C:\Program Files (x86)\Common Files\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Ascora GmbH) C:\Program Files (x86)\PC Fresh\PC Fresh.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Ascora GmbH) C:\Program Files (x86)\Abelssoft Backup\Backup.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Secomba GmbH) C:\Program Files (x86)\BoxCryptor\Boxcryptor.exe
(Smartbar) C:\Users\Wolf\AppData\Local\Smartbar\Application\QuickShare.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Avatron Software, Inc) C:\Program Files\Avatron\Air Display\AirDisplay.exe
(Ashampoo Media GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo Snap 7\ashsnap.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\Ir.exe
(Broadcom Corporation) C:\Program Files (x86)\Belkin\Bluetooth Software\BTTray.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Tracker Software Products) C:\Program Files (x86)\Mindjet\MindManager 5\sys\PDF\GER\W2K\PDFSaver.exe
() C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\3\Plugin.exe
(Bartels Media GmbH) C:\Program Files (x86)\PhraseExpress\phraseexpress.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Acronis) C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(BitLeader) C:\Program Files (x86)\lg_fwupdate\fwupdate.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Identive GmbH) C:\Program Files (x86)\CHIPDRIVE\CHIPDRIVE MyKey\MyKey\MyKey.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(SCM Microsystems) C:\Program Files (x86)\CHIPDRIVE\CHIPDRIVE MyKey\MyKey\SCMSOK.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-06] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [391192 2010-08-02] (Acronis)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5452488 2010-08-02] (Acronis)
HKLM-x32\...\Run: [TrayServer] => C:\Program Files (x86)\MAGIX\Video_deluxe_17_Plus\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [SAOB Monitor] => C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe [2570648 2010-08-02] (Acronis)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-12-08] (Bitleader)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111928 2013-05-03] (Intel Corporation)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [310312 2013-11-26] (F-Secure Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2011-09-28] (cyberlink)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-01-20] (Apple Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [MyKey] => c:\program files (x86)\chipdrive\chipdrive mykey\mykey\mykey.exe [3757000 2012-12-03] (Identive GmbH)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [F-Secure Hoster (666)] => C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2014-07-08] (F-Secure Corporation)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-01-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Run: [BoxCryptor] => C:\Program Files (x86)\BoxCryptor\BoxCryptor.exe [1063680 2014-08-06] (Secomba GmbH)
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Run: [Browser Infrastructure Helper] => C:\Users\Wolf\AppData\Local\Smartbar\Application\QuickShare.exe [20248 2013-09-14] (Smartbar)
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Run: [Smart Driver Updater] => C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe [391792 2013-11-18] (Avanquest Software)
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Run: [Air Display Support] => C:\Program Files\Avatron\Air Display\AirDisplay.exe [4189688 2013-12-04] (Avatron Software, Inc)
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Run: [Boxcryptor.exe] => C:\Program Files (x86)\Boxcryptor\Boxcryptor.exe [1063680 2014-08-06] (Secomba GmbH)
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Run: [AshSnap] => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 7\ashsnap.exe [5728600 2014-09-09] (Ashampoo Media GmbH & Co. KG)
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-18\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Internet Explorer\iexplore.exe [813744 2014-11-27] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk
ShortcutTarget: AutoStart IR.lnk -> C:\Program Files (x86)\WinTV\Ir.exe (Hauppauge Computer Works)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
ShortcutTarget: BTTray.lnk -> C:\Program Files (x86)\Belkin\Bluetooth Software\BTTray.exe (Broadcom Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NewShortcut4.lnk
ShortcutTarget: NewShortcut4.lnk -> C:\Program Files (x86)\Mindjet\MindManager 5\sys\PDF\GER\W2K\PDFSaver.exe (Tracker Software Products)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress.lnk
ShortcutTarget: PhraseExpress.lnk -> C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Bartels Media GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status.lnk
ShortcutTarget: WinTV Recording Status.lnk -> C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe (Hauppauge Computer Works, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Wolf\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Users\Wolf\AppData\Local\Apps\Evernote\Evernote\EvernoteClipper.exe (No File)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Wolf\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
SSODL: EldosMountNotificator-cbfs4 - {A42D514D-60A5-431C-B3F3-8B6FAF92C3AC} - C:\Windows\system32\cbfsMntNtf4.dll (EldoS Corporation)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator-cbfs4 - {A42D514D-60A5-431C-B3F3-8B6FAF92C3AC} - C:\Windows\SysWOW64\cbfsMntNtf4.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [0WualaOverlayIcon1] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Wuala OverlayIcons\OverlayIcon.dll (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon2] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Wuala OverlayIcons\OverlayIcon.dll (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon3] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Wuala OverlayIcons\OverlayIcon.dll (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon4] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Wuala OverlayIcons\OverlayIcon.dll (LaCie AG)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {D3FC7241-7C2F-4DE1-BDA2-D723B7F32CE5} => C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wolf\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wolf\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wolf\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wolf\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs4] -> {A6E6F62E-A5F0-472C-A01D-F9EDFBECD437} => C:\Windows\system32\cbfsMntNtf4.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [1EldosIconOverlay] -> {D3FC7241-7C2F-4DE1-BDA2-D723B7F32CE5} => C:\Windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wolf\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wolf\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wolf\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs4] -> {A6E6F62E-A5F0-472C-A01D-F9EDFBECD437} => C:\Windows\SysWOW64\cbfsMntNtf4.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3911170492-2722250824-168465764-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&q={searchTerms}&installDate=16/10/2013
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=hp&installDate=16/10/2013
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&q={searchTerms}&installDate=16/10/2013
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&q={searchTerms}&installDate=16/10/2013
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&q={searchTerms}&installDate=16/10/2013
SearchScopes: HKU\S-1-5-21-3911170492-2722250824-168465764-1000 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&q={searchTerms}&installDate=16/10/2013
SearchScopes: HKU\S-1-5-21-3911170492-2722250824-168465764-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&q={searchTerms}&installDate=16/10/2013
SearchScopes: HKU\S-1-5-21-3911170492-2722250824-168465764-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-3911170492-2722250824-168465764-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = https://de.search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10048_swoc_campaign_150202__yaie&p={searchTerms}
BHO: QuickShare WidgetEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} ->  No File
BHO: F-Secure Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll (F-Secure Corporation)
BHO: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\dgnriaie_x64.dll (Nuance Communications, Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} ->  No File
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Positive Finds -> {30c85a3d-1d96-4589-b63f-91fb7ef45a41} -> C:\Program Files (x86)\Positive Finds\Extensions\30c85a3d-1d96-4589-b63f-91fb7ef45a41.dll ()
BHO-x32: QuickShare WidgetEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: F-Secure Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll (F-Secure Corporation)
BHO-x32: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\dgnriaie.dll (Nuance Communications, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} ->  No File
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
DPF: HKLM-x32 {65EEE2E1-B8D5-4724-8489-048B551045BF} https://chipkarte.santanderbank.de/Estatico/ALP_EBANDE_SmartCardPres_E/Recursos/SantanderChipcardPlugin2610.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\Windows\SysWOW64\btxppanel.dll (Broadcom Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\img9ts5g.default
FF NewTab: hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=hp&installDate=16/10/2013
FF DefaultSearchEngine: Web Search
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=hp&installDate=16/10/2013
FF Keyword.URL: hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&installDate=16/10/2013&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=10.15.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: nuance.com/DgnRia2_x86_64 -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\npDgnRia2_x64.dll (Nuance Communications, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.dpliveupdate.com/DealPlyLive Update;version=3 -> C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF Plugin-x32: @tools.dpliveupdate.com/DealPlyLive Update;version=9 -> C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: nuance.com/DgnRia2 -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\npDgnRia2.dll (Nuance Communications, Inc.)
FF SearchPlugin: C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\img9ts5g.default\searchplugins\Web Search.xml
FF Extension: DealPly  Shopping - C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\img9ts5g.default\Extensions\{906000a4-88d9-4d52-b209-7a772970d91f} [2013-07-30]
FF Extension: Santander Chipcard Plugin - C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\img9ts5g.default\Extensions\{fd639891-5cc6-45ae-9055-a7a6abb5a7a9} [2015-01-21]
FF Extension: Positive Finds - C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\img9ts5g.default\Extensions\{29e2f58a-a791-4ede-8083-4f6919d1cb6d}.xpi [2015-02-02]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-27]
FF HKLM-x32\...\Firefox\Extensions: [{839dafec-9de6-44cb-92ec-28be76b89c58}] - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https
FF Extension: Browsing Protection - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https [2014-11-13]
FF HKLM-x32\...\Firefox\Extensions: [{FACC66B7-E49F-49ed-997E-66A221FD956D}] - C:\Program Files (x86)\CHIPDRIVE\CHIPDRIVE MyKey\MyKey\FireFox
FF Extension: MyKey Interface - C:\Program Files (x86)\CHIPDRIVE\CHIPDRIVE MyKey\MyKey\FireFox [2014-01-25]
FF HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=hp&installDate=16/10/2013"
CHR DefaultSearchKeyword: Default -> ixquick.com
CHR DefaultSearchURL: Default -> https://ixquick.com/do/search?query={searchTerms}&cat=web&pl=chrome&language=deutsch
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-18]
CHR Extension: (Google Drive) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-18]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-13]
CHR Extension: (YouTube) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-30]
CHR Extension: (Google-Suche) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-30]
CHR Extension: (WGT Golf Challenge) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg [2014-08-10]
CHR Extension: (Dragon Weberweiterung) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddaloccgjfibfpkalenodgehlhkgoahe [2014-10-25]
CHR Extension: (Stoppuhr / Timer) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggnidjbcahhbnleinchgobfnabopeioh [2014-08-10]
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2014-06-18]
CHR Extension: (Skype Click to Call) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-11-04]
CHR Extension: (Google Wallet) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-18]
CHR Extension: (Evernote Web Clipper) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2014-08-10]
CHR Extension: (Google Mail) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-30]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:/Program Files (x86)/F-Secure/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx [2014-06-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [mphpbdjcljebbcnfopfngmfdackbbdgf] - C:\Program Files (x86)\DealPly\DealPly.crx [2013-07-30]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-09] (Adobe Systems) [File not signed]
R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2014-08-31] (Adobe Systems Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 AVTHelper; C:\Program Files\Avatron\Air Display\AVTHelper.exe [237048 2013-12-04] (Avatron Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2227992 2012-11-02] (Broadcom Corporation.)
R2 btwdins; C:\Program Files (x86)\Belkin\Bluetooth Software\bin\btwdins.exe [163840 2004-10-01] (Broadcom Corporation) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink)
S2 dealplylive; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-07-30] (DealPly Technologies Ltd)
S3 dealplylivem; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-07-30] (DealPly Technologies Ltd)
R2 DragonLoggerService; C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe [137280 2014-07-23] (Nuance Communications, Inc.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2012-11-01] (Macrovision Europe Ltd.) [File not signed]
R2 fshoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2014-07-08] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2013-11-26] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [60456 2014-06-24] (F-Secure Corporation)
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [579584 2014-02-14] (Hauppauge Computer Works) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
R2 Service Mgr PositiveFinds; C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugincontainer.exe [577272 2015-02-08] ()
R2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
R2 Update Mgr PositiveFinds; C:\Program Files (x86)\Common Files\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\updater.exe [384760 2015-02-08] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R3 AirDisplay; C:\Windows\System32\DRIVERS\AVVideoCard.sys [15352 2013-12-04] (Windows (R) Win 7 DDK provider)
R3 AirDisplayMirror; C:\Windows\System32\DRIVERS\AVVideoCardMirror.sys [15352 2013-12-04] (Windows (R) Win 7 DDK provider)
R3 AirDisplayWDDM; C:\Windows\System32\DRIVERS\AVWDDMMiniPort.sys [48632 2013-12-04] (Windows (R) Win 7 DDK provider)
S3 ASPI; C:\Windows\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [File not signed]
R0 AVPCIFilter; C:\Windows\System32\DRIVERS\AVPCIFilter.sys [36344 2013-12-04] (Windows (R) Win 7 DDK provider)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [169240 2012-11-02] (Broadcom Corporation.)
S0 BTKRNL; C:\Windows\SysWOW64\drivers\btkrnl.sys [1241482 2004-10-01] (Broadcom Corporation) [File not signed]
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R1 cbfs4; C:\Windows\system32\drivers\cbfs4.sys [387776 2013-11-15] (EldoS Corporation)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [207400 2014-11-30] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [71112 2014-11-30] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-09-09] ()
R0 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [42248 2013-03-01] ()
R3 fsni; C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\fsni64.sys [89640 2014-12-02] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-06-24] ()
R3 hcw88rc5; C:\Windows\System32\Drivers\hcw88rc5.sys [15872 2012-11-20] (Hauppauge Computer Works, Inc.)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37392 2009-04-08] (Paragon Software Group)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-10-22] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-10-22] (RapidSolution Software AG)
R3 S3XXx64; C:\Windows\System32\DRIVERS\S3XXx64.sys [73984 2014-06-16] (Identive)
R0 tdrpman258; C:\Windows\System32\DRIVERS\tdrpm258.sys [1477728 2012-11-04] (Acronis)
R3 vpnpbus; C:\Windows\System32\DRIVERS\vpnpbus.sys [18624 2013-11-15] (EldoS Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-08 18:49 - 2015-02-08 18:49 - 00047188 _____ () C:\Users\Wolf\Desktop\FRST.txt
2015-02-08 11:01 - 2015-02-08 18:49 - 00000000 ____D () C:\FRST
2015-02-08 11:00 - 2015-02-08 11:00 - 02132992 _____ (Farbar) C:\Users\Wolf\Desktop\FRST64.exe
2015-02-06 19:26 - 2015-02-06 19:26 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Wolf\Desktop\SpyHunter-Installer.exe
2015-02-06 14:59 - 2015-02-06 14:59 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-06 14:59 - 2015-02-06 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-06 14:59 - 2015-02-06 14:59 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-06 14:59 - 2015-02-06 14:59 - 00000000 ____D () C:\Program Files\iTunes
2015-02-06 14:59 - 2015-02-06 14:59 - 00000000 ____D () C:\Program Files\iPod
2015-02-06 14:53 - 2015-02-06 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-02-06 14:51 - 2015-02-06 14:51 - 00001895 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2015-02-06 14:51 - 2015-02-06 14:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-02-06 14:51 - 2015-02-06 14:51 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-02-03 19:23 - 2015-02-03 19:23 - 00000000 ____D () C:\Users\User\AppData\Local\Lavasoft
2015-02-03 12:19 - 2015-02-03 12:29 - 00000108 ____H () C:\Users\User\Documents\.picasa.ini
2015-02-03 10:16 - 2015-02-03 10:16 - 00003676 _____ () C:\Windows\System32\Tasks\HP-Online-Aktualisierungsprogramm
2015-02-02 17:44 - 2015-02-02 17:44 - 00049990 ____N () C:\Users\User\Documents\Sprachmemo 013.amr
2015-02-02 14:10 - 2015-02-02 14:10 - 00000000 ____D () C:\Users\User\AppData\Roaming\TuneUp Software
2015-02-02 14:10 - 2015-02-02 14:10 - 00000000 ____D () C:\Users\User\AppData\Local\TuneUp Software
2015-02-02 12:22 - 2015-02-08 15:40 - 00000000 ____D () C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602
2015-02-02 12:22 - 2015-02-02 12:22 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\TuneUp Software
2015-02-02 12:22 - 2015-02-02 12:22 - 00000000 ____D () C:\Users\Wolf\AppData\Local\TuneUp Software
2015-02-02 12:22 - 2015-02-02 12:22 - 00000000 ____D () C:\Program Files (x86)\Positive Finds
2015-02-02 12:21 - 2015-02-02 12:23 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-02-02 12:21 - 2015-02-02 12:21 - 00001460 _____ () C:\Users\Public\Desktop\Free Audio Editor.lnk
2015-02-02 12:21 - 2015-02-02 12:21 - 00001297 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-02-02 12:21 - 2015-02-02 12:21 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-02-02 12:21 - 2015-02-02 12:21 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\FreeAudioEditor
2015-02-02 12:21 - 2015-02-02 12:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-02-02 12:20 - 2015-02-02 12:20 - 00005128 _____ () C:\Windows\SysWOW64\LavasoftTcpService.ini
2015-02-02 12:20 - 2015-02-02 12:20 - 00002824 _____ () C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-02-02 12:20 - 2015-02-02 12:20 - 00002824 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-02-02 12:20 - 2015-01-23 06:39 - 00378832 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-02-02 12:20 - 2015-01-23 06:39 - 00332216 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-02-02 12:18 - 2015-02-02 12:21 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-02-02 12:18 - 2015-02-02 12:18 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\RHEng
2015-02-02 12:17 - 2015-02-02 12:21 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\DVDVideoSoft
2015-02-02 12:15 - 2015-02-02 12:15 - 03529672 _____ (DVDVideoSoft Ltd. ) C:\Users\Wolf\Downloads\FreeAudioEditor.exe
2015-02-02 11:52 - 2015-02-02 11:53 - 00308709 _____ () C:\Users\User\Downloads\mp3DC220.exe
2015-01-31 18:25 - 2015-02-01 00:10 - 00000262 _____ () C:\Users\User\Documents\Beisitzer.csv
2015-01-30 13:30 - 2015-01-30 13:30 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-30 13:30 - 2015-01-30 13:30 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-30 13:25 - 2015-01-30 13:25 - 00960176 _____ (Adobe Systems Incorporated) C:\Users\Wolf\Downloads\flashplayer16_uninstall_win.exe
2015-01-30 13:00 - 2015-01-30 13:00 - 00000000 ___RD () C:\Users\Wolf\Creative Cloud Files
2015-01-30 12:59 - 2015-01-30 12:59 - 00001371 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-01-30 12:59 - 2015-01-30 12:59 - 00001359 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-01-30 11:33 - 2015-01-30 11:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evernote
2015-01-27 20:00 - 2015-01-27 20:00 - 01139872 _____ () C:\Windows\Minidump\012715-31403-01.dmp
2015-01-27 10:59 - 2015-01-27 10:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-22 12:17 - 2015-02-08 18:43 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3911170492-2722250824-168465764-1003UA.job
2015-01-22 12:17 - 2015-02-08 10:43 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3911170492-2722250824-168465764-1003Core.job
2015-01-22 12:17 - 2015-02-07 10:38 - 00004084 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3911170492-2722250824-168465764-1003UA
2015-01-22 12:17 - 2015-02-07 10:38 - 00003688 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3911170492-2722250824-168465764-1003Core
2015-01-22 12:16 - 2015-01-22 12:16 - 00880784 _____ (Google Inc.) C:\Users\User\Downloads\ChromeSetup.exe
2015-01-13 19:43 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 19:43 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 19:43 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 19:43 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 19:43 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 19:43 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 19:42 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 19:42 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 19:42 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 19:42 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 19:42 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 19:42 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 19:42 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-12 14:31 - 2015-01-12 14:31 - 00000000 ____D () C:\Users\User\Downloads\qr_code
2015-01-12 14:24 - 2015-01-12 14:24 - 00001411 _____ () C:\Users\User\Downloads\qr_code.zip
2015-01-09 10:54 - 2015-01-09 10:54 - 06388344 _____ (Tim Kosse) C:\Users\User\Downloads\FileZilla_3.10.0_win32-setup.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-08 18:49 - 2012-10-26 16:11 - 01590608 _____ () C:\Windows\WindowsUpdate.log
2015-02-08 18:40 - 2012-12-08 12:51 - 00000000 ____D () C:\Program Files (x86)\lg_fwupdate
2015-02-08 18:40 - 2012-10-29 13:51 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\Dropbox
2015-02-08 18:40 - 2012-10-29 13:42 - 00000000 ____D () C:\Users\Wolf\AppData\Local\Adobe
2015-02-08 18:39 - 2014-10-16 15:12 - 00000276 _____ () C:\Windows\Tasks\AbelssoftBackupStart.job
2015-02-08 18:39 - 2013-10-11 09:42 - 00000248 _____ () C:\Windows\Tasks\PC Fresh.job
2015-02-08 18:39 - 2013-07-30 13:57 - 00000898 _____ () C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
2015-02-08 18:39 - 2012-12-08 12:52 - 00000272 _____ () C:\Windows\lgfwup.ini
2015-02-08 18:39 - 2012-11-05 16:18 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-08 18:39 - 2012-11-05 15:31 - 00000000 ____D () C:\Users\User\Documents\PhraseExpress
2015-02-08 18:06 - 2012-11-05 16:18 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-08 18:02 - 2013-07-30 13:57 - 00000902 _____ () C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2015-02-08 17:57 - 2013-07-30 13:57 - 00000286 _____ () C:\Windows\Tasks\Dealply.job
2015-02-08 16:46 - 2014-02-07 16:03 - 00000000 ____D () C:\Users\User\AppData\Local\BBB3BACB-1331-4C59-9E6C-C1E084172206.aplzod
2015-02-08 11:02 - 2012-10-29 13:33 - 00000000 ____D () C:\Users\Wolf\Documents\Outlook-Dateien
2015-02-08 10:48 - 2009-07-14 05:45 - 00028320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-08 10:48 - 2009-07-14 05:45 - 00028320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-08 10:43 - 2012-10-27 02:02 - 00702964 _____ () C:\Windows\system32\perfh007.dat
2015-02-08 10:43 - 2012-10-27 02:02 - 00150604 _____ () C:\Windows\system32\perfc007.dat
2015-02-08 10:43 - 2009-07-14 06:13 - 01629436 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-08 10:42 - 2012-11-29 21:27 - 00000000 ___RD () C:\Users\User\Dropbox
2015-02-08 10:42 - 2012-11-29 21:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\Dropbox
2015-02-08 10:41 - 2014-11-09 18:29 - 00000000 ___RD () C:\Users\User\iCloudDrive
2015-02-08 10:38 - 2009-07-14 05:51 - 00231483 _____ () C:\Windows\setupact.log
2015-02-08 10:37 - 2012-10-26 16:23 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-08 10:37 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-07 23:01 - 2012-11-05 16:18 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-07 23:01 - 2012-11-05 16:18 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-06 19:24 - 2012-12-10 15:21 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2015-02-06 15:08 - 2010-11-21 04:47 - 00334944 _____ () C:\Windows\PFRO.log
2015-02-06 14:59 - 2014-05-16 14:25 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-06 14:59 - 2012-11-02 10:41 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-06 14:01 - 2013-12-07 12:40 - 00002221 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-04 12:00 - 2012-10-27 11:50 - 00000000 ____D () C:\ProgramData\TEMP
2015-02-04 11:42 - 2013-09-06 10:42 - 00000288 _____ () C:\Windows\Tasks\AdvancedDriverUpdater_UPDATES.job
2015-02-04 10:51 - 2012-11-07 14:56 - 00002995 _____ () C:\Users\User\AppData\Roaming\SAS7_000.DAT
2015-02-03 12:19 - 2014-04-21 10:19 - 00000000 ____D () C:\Users\User\Documents\Ashampoo Burning Studio 12
2015-02-03 12:19 - 2012-11-15 17:48 - 00125440 ___SH () C:\Users\User\Documents\Thumbs.db
2015-02-02 18:09 - 2013-01-07 13:59 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2015-02-02 12:55 - 2014-02-10 17:29 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\Smart Driver Updater
2015-01-30 13:31 - 2012-10-26 16:11 - 00000000 ____D () C:\Users\Wolf
2015-01-30 13:11 - 2012-11-05 15:31 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2015-01-30 13:01 - 2012-10-29 13:42 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\Adobe
2015-01-30 13:00 - 2012-10-29 13:37 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-30 12:59 - 2014-09-21 15:46 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-30 12:56 - 2012-10-29 13:41 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-29 20:41 - 2014-02-08 12:34 - 00007680 _____ () C:\Users\User\Documents\Ordner-breit-Liecke.zdl
2015-01-29 20:41 - 2014-02-06 20:08 - 00008192 _____ () C:\Users\User\Documents\Ordner-Liecke.zdl
2015-01-29 20:39 - 2014-12-29 15:49 - 00000132 _____ () C:\Users\User\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2015-01-27 20:00 - 2012-10-29 15:09 - 795582867 _____ () C:\Windows\MEMORY.DMP
2015-01-27 20:00 - 2012-10-29 15:09 - 00000000 ____D () C:\Windows\Minidump
2015-01-27 20:00 - 2012-10-27 11:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-22 23:01 - 2012-10-27 11:54 - 01602780 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-22 18:47 - 2014-01-16 17:20 - 00000000 ____D () C:\Users\User\Documents\My Digital Editions
2015-01-22 12:23 - 2014-01-14 17:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2015-01-22 12:23 - 2012-11-05 16:18 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2015-01-21 19:04 - 2012-10-29 11:53 - 00000000 ____D () C:\Users\Wolf\Documents\PhraseExpress
2015-01-19 12:58 - 2012-11-14 09:54 - 00000000 ____D () C:\Users\User\Documents\MailStore Home
2015-01-19 12:58 - 2012-11-14 09:53 - 00000000 ____D () C:\ProgramData\firebird
2015-01-15 00:05 - 2013-11-01 12:25 - 00000000 ____D () C:\Users\User\AppData\Local\Abelssoft
2015-01-13 23:42 - 2013-07-16 12:04 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-13 23:31 - 2012-10-27 11:05 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-09 16:25 - 2012-11-13 18:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2015-01-09 11:00 - 2012-11-28 17:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\FileZilla

==================== Files in the root of some directories =======

2009-04-21 09:02 - 2012-10-31 20:10 - 114672640 _____ () C:\Program Files (x86)\Paragon-128-PRG_WinInstallSNx64_9.0.99.9293_000_64BIT.msi
2009-04-21 09:01 - 2012-10-31 20:10 - 115772928 _____ () C:\Program Files (x86)\Paragon-128-PRG_WinInstallSN_9.0.99.9293_000_32BIT.msi
2014-10-16 19:33 - 2014-10-20 14:08 - 0000096 _____ () C:\Users\Wolf\AppData\Roaming\Camdata.ini
2014-10-16 19:33 - 2014-10-20 14:08 - 0000408 _____ () C:\Users\Wolf\AppData\Roaming\CamLayout.ini
2014-10-16 19:33 - 2014-10-20 14:08 - 0000408 _____ () C:\Users\Wolf\AppData\Roaming\CamShapes.ini
2014-10-16 19:33 - 2014-10-20 14:08 - 0004509 _____ () C:\Users\Wolf\AppData\Roaming\CamStudio.cfg
2012-10-29 13:25 - 2014-08-22 15:44 - 0002514 _____ () C:\Users\Wolf\AppData\Roaming\SAS7_000.DAT
2014-12-27 14:48 - 2014-12-27 14:48 - 0000600 _____ () C:\Users\Wolf\AppData\Roaming\winscp.rnd
2013-10-30 09:30 - 2013-10-30 10:18 - 0003584 _____ () C:\Users\Wolf\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-02-05 17:19 - 2013-02-05 17:19 - 0007597 _____ () C:\Users\Wolf\AppData\Local\Resmon.ResmonCfg
2014-10-31 15:37 - 2014-10-31 18:02 - 0003933 _____ () C:\ProgramData\StreamingMediaTechnologyLog.txt

Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjxjwma.dll
C:\Users\User\AppData\Local\Temp\SkypeSetup.exe
C:\Users\User\AppData\Local\Temp\vlc-2.1.5-win64.exe
C:\Users\Wolf\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\Wolf\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Wolf\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Wolf\AppData\Local\Temp\Execute2App.exe
C:\Users\Wolf\AppData\Local\Temp\F-SecureNetworkInstaller.exe
C:\Users\Wolf\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\Wolf\AppData\Local\Temp\FreeAudioEditor.exe
C:\Users\Wolf\AppData\Local\Temp\fsc37E1.tmp.exe
C:\Users\Wolf\AppData\Local\Temp\fsc7E53.tmp.exe
C:\Users\Wolf\AppData\Local\Temp\fscD7E7.tmp.exe
C:\Users\Wolf\AppData\Local\Temp\fscF66F.tmp.exe
C:\Users\Wolf\AppData\Local\Temp\HPDiscoPM5412.dll
C:\Users\Wolf\AppData\Local\Temp\ICReinstall_Windows8_64bit.exe
C:\Users\Wolf\AppData\Local\Temp\Installer.exe
C:\Users\Wolf\AppData\Local\Temp\mgxfonts.exe
C:\Users\Wolf\AppData\Local\Temp\MgxVistaTools.dll
C:\Users\Wolf\AppData\Local\Temp\msvcp90.dll
C:\Users\Wolf\AppData\Local\Temp\msvcr90.dll
C:\Users\Wolf\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Wolf\AppData\Local\Temp\ose00000.exe
C:\Users\Wolf\AppData\Local\Temp\readSTILog.dll
C:\Users\Wolf\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Wolf\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Wolf\AppData\Local\Temp\SetupAssistant.exe
C:\Users\Wolf\AppData\Local\Temp\shutdown1402416774.exe
C:\Users\Wolf\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Wolf\AppData\Local\Temp\SpOrder.dll
C:\Users\Wolf\AppData\Local\Temp\vhnolbao.dll
C:\Users\Wolf\AppData\Local\Temp\vlc-2.1.5-win64.exe
C:\Users\Wolf\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-03 00:14

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-02-2015
Ran by Wolf at 2015-02-08 18:50:09
Running from C:\Users\Wolf\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Antivirus (Enabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17}
AS: Antivirus (Enabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1-abc.net Database (Remove only) (HKLM-x32\...\1-abc.net Database) (Version:  - )
4Musics Multiformat Converter 5.2 (HKLM-x32\...\4Musics Multiformat Converter 5.2_is1) (Version:  - NeSoft)
AbAlarm (HKLM-x32\...\AbAlarm_is1) (Version: 8.1 - Abelssoft)
Abelssoft Backup (HKLM-x32\...\Abelssoft Backup_is1) (Version: 4.0.5 - Abelssoft)
Acronis*True*Image*Home 2011 (HKLM-x32\...\{257D8E32-4971-4199-BE23-093A00A6DE91}) (Version: 14.0.5041 - Acronis)
Adobe Acrobat  9 Standard - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}) (Version: 9.5.5 - Adobe Systems)
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM-x32\...\{AC76BA86-1033-F400-BA7E-000000000004}_955) (Version:  - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.0.465 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe GoLive CS2 Deutsch (HKLM-x32\...\Adobe GoLive CS2 Deutsch) (Version: 8.0 - Ihr Firmenname)
Adobe InDesign CS2 (HKLM-x32\...\Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}) (Version: 004.000.000 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 13 (HKLM-x32\...\{609818B9-23EB-4196-B466-EFE05E92A32F}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
Advanced Driver Updater (HKLM-x32\...\Advanced Driver Updater_is1) (Version: 2.1.1086.15131 - Systweak Inc)
Air Display Support (HKLM\...\{F51E7212-5D41-4EFA-9E92-BF23C98EBD71}) (Version: 2.0.3.440 - Avatron Software, Inc)
Air Media Server 1.0.19 (HKLM-x32\...\{400007B6-409E-4C11-85DA-1D8C59EA432B}) (Version: 1.0.19 - App Dynamic)
Apple Application Support (32-Bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 12 v.12.0.5 (HKLM-x32\...\{91B33C97-93EB-244C-F687-71D85E45A206}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 2012 v.10.0.15 (HKLM-x32\...\Ashampoo Burning Studio 2012_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 7 v.7.0.9 (HKLM-x32\...\{C92AB6F1-9C93-0F51-ED50-15ABBCBDD142}_is1) (Version: 7.0.9 - Ashampoo GmbH & Co. KG)
Assistant 5.05.010 (HKLM-x32\...\Assistant) (Version: 5.5.10.0 - Medion)
Audials (HKLM-x32\...\{9116E9E6-E1F9-4835-95B8-31E7F158E9F7}) (Version: 10.0.50301.100 - Audials AG)
AxCrypt 1.7.2931.0 (HKLM\...\{E191812E-F3A0-4F87-98D9-DCD03321278D}) (Version: 1.7.2931.0 - Axantum Software AB)
Belkin Bluetooth Software (HKLM-x32\...\{90535871-81B9-4D99-8A13-A7EE97F2D7FE}) (Version: 3.0.1.912 - WIDCOMM, Inc.)
Bing Bar (HKLM-x32\...\{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}) (Version: 7.1.361.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Boxcryptor 2.0 (HKLM-x32\...\{7719E084-D193-4AF1-B0E7-E347150EB76C}) (Version: 2.0.431.403 - Secomba GmbH)
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{982E1601-0DFC-4FD3-A427-AC6570697858}) (Version: 12.55.01 - Broadcom Corporation)
Buzzdock (HKLM-x32\...\{cfd32d46-7d3f-483f-bace-7172aec5592d}) (Version:  - Alactro LLC) <==== ATTENTION
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
CamStudio version 2.7 (HKLM-x32\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
CHIPDRIVE MyKey (HKLM-x32\...\CHIPDRIVE MyKey_CDInst21) (Version:  - Identive GmbH)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Computer Security 14.99.103.0 (release) (x32 Version: 14.99.103.0 - F-Secure Corporation) Hidden
concept/design onlineTV 8 (HKLM-x32\...\{D2AC7034-15AC-4F62-85BD-1E48021E45D6}_is1) (Version: 8.5.0.20 - concept/design GmbH)
DDBAC (HKLM-x32\...\{021BC94E-D464-4B9D-96F1-C6566B476A71}) (Version: 5.3.3 - DataDesign)
Dealply (HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Dealply) (Version:  - ) <==== ATTENTION
DealPly (remove only) (HKLM-x32\...\DealPly) (Version: 4.8.7.2 - DealPly Technologies Ltd.) <==== ATTENTION
Designer 2.0 (HKLM-x32\...\Designer 2.0_is1) (Version: 7.9.4 - Fomanu AG)
DesignPro 5 (HKLM-x32\...\InstallShield_{AC610C8A-67CB-4633-9211-81A5E104FAD4}) (Version: 5.0.1056 - Avery Dennison)
DesignPro 5 (x32 Version: 5.0.1056 - Avery Dennison) Hidden
Deutsche Post E-Porto (HKLM\...\{AFEF38CC-13B4-45E9-AD68-1A842627B203}) (Version: 2.3.0 - Deutsche Post AG)
Dragon NaturallySpeaking 13 (HKLM-x32\...\{33EA20FB-5389-4938-BA59-2BCD9BB68F41}) (Version: 13.00.000 - Nuance Communications Inc.)
Dropbox (HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Dropbox) (Version: 1.6.16 - Dropbox, Inc.)
DW 1525 Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 8.0 - Dell)
Elements 10 Organizer (x32 Version: 10.0 - Ihr Firmenname) Hidden
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Evernote v. 5.8.1 (HKLM-x32\...\{4FD2D1C8-8636-11E4-9D21-00163E98E7D6}) (Version: 5.8.1.6061 - Evernote Corp.)
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Free Audio Editor version 1.0.8.128 (HKLM-x32\...\Free Audio Editor_is1) (Version: 1.0.8.128 - DVDVideoSoft Ltd.)
Free M4a to MP3 Converter 8.0 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
F-Secure (HKLM-x32\...\F-Secure ServiceEnabler 666) (Version: 2.15.358.0 - F-Secure Corporation)
F-Secure (x32 Version: 2.15.358.0 - F-Secure Corporation) Hidden
F-Secure CCF Reputation (x32 Version: 2.0.1337.0 - F-Secure) Hidden
F-Secure CCF Scanning 1.51.111.300 (release) (x32 Version: 1.51.111.300 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.02.141 (x32 Version: 1.02.141 - F-Secure Corporation) Hidden
F-Secure SafeSearch 1.03.159.0 (release) (x32 Version: 1.03.159.0 - F-Secure Corporation) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.06) (Version: 9.06 - Artifex Software Inc.)
GSview 5.0 (HKLM\...\GSview 5.0) (Version: 5.0 - Ghostgum Software Pty Ltd)
Hauppauge WinTV 7 (HKLM-x32\...\Hauppauge WinTV 7) (Version: v7.0.32211 (CD 3.7) - Hauppauge Computer Works)
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{AF43C18E-693D-4126-B190-8F55E3623D5D}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Incomedia WebSite X5 v11 - Evolution Demo (HKLM-x32\...\{F7565F59-64EE-41B6-B159-D7A6224F86F1}_is1) (Version: 11.0.2.14 - Incomedia s.r.l.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.2.50.1050 - Intel Corporation)
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
KeyDepot (HKLM\...\KeyDepot_is1) (Version: 3.00 - Abelssoft)
K-Lite Mega Codec Pack 9.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.2.0 - )
Launcher for Skype (HKLM-x32\...\{82799854-39DF-4EC3-8778-918CE0C81A3F}_is1) (Version: 1.6.8 - binaerkombinat)
LG Burning Tool (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.6009 - CyberLink Corp.)
LG Burning Tool (x32 Version: 6.2.6009 - CyberLink Corp.) Hidden
LG CyberLink BD Advisor (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: 2.0.4606 - CyberLink Corp.)
LG CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2820 - CyberLink Corp.)
LG CyberLink Media Suite (x32 Version: 8.0.2820 - CyberLink Corp.) Hidden
LG CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3424.52 - CyberLink Corp.)
LG CyberLink PowerDVD (x32 Version: 10.0.3424.52 - CyberLink Corp.) Hidden
LG CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3718 - CyberLink Corp.)
LG CyberLink YouCam (x32 Version: 2.0.3718 - CyberLink Corp.) Hidden
LG Tool Kit (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Luminance HDR 2.3.0 (HKLM\...\{7020FC34-6E04-4858-924D-354B28CB2402}_is1) (Version:  - Luminance HDR Dev Team)
Macromedia Dreamweaver 4 (HKLM-x32\...\{ABDA9912-5D00-11D4-BAE7-9367CA097955}) (Version: 4.0 - Macromedia)
Macromedia Extension Manager (HKLM-x32\...\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}) (Version: 1.2 - Macromedia)
MAGIX Foto Manager MX Deluxe (HKLM-x32\...\MAGIX_{6E6FF6CD-9CF3-4434-BB5D-24943FD54FFC}) (Version: 9.0.2.251 - MAGIX AG)
MAGIX Foto Manager MX Deluxe (Version: 9.0.2.251 - MAGIX AG) Hidden
MAGIX Fotos auf DVD easy (HKLM-x32\...\MAGIX_{15551AB4-B400-4F56-8DC1-86655F329206}) (Version: 1.0.3.15 - MAGIX AG)
MAGIX Fotos auf DVD easy (Version: 1.0.3.15 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\{B1FEBE01-42BB-4D05-8180-6C5ABD91E97E}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare 4.3.6.1987 (D) (HKLM-x32\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Slideshow Maker 2 (HKLM-x32\...\MAGIX_{48897B17-3DD2-4BAA-A81D-4E4EA8E9FD51}) (Version: 2.0.1.9 - MAGIX AG)
MAGIX Slideshow Maker 2 (Version: 2.0.1.9 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{E35C4E27-2BA0-40D3-876E-6D3C28DE622D}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video deluxe 15 8.0.0.62 (D) (HKLM-x32\...\MAGIX Video deluxe 15 D) (Version: 8.0.0.62 - MAGIX AG)
MAGIX Video deluxe 17 Plus (HKLM-x32\...\MAGIX_MSI_Videodeluxe17_plus) (Version: 10.0.0.32 - MAGIX AG)
MAGIX Video deluxe 17 Plus (x32 Version: 10.0.0.32 - MAGIX AG) Hidden
MAGIX Video deluxe 2013 Plus (HKLM-x32\...\MAGIX_{2B9CA7F6-64A9-4346-9238-CDC3604A8D66}) (Version: 12.0.0.30 - MAGIX AG)
MAGIX Video deluxe 2013 Plus (Version: 12.0.0.30 - MAGIX AG) Hidden
MAGIX Video deluxe Plus 2013 Update (Version: 12.0.4.2 - MAGIX AG) Hidden
MailStore Home 7.1.0.7815 (HKLM-x32\...\MailStore Home_universal1) (Version: 7.1.0.7815 - MailStore Software GmbH)
Marketsplash Schnellzugriffe (HKLM-x32\...\{7A108EBC-C9DF-4E14-93A8-42CF316F1ECF}) (Version: 1.0.1.7 - Hewlett-Packard)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook 2010 (HKLM-x32\...\Office14.OUTLOOKR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft_VC100_CRT_x64 (HKLM\...\{17106CA8-E65A-4D02-95BE-79AF8C698935}) (Version: 1.0.0 - Microsoft)
MindManager X5 Pro (HKLM-x32\...\{49F4C76E-EB85-4977-BC20-73D17F862014}) (Version: 5.0.878 - Mindjet LLC)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 17.0.2 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.2 (x86 de)) (Version: 17.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
myEcho for Windows 1.0.0.2 (HKLM-x32\...\{AF26BC68-6024-42FA-BDCC-FB1609AB164E}_is1) (Version: 1.0.0.2 - Scott Hanselman and Greg Shackles)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
NetObjects Fusion 12.0 (HKLM-x32\...\{1FC5FB51-567F-484A-99C8-9420BD7A1069}) (Version: 12 German - NetObjects)
NetObjects Fusion 12.0 (x32 Version: 12.00.5000.5222 - NetObjects) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.2 - )
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
NVIDIA 3D Vision Controller-Treiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.49 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.49 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5856 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
OGS Mahjong 1.1.0 (HKLM-x32\...\OGS Mahjong) (Version: 1.1.0 - Opensource Game Studio)
Online Safety 2.115.2783.1598 (x32 Version: 2.115.2783.1598 - F-Secure Corporation) Hidden
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Paragon Partition Manager™ 10.0 Professional (HKLM\...\{A35001F0-F1E4-11DD-A38B-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Fresh (HKLM-x32\...\PC Fresh_is1) (Version: 2014 - (Abelssoft) Ascora GmbH)
Philipp Winterberg - Namibia 2.00 (HKLM-x32\...\Philipp Winterberg - Namibia 2.00) (Version: 2.00 - Philipp Winterberg)
PhraseExpress v10.1.28 (HKLM-x32\...\PhraseExpress_is1) (Version: 10.1.28 - Bartels Media GmbH)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Positive Finds (HKLM-x32\...\Positive Finds) (Version: 2.0.5510.39956 - Positive Finds)
PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
QuickShare (HKLM-x32\...\{CC1C2EE8-8E03-4D79-9758-C208D4438A3E}) (Version: 1.146.60.12450 - Linkury Inc.) <==== ATTENTION
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5953 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.) Hidden
SCR3xxx Smart Card Reader (HKLM-x32\...\{17B0906A-26ED-45D0-B51B-83EF1AADCCFE}) (Version: 8.52 - Identive)
Scribus 1.4.1 (HKLM-x32\...\Scribus 1.4.1) (Version: 1.4.1 - The Scribus Team)
Secunia PSI (3.0.0.7011) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7011 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-001A-0000-0000-0000000FF1CE}_Office14.OUTLOOKR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
simplitec simplicheck (HKLM-x32\...\{183D780B-28F9-41BA-A2CB-605F324A5781}) (Version: 1.3.10.0 - simplitec GmbH)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Smart Driver Updater v3.1 (HKLM-x32\...\Smart Driver Updater_is1) (Version: 3.1 - Avanquest Software)
SmartTools Publishing • Outlook Ferien & Feiertags-Assistent 2014 (HKLM-x32\...\SmartToolsFerien & Feiertags-Assistent 2014v7.00) (Version: v7.00 - SmartTools Publishing)
StarMoney (x32 Version: 3.0.5.8 - StarFinanz) Hidden
StarMoney 8.0  (HKLM-x32\...\{889D72C6-0615-4D55-A010-2FC4B45905FF}) (Version: 8.0 - Star Finanz GmbH)
Studie zur Verbesserung von HP Officejet 6500 E710n-z Produkten (HKLM\...\{E8C633FD-8719-448F-9A55-F04CFDD53E67}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.0 - Krzysztof Kowalczyk)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64) (HKLM\...\{4A5A427F-BA39-4BF0-7777-9A47FBE60C9F}) (Version: 11.0.0 - Nuance Communications Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9603 - Broadcom Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinSCP 5.6.4 RC (HKLM-x32\...\winscp3_is1) (Version: 5.6.4 RC - Martin Prikryl)
WinX Free WMV to MP4 Converter 2.0.4 (HKLM-x32\...\WinX Free WMV to MP4 Converter_is1) (Version:  - Digiarty Software,Inc.)
Wuala CBFS (HKLM-x32\...\Wuala CBFS) (Version: 3.2.107.0 - LaCie)
Wuala OverlayIcons (HKLM-x32\...\Wuala OverlayIcons) (Version: 1.0.0.2 - LaCie)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3911170492-2722250824-168465764-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Wolf\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3911170492-2722250824-168465764-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wolf\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3911170492-2722250824-168465764-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wolf\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3911170492-2722250824-168465764-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wolf\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3911170492-2722250824-168465764-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wolf\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)

==================== Restore Points  =========================

30-01-2015 12:57:22 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
30-01-2015 12:57:41 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
30-01-2015 12:58:16 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
30-01-2015 12:58:57 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
02-02-2015 12:17:31 DVDVideoSoftRestorePoint
02-02-2015 12:19:01 LavasoftWeCompanion
06-02-2015 15:01:34 TuneUp Utilities 2014 wird entfernt
06-02-2015 15:02:36 TuneUp Utilities 2014 (de-DE) wird entfernt
06-02-2015 15:04:12 LavasoftWeCompanion

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0021FC1F-3D19-4B38-9DDB-2E9866A74868} - System32\Tasks\AdvancedDriverUpdater_UPDATES => C:\Program Files (x86)\Advanced Driver Updater\adu.exe [2013-03-08] (Systweak Inc)
Task: {21EF784C-8BF7-4FAC-8090-D3BC81F6A473} - System32\Tasks\PC Fresh => C:\Program Files (x86)\PC Fresh\PC Fresh.exe [2013-09-12] (Ascora GmbH)
Task: {3676996A-5784-4559-BB37-2D239BADDC0E} - System32\Tasks\{3A890FA0-7EC7-402D-8340-12EE6D15AA52} => pcalua.exe -a C:\Users\User\Downloads\template_calendar_basic(1).exe -d C:\Users\User\Downloads
Task: {55277DCC-F48D-4B65-8D19-EF861C63991A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05] (Google Inc.)
Task: {5ED12BD1-8BC3-487B-8BDA-AE809C7BF353} - System32\Tasks\Abelssoft\Alarm-ID_635316855851413413 => C:\Program Files (x86)\AbAlarm\AbAlarm.exe [2014-03-26] (Ascora GmbH)
Task: {6CF42AD4-1E63-4D87-AC00-C2A93A413248} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {6ED4D75F-2C06-4F1A-9362-DF6CAB7C5392} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3911170492-2722250824-168465764-1003UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2015-01-22] (Google Inc.)
Task: {6FA3BD53-4197-430D-A796-C6AAADDBDE4A} - System32\Tasks\Dealply => C:\Users\Wolf\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {71866212-21CC-4FC5-BD66-B4F8F7430E69} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {82A0E3DB-9285-4477-8881-4228231FA11E} - System32\Tasks\DealPlyLiveUpdateTaskMachineCore => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-07-30] (DealPly Technologies Ltd) <==== ATTENTION
Task: {9768CA0F-5F46-4F8E-8814-301ED1B8D176} - System32\Tasks\{9530C331-4651-4E3A-A8AE-46F6BF606984} => pcalua.exe -a C:\Users\User\Dropbox\Apps\puffinbrowser\Install_CopyTrans_Suite.exe -d C:\Users\User\Dropbox\Apps\puffinbrowser
Task: {9FE32A53-60B7-48B7-939B-AA732B376CE2} - System32\Tasks\{82427CB5-55D4-49A7-A5A7-6970ED20B4D7} => pcalua.exe -a C:\Users\User\Downloads\templates_calendar_collection_full.exe -d C:\Users\User\Downloads
Task: {A157B0AA-4D3D-4711-9372-691BB1E9B47A} - System32\Tasks\AdobeAAMUpdater-1.0-Wolf-PC-Wolf => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {BC175EB6-96D3-4726-8A1E-DC017DEAFCDC} - System32\Tasks\AbelssoftBackupStart => C:\Program Files (x86)\Abelssoft Backup\Backup.exe [2014-01-10] (Ascora GmbH)
Task: {C0DC6A49-41ED-40A4-BA9F-C517514420C6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3911170492-2722250824-168465764-1003Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2015-01-22] (Google Inc.)
Task: {C325531C-F07D-4F02-BCB0-290BD3A758F0} - System32\Tasks\DealPlyLiveUpdateTaskMachineUA => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-07-30] (DealPly Technologies Ltd) <==== ATTENTION
Task: {C7FFEADB-FA74-4F3C-AD3C-F528AF3FDD16} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {C8A71770-AFC0-4662-8EC9-7D5BCBC9E519} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {DB58355C-6BE4-48B6-95B5-2CD176D27DB0} - System32\Tasks\AdobeAAMUpdater-1.0-Wolf-PC-User => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {E1550AB5-40B4-4B1D-B806-C46BDAD2257E} - System32\Tasks\HpWebReg.exe => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HpWebReg.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {E84DF6E3-02FD-41C2-BBE7-E4132E405786} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05] (Google Inc.)
Task: C:\Windows\Tasks\AbelssoftBackupStart.job => C:\Program Files (x86)\Abelssoft Backup\Backup.exe
Task: C:\Windows\Tasks\AdvancedDriverUpdater_UPDATES.job => C:\Program Files (x86)\Advanced Driver Updater\adu.exe
Task: C:\Windows\Tasks\Dealply.job => C:\Users\Wolf\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3911170492-2722250824-168465764-1003Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3911170492-2722250824-168465764-1003UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PC Fresh.job => C:\Program Files (x86)\PC Fresh\PC Fresh.exe

==================== Loaded Modules (whitelisted) ==============

2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-02 00:12 - 2015-02-08 06:32 - 00577272 _____ () C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugincontainer.exe
2015-02-08 01:32 - 2015-02-08 01:32 - 00400120 _____ () C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\4\plugin.exe
2015-02-07 22:33 - 2015-02-07 22:33 - 00701176 _____ () C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\3\plugin.exe
2015-02-08 01:32 - 2015-02-08 01:32 - 00518904 _____ () C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\5\plugin.exe
2015-02-07 21:32 - 2015-02-07 21:32 - 00508152 _____ () C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\8\plugin.exe
2015-02-02 12:12 - 2015-02-08 06:32 - 00384760 _____ () C:\Program Files (x86)\Common Files\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\updater.exe
2013-09-06 14:34 - 2013-06-21 11:23 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-12-19 15:57 - 2014-12-19 15:57 - 01039008 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-08-25 09:55 - 2013-08-25 09:55 - 00860160 _____ () C:\Program Files\Avatron\Air Display\libGLESv2.dll
2013-08-25 10:10 - 2013-08-25 10:10 - 01043968 _____ () C:\Program Files\Avatron\Air Display\platforms\qwindows.dll
2013-08-25 09:56 - 2013-08-25 09:56 - 00052736 _____ () C:\Program Files\Avatron\Air Display\libEGL.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2014-12-19 15:57 - 2014-12-19 15:57 - 05979808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2012-10-29 11:40 - 2013-11-26 10:58 - 00045608 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\FSAVHRES.eng
2013-12-11 14:35 - 2013-12-11 14:35 - 00220200 _____ () C:\Program Files (x86)\F-Secure\daas2.dll
2014-09-21 15:45 - 2011-08-23 10:04 - 00057344 _____ () C:\Program Files (x86)\WinTV\TVServer\libhdhomerun.dll
2014-09-21 15:45 - 2014-02-14 09:59 - 00025600 _____ () C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServerps.dll
2013-02-20 10:01 - 2011-01-13 11:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 8.0\ouservice\PATCHW32.dll
2012-10-29 11:44 - 2012-10-29 11:44 - 00030888 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll
2012-10-29 11:40 - 2014-02-24 17:58 - 00212008 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Spam Control\fsas.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00033560 _____ () C:\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00055064 _____ () C:\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00149784 _____ () C:\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00111896 _____ () C:\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 01808152 _____ () C:\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00055576 _____ () C:\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00012568 _____ () C:\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00048408 _____ () C:\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Personalization.Settings.PublisherSettingsManager.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00725272 _____ () C:\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00081176 _____ () C:\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00013592 _____ () C:\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00016664 _____ () C:\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00029464 _____ () C:\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.Utilities.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00019736 _____ () C:\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.SideBySide.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00057112 _____ () C:\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00013592 _____ () C:\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00014104 _____ () C:\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00051480 _____ () C:\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00047384 _____ () C:\Users\Wolf\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2013-09-14 20:50 - 2013-09-14 20:50 - 00025368 _____ () C:\Users\Wolf\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00024856 _____ () C:\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00245528 _____ () C:\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.NetSeer.dll
2014-10-16 10:15 - 2014-10-16 10:15 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-10-25 18:23 - 2014-09-09 11:25 - 00271192 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Snap 7\CrashRpt1402.dll
2014-10-25 18:23 - 2014-09-09 11:25 - 00040792 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Snap 7\MouseHook.dll
2004-10-01 14:13 - 2004-10-01 14:13 - 00053248 _____ () C:\Program Files (x86)\Belkin\Bluetooth Software\btkeyind.dll
2003-01-22 18:29 - 2003-01-22 18:29 - 00024576 ____R () C:\Program Files (x86)\Mindjet\MindManager 5\sys\PDF\GER\W2K\fmt_jb2.dll
2003-01-23 14:55 - 2003-01-23 14:55 - 00018944 ____R () C:\Program Files (x86)\Mindjet\MindManager 5\sys\PDF\GER\W2K\fmt_xcx.dll
2003-04-27 16:02 - 2003-04-27 16:02 - 00011264 ____R () C:\Program Files (x86)\Mindjet\MindManager 5\sys\PDF\GER\W2K\fmt_xmf.dll
2003-02-05 16:22 - 2003-02-05 16:22 - 00017920 ____R () C:\Program Files (x86)\Mindjet\MindManager 5\sys\PDF\GER\W2K\xc_local.dll
2015-02-08 10:41 - 2015-02-08 18:39 - 00246008 _____ () C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\3\768d57ba-2d58-4671-9015-44d4b4dcb331.dll
2013-03-02 19:33 - 2014-03-26 17:50 - 00457512 _____ () C:\Program Files (x86)\PhraseExpress\pexlang.dll
2012-10-29 11:40 - 2013-11-26 10:58 - 00056360 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\FSGUI\fsavures.eng
2009-12-15 13:46 - 2009-12-15 13:46 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-12-15 13:49 - 2009-12-15 13:49 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-13 09:20 - 2009-02-27 16:39 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.deu
2013-06-13 09:20 - 2009-02-27 16:32 - 00020480 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\AcroTray.FRA
2014-04-01 20:45 - 2014-04-01 20:45 - 00592936 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.79_none_b59ec33311fcd586\QtMultimediaKit1.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2015-01-07 21:27 - 2015-01-07 21:27 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2015-01-07 21:27 - 2015-01-07 21:27 - 00746160 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll
2015-01-07 21:27 - 2015-01-07 21:27 - 00136368 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Registry Areas =====================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3911170492-2722250824-168465764-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Wolf\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-3911170492-2722250824-168465764-500 - Administrator - Disabled)
Gast (S-1-5-21-3911170492-2722250824-168465764-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-3911170492-2722250824-168465764-1002 - Limited - Enabled)
User (S-1-5-21-3911170492-2722250824-168465764-1003 - Limited - Enabled) => C:\Users\User
Wolf (S-1-5-21-3911170492-2722250824-168465764-1000 - Administrator - Enabled) => C:\Users\Wolf

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/08/2015 06:42:32 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (02/08/2015 06:39:31 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054

Error: (02/08/2015 06:35:49 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054

Error: (02/08/2015 10:38:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/07/2015 06:43:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/07/2015 06:39:39 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054

Error: (02/07/2015 00:28:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8003

Error: (02/07/2015 00:28:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8003

Error: (02/07/2015 00:28:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/07/2015 00:28:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7004


System errors:
=============
Error: (02/08/2015 06:40:01 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Ein an das System angeschlossenes Gerät funktioniert nicht.SCM Microsystems Inc. SCR33x USB Smart Card Reader 00x3136b012 XX XX XX

Error: (02/08/2015 06:40:01 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Die Anforderung wird nicht unterstützt.SCM Microsystems Inc. SCR33x USB Smart Card Reader 0GET_ATTRIBUTE03 01 01 00

Error: (02/08/2015 10:41:36 AM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Ein an das System angeschlossenes Gerät funktioniert nicht.SCM Microsystems Inc. SCR33x USB Smart Card Reader 00x3136b012 XX XX XX

Error: (02/08/2015 10:41:36 AM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Die Anforderung wird nicht unterstützt.SCM Microsystems Inc. SCR33x USB Smart Card Reader 0GET_ATTRIBUTE03 01 01 00

Error: (02/08/2015 10:39:44 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (02/08/2015 10:39:42 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
BTKRNL

Error: (02/08/2015 10:37:55 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{67c73122-1f7e-11e2-9dc5-806e6f6e6963}" können nicht gelesen werden.

Error: (02/07/2015 06:45:05 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (02/07/2015 06:44:58 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
BTKRNL

Error: (02/07/2015 06:43:09 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Ein an das System angeschlossenes Gerät funktioniert nicht.SCM Microsystems Inc. SCR33x USB Smart Card Reader 00x3136b012 XX XX XX


Microsoft Office Sessions:
=========================
Error: (02/08/2015 06:42:32 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\User\Downloads\SoftonicDownloader_fuer_axcrypt.exe

Error: (02/08/2015 06:39:31 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054

Error: (02/08/2015 06:35:49 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054

Error: (02/08/2015 10:38:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/07/2015 06:43:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/07/2015 06:39:39 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054

Error: (02/07/2015 00:28:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8003

Error: (02/07/2015 00:28:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8003

Error: (02/07/2015 00:28:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/07/2015 00:28:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7004


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU 880 @ 3.07GHz
Percentage of memory in use: 36%
Total physical RAM: 8151.08 MB
Available physical RAM: 5187.16 MB
Total Pagefile: 16300.34 MB
Available Pagefile: 12758.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:443.13 GB) (Free:139.24 GB) NTFS
Drive d: (Daten) (Fixed) (Total:488.28 GB) (Free:402.83 GB) NTFS
Drive x: (Video-Training) (CDROM) (Total:2.59 GB) (Free:0 GB) CDFS
Drive z: (32_00_00) (Fixed) (Total:931.51 GB) (Free:382.9 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 32E67CEA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=443.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 931.5 GB) (Disk ID: C64DC1DA)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         


Alt 13.02.2015, 16:35   #6
Wolf99
 
Win7 (64): positive find ads - Standard

Win7 (64): positive find ads



Hallo,
darf ich mein Problem noch mal in Erinnerung bringen?
Habe inzwischen (am 8.2.2015) die Logs hochgeladen.
Besten Dank und beste Grüße
Wolf99

Alt 13.02.2015, 22:11   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7 (64): positive find ads - Standard

Win7 (64): positive find ads



Jup klar und sry hab deinen Beitrag übersehen, ist irgendwie durchgerutscht

Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Buzzdock
    DealPly
    QuickShare

  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 




Anschließend so weiter machen:

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 14.02.2015, 16:55   #8
Wolf99
 
Win7 (64): positive find ads - Standard

Win7 (64): positive find ads



Sehr gute Anleitung! Ich hoffe, ich habe alles richtig umgesetzt.
Hier die Ergebnisse (1. Teil):

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.110 - Bericht erstellt 14/02/2015 um 15:53:27
# Aktualisiert 05/02/2015 von Xplode
# Datenbank : 2015-02-14.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Wolf - WOLF-PC
# Gestarted von : C:\Users\Wolf\Downloads\AdwCleaner_4.110.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : dealplylive
[#] Dienst Gelöscht : dealplylivem
Dienst Gelöscht : Service Mgr PositiveFinds
Dienst Gelöscht : Update Mgr PositiveFinds

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\DealPlyLive
Ordner Gelöscht : C:\ProgramData\simplitec
Ordner Gelöscht : C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Driver Updater
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Driver Updater
Ordner Gelöscht : C:\Program Files (x86)\DealPly
Ordner Gelöscht : C:\Program Files (x86)\DealPlyLive
Ordner Gelöscht : C:\Program Files (x86)\simplitec
Ordner Gelöscht : C:\Program Files (x86)\Smart Driver Updater
Ordner Gelöscht : C:\Program Files (x86)\Advanced Driver Updater
Ordner Gelöscht : C:\Program Files (x86)\Common Files\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602
Ordner Gelöscht : C:\Users\Wolf\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Wolf\AppData\Local\Temp\Smartbar
Ordner Gelöscht : C:\Users\Wolf\AppData\Local\Temp\Positive Finds
Ordner Gelöscht : C:\Users\User\AppData\Local\CrashRpt
Ordner Gelöscht : C:\Users\User\AppData\Roaming\simplitec
Ordner Gelöscht : C:\Users\User\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\User\Documents\Updater
Ordner Gelöscht : C:\Users\Wolf\AppData\Local\DealPlyLive
Ordner Gelöscht : C:\Users\Wolf\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\Wolf\AppData\Local\CrashRpt
Ordner Gelöscht : C:\Users\Wolf\AppData\Roaming\DealPly
Ordner Gelöscht : C:\Users\Wolf\AppData\Roaming\simplitec
Ordner Gelöscht : C:\Users\Wolf\AppData\Roaming\Smart Driver Updater
Ordner Gelöscht : C:\Users\Wolf\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Wolf\AppData\Roaming\RHEng
Ordner Gelöscht : C:\Users\Wolf\Documents\Smart Driver Updater
Ordner Gelöscht : C:\Users\Wolf\Documents\Updater
Ordner Gelöscht : C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\img9ts5g.default\Extensions\{906000A4-88D9-4D52-B209-7A772970D91F}
Ordner Gelöscht : C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\img9ts5g.default\Extensions\sparpilot@sparpilot.com
Ordner Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Ordner Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf
Datei Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\em7xfk6t.default\Extensions\{29e2f58a-a791-4ede-8083-4f6919d1cb6d}.xpi
Datei Gelöscht : C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\img9ts5g.default\Extensions\{29e2f58a-a791-4ede-8083-4f6919d1cb6d}.xpi
Datei Gelöscht : C:\Users\Public\Desktop\simplicheck.lnk
Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
Datei Gelöscht : C:\Users\Wolf\Desktop\Smart Driver Updater.lnk
Datei Gelöscht : C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\img9ts5g.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Geplante Tasks ] *****

Task Gelöscht : Dealply
Task Gelöscht : DealPlyLiveUpdateTaskMachineCore
Task Gelöscht : DealPlyLiveUpdateTaskMachineUA

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Smart Driver Updater]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\dealplylive.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DealPlyLive.Update3WebControl.3
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dealplyliveupdate.coreclass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclasssvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{50F60937-910A-4C05-8E36-FE4E299191CF}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\DealPlyLive
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Smart Driver Updater
Schlüssel Gelöscht : HKCU\Software\smartbarbackup
Schlüssel Gelöscht : HKCU\Software\smartbarlog
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\DealPlyLive
Schlüssel Gelöscht : HKLM\SOFTWARE\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\simplitec
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\PositiveFinds
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smart Driver Updater_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Advanced Driver Updater_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Positive Finds
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\499E8534DA7E759419D2048CB780D3D5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5DCE3C04E576AD15F972B67D0725120C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\62255E52F19EC97429A42D59D49024FA
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\930D9472A978D7A4EB16BF4DECB173B7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AEB93799E8B47D14CA356E4343D632A4
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE7C2A75DF08824E9CEFDE20F655BD9
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17631

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v35.0.1 (x86 de)

[em7xfk6t.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.defaultenginename", "Ixquick hxxpS");
[em7xfk6t.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.selectedEngine", "Ixquick hxxpS");
[em7xfk6t.default\prefs.js] - Zeile Gelöscht : user_pref("browser.startup.homepage", "hxxps://ixquick.com/");
[em7xfk6t.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.xpiState", "{\"app-profile\":{\"ClassicThemeRestorer@ArisT2Noia4dev\":{\"d\":\"C:\\\\Users\\\\User\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\em7xfk6t.default\\\\[...]
[img9ts5g.default\prefs.js] - Zeile Gelöscht : user_pref("browser.newtab.url", "hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=nt&installDate=16/10/2013");
[img9ts5g.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.defaultenginename", "Ixquick hxxpS");
[img9ts5g.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.selectedEngine", "Web Search");
[img9ts5g.default\prefs.js] - Zeile Gelöscht : user_pref("browser.startup.homepage", "hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=hp&installDate=16/10/2013");
[img9ts5g.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
[img9ts5g.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false);
[img9ts5g.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
[img9ts5g.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.Visibility", false);
[img9ts5g.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.countryiso", "de");
[img9ts5g.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.downloadprovider", "quickobrw");
[img9ts5g.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.installationid", "fa0a40a2-e660-4017-b374-49e155d7ea9a");
[img9ts5g.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.installdate", "30/07/2013");
[img9ts5g.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.publisher", "quickobrw");
[img9ts5g.default\prefs.js] - Zeile Gelöscht : user_pref("keyword.URL", "hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&installDate=16/10/2013&q=");

-\\ Google Chrome v40.0.2214.111

[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://eu.ask.com/web?l=dis&o=APN10280&gct=sb&qsrc=2869&apn_dtid=^YYYYYY^YY^DE&apn_ptnrs=^A9T&apn_uid=2554515652544101&p2=^A9T^YYYYYY^YY^DE&q={searchTerms}
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxps://ixquick.com/do/search?query={searchTerms}&cat=web&pl=chrome&language=deutsch
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www1.delta-search.com/?q={searchTerms}&affID=121845&tt=gc_&babsrc=SP_ss&mntrId=2C5500242C2AE04B
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&q={searchTerms}&installDate=16/10/2013
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&q={searchTerms}&installDate=16/10/2013
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxps://ixquick.com/do/search?query={searchTerms}&cat=web&pl=chrome&language=deutsch
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&q={searchTerms}&installDate=16/10/2013
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&q={searchTerms}&installDate=16/10/2013

*************************

AdwCleaner[R0].txt - [23984 Bytes] - [14/02/2015 15:51:35]
AdwCleaner[S0].txt - [22418 Bytes] - [14/02/2015 15:53:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22478  Bytes] ##########
         
--- --- ---


Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Home Premium x64
Ran by Wolf on 14.02.2015 at 16:15:45,11
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}



~~~ Files

Successfully deleted: [File] "C:\Users\Wolf\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage"
Successfully deleted: [File] "C:\Users\Wolf\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage-journal"
Successfully deleted: [File] C:\Windows\prefetch\DEALPLYLIVE.EXE-B469C63A.pf
Successfully deleted: [File] C:\Windows\prefetch\DEALPLYLIVEHANDLER.EXE-2529B0CB.pf



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\Wolf\AppData\Roaming\mozilla\firefox\profiles\img9ts5g.default\minidumps [6 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.02.2015 at 16:19:14,23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 14.02.2015, 17:10   #9
Wolf99
 
Win7 (64): positive find ads - Standard

Win7 (64): positive find ads



2. Teil:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-02-2015
Ran by Wolf (administrator) on WOLF-PC on 14-02-2015 16:27:42
Running from C:\Users\Wolf\Downloads
Loaded Profiles: Wolf (Available profiles: Wolf & User & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avatron Software) C:\Program Files\Avatron\Air Display\AVTHelper.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Broadcom Corporation) C:\Program Files (x86)\Belkin\Bluetooth Software\bin\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe
(Ascora GmbH) C:\Program Files (x86)\PC Fresh\PC Fresh.exe
(Ascora GmbH) C:\Program Files (x86)\Abelssoft Backup\Backup.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureDLNA.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureDLNA.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureDLNA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Avatron Software, Inc) C:\Program Files\Avatron\Air Display\AirDisplay.exe
(Secomba GmbH) C:\Program Files (x86)\BoxCryptor\Boxcryptor.exe
(Ashampoo Media GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo Snap 7\ashsnap.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\Ir.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Broadcom Corporation) C:\Program Files (x86)\Belkin\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Acronis) C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
(Tracker Software Products) C:\Program Files (x86)\Mindjet\MindManager 5\sys\PDF\GER\W2K\PDFSaver.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Bartels Media GmbH) C:\Program Files (x86)\PhraseExpress\phraseexpress.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Identive GmbH) C:\Program Files (x86)\CHIPDRIVE\CHIPDRIVE MyKey\MyKey\MyKey.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(SCM Microsystems) C:\Program Files (x86)\CHIPDRIVE\CHIPDRIVE MyKey\MyKey\SCMSOK.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSHDLL64.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Thisisu) C:\Users\Wolf\Downloads\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\dgnria_nmhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-06] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [391192 2010-08-02] (Acronis)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5452488 2010-08-02] (Acronis)
HKLM-x32\...\Run: [TrayServer] => C:\Program Files (x86)\MAGIX\Video_deluxe_17_Plus\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [SAOB Monitor] => C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe [2570648 2010-08-02] (Acronis)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111928 2013-05-03] (Intel Corporation)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [310312 2013-11-26] (F-Secure Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-01-20] (Apple Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [MyKey] => c:\program files (x86)\chipdrive\chipdrive mykey\mykey\mykey.exe [3757000 2012-12-03] (Identive GmbH)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [F-Secure Hoster (666)] => C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2014-07-08] (F-Secure Corporation)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-01-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Run: [BoxCryptor] => C:\Program Files (x86)\BoxCryptor\BoxCryptor.exe [1063680 2014-08-06] (Secomba GmbH)
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Run: [Air Display Support] => C:\Program Files\Avatron\Air Display\AirDisplay.exe [4189688 2013-12-04] (Avatron Software, Inc)
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Run: [Boxcryptor.exe] => C:\Program Files (x86)\Boxcryptor\Boxcryptor.exe [1063680 2014-08-06] (Secomba GmbH)
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Run: [AshSnap] => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 7\ashsnap.exe [5728600 2014-09-09] (Ashampoo Media GmbH & Co. KG)
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-18\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Internet Explorer\iexplore.exe [813744 2015-01-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk
ShortcutTarget: AutoStart IR.lnk -> C:\Program Files (x86)\WinTV\Ir.exe (Hauppauge Computer Works)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
ShortcutTarget: BTTray.lnk -> C:\Program Files (x86)\Belkin\Bluetooth Software\BTTray.exe (Broadcom Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NewShortcut4.lnk
ShortcutTarget: NewShortcut4.lnk -> C:\Program Files (x86)\Mindjet\MindManager 5\sys\PDF\GER\W2K\PDFSaver.exe (Tracker Software Products)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress.lnk
ShortcutTarget: PhraseExpress.lnk -> C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Bartels Media GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status.lnk
ShortcutTarget: WinTV Recording Status.lnk -> C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe (Hauppauge Computer Works, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Wolf\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Users\Wolf\AppData\Local\Apps\Evernote\Evernote\EvernoteClipper.exe (No File)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Wolf\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
SSODL: EldosMountNotificator-cbfs4 - {A42D514D-60A5-431C-B3F3-8B6FAF92C3AC} - C:\Windows\system32\cbfsMntNtf4.dll (EldoS Corporation)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator-cbfs4 - {A42D514D-60A5-431C-B3F3-8B6FAF92C3AC} - C:\Windows\SysWOW64\cbfsMntNtf4.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [0WualaOverlayIcon1] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Wuala OverlayIcons\OverlayIcon.dll (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon2] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Wuala OverlayIcons\OverlayIcon.dll (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon3] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Wuala OverlayIcons\OverlayIcon.dll (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon4] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Wuala OverlayIcons\OverlayIcon.dll (LaCie AG)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {D3FC7241-7C2F-4DE1-BDA2-D723B7F32CE5} => C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wolf\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wolf\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wolf\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wolf\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs4] -> {A6E6F62E-A5F0-472C-A01D-F9EDFBECD437} => C:\Windows\system32\cbfsMntNtf4.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [1EldosIconOverlay] -> {D3FC7241-7C2F-4DE1-BDA2-D723B7F32CE5} => C:\Windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wolf\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wolf\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wolf\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs4] -> {A6E6F62E-A5F0-472C-A01D-F9EDFBECD437} => C:\Windows\SysWOW64\cbfsMntNtf4.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3911170492-2722250824-168465764-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
HKU\S-1-5-21-3911170492-2722250824-168465764-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3911170492-2722250824-168465764-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} ->  No File
BHO: F-Secure Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll (F-Secure Corporation)
BHO: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\dgnriaie_x64.dll (Nuance Communications, Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} ->  No File
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: F-Secure Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll (F-Secure Corporation)
BHO-x32: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\dgnriaie.dll (Nuance Communications, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM-x32 {65EEE2E1-B8D5-4724-8489-048B551045BF} https://chipkarte.santanderbank.de/Estatico/ALP_EBANDE_SmartCardPres_E/Recursos/SantanderChipcardPlugin2610.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\Windows\SysWOW64\btxppanel.dll (Broadcom Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\img9ts5g.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=10.15.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: nuance.com/DgnRia2_x86_64 -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\npDgnRia2_x64.dll (Nuance Communications, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: nuance.com/DgnRia2 -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\npDgnRia2.dll (Nuance Communications, Inc.)
FF SearchPlugin: C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\img9ts5g.default\searchplugins\ixquick-https.xml
FF Extension: Santander Chipcard Plugin - C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\img9ts5g.default\Extensions\{fd639891-5cc6-45ae-9055-a7a6abb5a7a9} [2015-01-21]
FF Extension: {9fabb557-6c6e-401b-b34b-7e294f7fb2b1} - C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\img9ts5g.default\Extensions\{9fabb557-6c6e-401b-b34b-7e294f7fb2b1}.xpi [2015-02-11]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-27]
FF HKLM-x32\...\Firefox\Extensions: [{839dafec-9de6-44cb-92ec-28be76b89c58}] - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https
FF Extension: Browsing Protection - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https [2014-11-13]
FF HKLM-x32\...\Firefox\Extensions: [{FACC66B7-E49F-49ed-997E-66A221FD956D}] - C:\Program Files (x86)\CHIPDRIVE\CHIPDRIVE MyKey\MyKey\FireFox
FF Extension: MyKey Interface - C:\Program Files (x86)\CHIPDRIVE\CHIPDRIVE MyKey\MyKey\FireFox [2014-01-25]
FF HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=hp&installDate=16/10/2013"
CHR DefaultSearchKeyword: Default -> ixquick.com
CHR DefaultSearchURL: Default -> https://ixquick.com/do/search?query={searchTerms}&cat=web&pl=chrome&language=deutsch
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-18]
CHR Extension: (Google Drive) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-18]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-13]
CHR Extension: (YouTube) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-30]
CHR Extension: (Google-Suche) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-30]
CHR Extension: (WGT Golf Challenge) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg [2014-08-10]
CHR Extension: (Dragon Weberweiterung) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddaloccgjfibfpkalenodgehlhkgoahe [2014-10-25]
CHR Extension: (Stoppuhr / Timer) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggnidjbcahhbnleinchgobfnabopeioh [2014-08-10]
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2014-06-18]
CHR Extension: (Skype Click to Call) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-11-04]
CHR Extension: (Google Wallet) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-18]
CHR Extension: (Evernote Web Clipper) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2014-08-10]
CHR Extension: (Google Mail) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-30]
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:/Program Files (x86)/F-Secure/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx [2014-06-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-09] (Adobe Systems) [File not signed]
R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2014-08-31] (Adobe Systems Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 AVTHelper; C:\Program Files\Avatron\Air Display\AVTHelper.exe [237048 2013-12-04] (Avatron Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2227992 2012-11-02] (Broadcom Corporation.)
R2 btwdins; C:\Program Files (x86)\Belkin\Bluetooth Software\bin\btwdins.exe [163840 2004-10-01] (Broadcom Corporation) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 DragonLoggerService; C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe [137280 2014-07-23] (Nuance Communications, Inc.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2012-11-01] (Macrovision Europe Ltd.) [File not signed]
R2 fshoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2014-07-08] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2013-11-26] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [60456 2014-06-24] (F-Secure Corporation)
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [579584 2014-02-14] (Hauppauge Computer Works) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
R2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R3 AirDisplay; C:\Windows\System32\DRIVERS\AVVideoCard.sys [15352 2013-12-04] (Windows (R) Win 7 DDK provider)
R3 AirDisplayMirror; C:\Windows\System32\DRIVERS\AVVideoCardMirror.sys [15352 2013-12-04] (Windows (R) Win 7 DDK provider)
R3 AirDisplayWDDM; C:\Windows\System32\DRIVERS\AVWDDMMiniPort.sys [48632 2013-12-04] (Windows (R) Win 7 DDK provider)
S3 ASPI; C:\Windows\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [File not signed]
R0 AVPCIFilter; C:\Windows\System32\DRIVERS\AVPCIFilter.sys [36344 2013-12-04] (Windows (R) Win 7 DDK provider)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [169240 2012-11-02] (Broadcom Corporation.)
S0 BTKRNL; C:\Windows\SysWOW64\drivers\btkrnl.sys [1241482 2004-10-01] (Broadcom Corporation) [File not signed]
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R1 cbfs4; C:\Windows\system32\drivers\cbfs4.sys [387776 2013-11-15] (EldoS Corporation)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [207400 2014-11-30] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [71112 2014-11-30] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-09-09] ()
R0 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [42248 2013-03-01] ()
R3 fsni; C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\fsni64.sys [89640 2014-12-02] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-06-24] ()
R3 hcw88rc5; C:\Windows\System32\Drivers\hcw88rc5.sys [15872 2012-11-20] (Hauppauge Computer Works, Inc.)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37392 2009-04-08] (Paragon Software Group)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-10-22] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-10-22] (RapidSolution Software AG)
R3 S3XXx64; C:\Windows\System32\DRIVERS\S3XXx64.sys [73984 2014-06-16] (Identive)
R0 tdrpman258; C:\Windows\System32\DRIVERS\tdrpm258.sys [1477728 2012-11-04] (Acronis)
R3 vpnpbus; C:\Windows\System32\DRIVERS\vpnpbus.sys [18624 2013-11-15] (EldoS Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-14 16:27 - 2015-02-14 16:28 - 00040411 _____ () C:\Users\Wolf\Downloads\FRST.txt
2015-02-14 16:27 - 2015-02-14 16:27 - 02134528 _____ (Farbar) C:\Users\Wolf\Downloads\FRST64.exe
2015-02-14 16:19 - 2015-02-14 16:19 - 00001432 _____ () C:\Users\Wolf\Desktop\JRT.txt
2015-02-14 16:15 - 2015-02-14 16:15 - 01388274 _____ (Thisisu) C:\Users\Wolf\Downloads\JRT.exe
2015-02-14 15:59 - 2015-02-14 15:59 - 00000000 ____D () C:\Users\Wolf\AppData\Local\CrashRpt
2015-02-14 15:49 - 2015-02-14 15:53 - 00000000 ____D () C:\AdwCleaner
2015-02-14 15:48 - 2015-02-14 15:48 - 02112512 _____ () C:\Users\Wolf\Downloads\AdwCleaner_4.110.exe
2015-02-14 15:18 - 2015-02-14 15:18 - 00001326 _____ () C:\Users\Wolf\Desktop\Revo Uninstaller.lnk
2015-02-14 15:18 - 2015-02-14 15:18 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-14 15:17 - 2015-02-14 15:17 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Wolf\Downloads\revosetup95.exe
2015-02-14 13:02 - 2015-02-14 13:02 - 07262715 _____ () C:\Users\User\Downloads\AmazonApps-release.apk
2015-02-13 11:26 - 2015-02-13 11:26 - 00015500 _____ () C:\Users\User\Downloads\Santander_2086180700_20150213_1126.csv
2015-02-12 11:11 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 11:11 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 11:11 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 11:11 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 16:03 - 2015-02-11 16:03 - 00000000 __SHD () C:\Users\Wolf\AppData\Local\EmieBrowserModeList
2015-02-11 15:57 - 2015-02-11 15:57 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\No Company Name
2015-02-11 09:56 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 09:56 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 09:56 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 09:56 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 09:56 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 09:56 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 09:56 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 09:56 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 09:56 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 09:56 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 09:56 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 09:56 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 09:56 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 09:56 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 09:56 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 09:56 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 09:56 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 09:56 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 09:56 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 09:56 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 09:56 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 09:56 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 09:55 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 09:55 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 09:55 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 09:55 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 09:55 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 09:55 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 09:55 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 09:55 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 09:55 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 09:55 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 09:55 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 09:55 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 09:55 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 09:55 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 09:55 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 09:55 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 09:55 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 09:55 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 09:55 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 09:55 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 09:55 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 09:55 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 09:55 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 09:55 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 09:55 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 09:55 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 09:55 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 09:55 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 09:55 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 09:55 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 09:55 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 09:55 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 09:55 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 09:55 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 09:55 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 09:55 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 09:55 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 09:55 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 09:55 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 09:55 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 09:55 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 09:55 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 09:55 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 09:55 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 09:55 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 09:55 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 09:55 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 09:55 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 09:55 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 09:55 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 09:55 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 09:55 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 09:54 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 09:54 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 09:54 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 09:54 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 09:54 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 09:54 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 09:54 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 09:54 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 09:54 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 09:54 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 09:54 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 09:54 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 09:54 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 09:54 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 09:54 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 09:54 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 09:54 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 09:54 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 09:54 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 09:54 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 09:54 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 09:54 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 09:54 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 09:54 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 09:53 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 09:53 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 09:52 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 09:52 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 09:52 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 09:52 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 09:52 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 09:52 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 09:52 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 09:52 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-10 12:55 - 2015-02-10 12:59 - 00000000 ____D () C:\Users\User\Documents\AZUR
2015-02-10 12:48 - 2015-02-10 12:48 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\dlg
2015-02-10 12:45 - 2015-02-11 18:35 - 00000000 ____D () C:\Program Files (x86)\MRO
2015-02-10 12:45 - 2015-02-10 12:45 - 00000000 ____D () C:\Users\Wolf\Documents\Arbeitszeituhr
2015-02-10 12:39 - 2015-02-10 12:39 - 00623624 _____ () C:\Users\User\Downloads\azu_mro_13.9.13_CB-DL-Manager.exe
2015-02-09 13:06 - 2015-02-09 13:08 - 00001805 _____ () C:\Users\User\Desktop\Evernote.lnk
2015-02-09 12:18 - 2015-02-09 12:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evernote
2015-02-09 12:11 - 2015-02-09 12:11 - 00000290 _____ () C:\Users\User\Downloads\SALOME.ical
2015-02-08 18:50 - 2015-02-08 18:50 - 00051420 _____ () C:\Users\Wolf\Desktop\Addition.txt
2015-02-08 18:49 - 2015-02-08 18:50 - 00065410 _____ () C:\Users\Wolf\Desktop\FRST.txt
2015-02-08 11:01 - 2015-02-14 16:27 - 00000000 ____D () C:\FRST
2015-02-08 11:00 - 2015-02-08 11:00 - 02132992 _____ (Farbar) C:\Users\Wolf\Desktop\FRST64.exe
2015-02-06 19:26 - 2015-02-06 19:26 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Wolf\Desktop\SpyHunter-Installer.exe
2015-02-06 14:59 - 2015-02-06 14:59 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-06 14:59 - 2015-02-06 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-06 14:59 - 2015-02-06 14:59 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-06 14:59 - 2015-02-06 14:59 - 00000000 ____D () C:\Program Files\iTunes
2015-02-06 14:59 - 2015-02-06 14:59 - 00000000 ____D () C:\Program Files\iPod
2015-02-06 14:53 - 2015-02-06 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-02-06 14:51 - 2015-02-06 14:51 - 00001895 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2015-02-06 14:51 - 2015-02-06 14:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-02-06 14:51 - 2015-02-06 14:51 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-02-03 19:23 - 2015-02-03 19:23 - 00000000 ____D () C:\Users\User\AppData\Local\Lavasoft
2015-02-03 12:19 - 2015-02-03 12:29 - 00000108 ____H () C:\Users\User\Documents\.picasa.ini
2015-02-03 10:16 - 2015-02-03 10:16 - 00003676 _____ () C:\Windows\System32\Tasks\HP-Online-Aktualisierungsprogramm
2015-02-02 17:44 - 2015-02-02 17:44 - 00049990 ____N () C:\Users\User\Documents\Sprachmemo 013.amr
2015-02-02 14:10 - 2015-02-02 14:10 - 00000000 ____D () C:\Users\User\AppData\Roaming\TuneUp Software
2015-02-02 14:10 - 2015-02-02 14:10 - 00000000 ____D () C:\Users\User\AppData\Local\TuneUp Software
2015-02-02 12:22 - 2015-02-02 12:22 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\TuneUp Software
2015-02-02 12:22 - 2015-02-02 12:22 - 00000000 ____D () C:\Users\Wolf\AppData\Local\TuneUp Software
2015-02-02 12:21 - 2015-02-10 12:43 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-02-02 12:21 - 2015-02-10 12:43 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-02-02 12:21 - 2015-02-02 12:21 - 00001460 _____ () C:\Users\Public\Desktop\Free Audio Editor.lnk
2015-02-02 12:21 - 2015-02-02 12:21 - 00001297 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-02-02 12:21 - 2015-02-02 12:21 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\FreeAudioEditor
2015-02-02 12:21 - 2015-02-02 12:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-02-02 12:20 - 2015-02-02 12:20 - 00005128 _____ () C:\Windows\SysWOW64\LavasoftTcpService.ini
2015-02-02 12:20 - 2015-02-02 12:20 - 00002824 _____ () C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-02-02 12:20 - 2015-02-02 12:20 - 00002824 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-02-02 12:20 - 2015-01-23 06:39 - 00378832 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-02-02 12:20 - 2015-01-23 06:39 - 00332216 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-02-02 12:18 - 2015-02-02 12:21 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-02-02 12:17 - 2015-02-02 12:21 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\DVDVideoSoft
2015-02-02 12:15 - 2015-02-02 12:15 - 03529672 _____ (DVDVideoSoft Ltd. ) C:\Users\Wolf\Downloads\FreeAudioEditor.exe
2015-02-02 11:52 - 2015-02-02 11:53 - 00308709 _____ () C:\Users\User\Downloads\mp3DC220.exe
2015-01-31 18:25 - 2015-02-01 00:10 - 00000262 _____ () C:\Users\User\Documents\Beisitzer.csv
2015-01-30 13:30 - 2015-02-10 12:12 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-30 13:30 - 2015-02-10 12:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-30 13:25 - 2015-01-30 13:25 - 00960176 _____ (Adobe Systems Incorporated) C:\Users\Wolf\Downloads\flashplayer16_uninstall_win.exe
2015-01-30 13:00 - 2015-01-30 13:00 - 00000000 ___RD () C:\Users\Wolf\Creative Cloud Files
2015-01-30 12:59 - 2015-01-30 12:59 - 00001371 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-01-30 12:59 - 2015-01-30 12:59 - 00001359 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-01-27 20:00 - 2015-01-27 20:00 - 01139872 _____ () C:\Windows\Minidump\012715-31403-01.dmp
2015-01-27 10:59 - 2015-01-27 10:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-22 12:17 - 2015-02-14 15:43 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3911170492-2722250824-168465764-1003UA.job
2015-01-22 12:17 - 2015-02-13 10:43 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3911170492-2722250824-168465764-1003Core.job
2015-01-22 12:17 - 2015-02-07 10:38 - 00004084 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3911170492-2722250824-168465764-1003UA
2015-01-22 12:17 - 2015-02-07 10:38 - 00003688 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3911170492-2722250824-168465764-1003Core
2015-01-22 12:16 - 2015-01-22 12:16 - 00880784 _____ (Google Inc.) C:\Users\User\Downloads\ChromeSetup.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-14 16:19 - 2009-07-14 05:45 - 00028320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-14 16:19 - 2009-07-14 05:45 - 00028320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-14 16:16 - 2012-10-27 02:02 - 00702964 _____ () C:\Windows\system32\perfh007.dat
2015-02-14 16:16 - 2012-10-27 02:02 - 00150604 _____ () C:\Windows\system32\perfc007.dat
2015-02-14 16:16 - 2009-07-14 06:13 - 01629436 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-14 16:15 - 2012-10-26 16:11 - 01239259 _____ () C:\Windows\WindowsUpdate.log
2015-02-14 16:13 - 2012-10-29 13:42 - 00000000 ____D () C:\Users\Wolf\AppData\Local\Adobe
2015-02-14 16:11 - 2012-11-05 16:18 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-14 16:11 - 2012-10-29 13:51 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\Dropbox
2015-02-14 16:10 - 2014-10-16 15:12 - 00000276 _____ () C:\Windows\Tasks\AbelssoftBackupStart.job
2015-02-14 16:10 - 2013-10-11 09:42 - 00000248 _____ () C:\Windows\Tasks\PC Fresh.job
2015-02-14 16:10 - 2012-10-26 16:23 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-14 16:10 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-14 16:10 - 2009-07-14 05:51 - 00233835 _____ () C:\Windows\setupact.log
2015-02-14 16:06 - 2012-11-05 16:18 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-14 15:58 - 2010-11-21 04:47 - 00346950 _____ () C:\Windows\PFRO.log
2015-02-14 13:18 - 2014-01-01 13:22 - 00000000 ____D () C:\Users\User\AppData\Roaming\Wuala
2015-02-14 13:18 - 2012-11-05 15:31 - 00000000 ____D () C:\Users\User\Documents\PhraseExpress
2015-02-14 11:50 - 2012-10-29 13:33 - 00000000 ____D () C:\Users\Wolf\Documents\Outlook-Dateien
2015-02-14 11:34 - 2014-02-07 16:03 - 00000000 ____D () C:\Users\User\AppData\Local\BBB3BACB-1331-4C59-9E6C-C1E084172206.aplzod
2015-02-14 11:33 - 2014-11-09 18:29 - 00000000 ___RD () C:\Users\User\iCloudDrive
2015-02-14 11:33 - 2012-11-29 21:27 - 00000000 ___RD () C:\Users\User\Dropbox
2015-02-14 11:33 - 2012-11-29 21:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\Dropbox
2015-02-13 09:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-12 23:55 - 2012-11-13 18:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2015-02-12 15:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-12 12:15 - 2012-10-27 11:50 - 00000000 ____D () C:\ProgramData\TEMP
2015-02-12 11:10 - 2013-01-10 11:38 - 00000000 ____D () C:\Users\User\.VirtualBox
2015-02-12 11:07 - 2012-11-29 21:27 - 00001021 _____ () C:\Users\User\Desktop\Dropbox.lnk
2015-02-12 11:07 - 2012-11-29 21:24 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-12 11:05 - 2012-11-07 14:56 - 00002715 _____ () C:\Users\User\AppData\Roaming\SAS7_000.DAT
2015-02-11 19:25 - 2012-11-04 10:53 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-11 19:25 - 2012-11-04 10:53 - 00000000 ____D () C:\ProgramData\Skype
2015-02-11 18:33 - 2012-10-26 16:14 - 00189216 _____ () C:\Users\Wolf\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-11 18:25 - 2012-11-05 15:32 - 00189216 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-11 18:23 - 2009-07-14 05:45 - 00630184 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 16:18 - 2012-12-08 12:52 - 00000000 _____ () C:\Windows\lgfwup.ini
2015-02-11 16:18 - 2012-10-26 16:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-11 16:02 - 2012-10-30 14:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2015-02-11 16:02 - 2012-10-30 14:29 - 00000000 ____D () C:\Program Files (x86)\Ashampoo
2015-02-11 16:00 - 2012-11-03 10:56 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-02-11 16:00 - 2012-10-29 13:41 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-02-11 13:11 - 2014-12-12 17:02 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-11 13:11 - 2014-05-10 18:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 13:08 - 2012-10-26 21:59 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-11 13:08 - 2009-07-14 03:34 - 00000499 _____ () C:\Windows\win.ini
2015-02-11 13:04 - 2013-07-16 12:04 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 12:45 - 2012-10-27 11:05 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-11 12:16 - 2012-12-10 15:21 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2015-02-11 12:15 - 2012-11-28 17:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\FileZilla
2015-02-11 11:42 - 2013-09-06 10:42 - 00000288 _____ () C:\Windows\Tasks\AdvancedDriverUpdater_UPDATES.job
2015-02-09 00:36 - 2012-10-29 11:53 - 00000000 ____D () C:\Users\Wolf\Documents\PhraseExpress
2015-02-07 23:01 - 2012-11-05 16:18 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-07 23:01 - 2012-11-05 16:18 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-06 14:59 - 2014-05-16 14:25 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-06 14:59 - 2012-11-02 10:41 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-06 14:01 - 2013-12-07 12:40 - 00002221 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-03 12:19 - 2014-04-21 10:19 - 00000000 ____D () C:\Users\User\Documents\Ashampoo Burning Studio 12
2015-02-03 12:19 - 2012-11-15 17:48 - 00125440 ___SH () C:\Users\User\Documents\Thumbs.db
2015-02-02 18:09 - 2013-01-07 13:59 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2015-01-30 13:31 - 2012-10-26 16:11 - 00000000 ____D () C:\Users\Wolf
2015-01-30 13:11 - 2012-11-05 15:31 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2015-01-30 13:01 - 2012-10-29 13:42 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\Adobe
2015-01-30 13:00 - 2012-10-29 13:37 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-30 12:59 - 2014-09-21 15:46 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-29 20:41 - 2014-02-08 12:34 - 00007680 _____ () C:\Users\User\Documents\Ordner-breit-Liecke.zdl
2015-01-29 20:41 - 2014-02-06 20:08 - 00008192 _____ () C:\Users\User\Documents\Ordner-Liecke.zdl
2015-01-29 20:39 - 2014-12-29 15:49 - 00000132 _____ () C:\Users\User\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2015-01-27 20:00 - 2012-10-29 15:09 - 795582867 _____ () C:\Windows\MEMORY.DMP
2015-01-27 20:00 - 2012-10-29 15:09 - 00000000 ____D () C:\Windows\Minidump
2015-01-27 20:00 - 2012-10-27 11:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-22 23:01 - 2012-10-27 11:54 - 01602780 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-22 18:47 - 2014-01-16 17:20 - 00000000 ____D () C:\Users\User\Documents\My Digital Editions
2015-01-22 12:23 - 2014-01-14 17:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2015-01-22 12:23 - 2012-11-05 16:18 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2015-01-19 12:58 - 2012-11-14 09:54 - 00000000 ____D () C:\Users\User\Documents\MailStore Home
2015-01-19 12:58 - 2012-11-14 09:53 - 00000000 ____D () C:\ProgramData\firebird
2015-01-15 00:05 - 2013-11-01 12:25 - 00000000 ____D () C:\Users\User\AppData\Local\Abelssoft

==================== Files in the root of some directories =======

2009-04-21 09:02 - 2012-10-31 20:10 - 114672640 _____ () C:\Program Files (x86)\Paragon-128-PRG_WinInstallSNx64_9.0.99.9293_000_64BIT.msi
2009-04-21 09:01 - 2012-10-31 20:10 - 115772928 _____ () C:\Program Files (x86)\Paragon-128-PRG_WinInstallSN_9.0.99.9293_000_32BIT.msi
2014-10-16 19:33 - 2014-10-20 14:08 - 0000096 _____ () C:\Users\Wolf\AppData\Roaming\Camdata.ini
2014-10-16 19:33 - 2014-10-20 14:08 - 0000408 _____ () C:\Users\Wolf\AppData\Roaming\CamLayout.ini
2014-10-16 19:33 - 2014-10-20 14:08 - 0000408 _____ () C:\Users\Wolf\AppData\Roaming\CamShapes.ini
2014-10-16 19:33 - 2014-10-20 14:08 - 0004509 _____ () C:\Users\Wolf\AppData\Roaming\CamStudio.cfg
2012-10-29 13:25 - 2014-08-22 15:44 - 0002514 _____ () C:\Users\Wolf\AppData\Roaming\SAS7_000.DAT
2014-12-27 14:48 - 2014-12-27 14:48 - 0000600 _____ () C:\Users\Wolf\AppData\Roaming\winscp.rnd
2013-10-30 09:30 - 2013-10-30 10:18 - 0003584 _____ () C:\Users\Wolf\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-02-05 17:19 - 2013-02-05 17:19 - 0007597 _____ () C:\Users\Wolf\AppData\Local\Resmon.ResmonCfg
2014-10-31 15:37 - 2014-10-31 18:02 - 0003933 _____ () C:\ProgramData\StreamingMediaTechnologyLog.txt

Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4ssc4x.dll
C:\Users\User\AppData\Local\Temp\SkypeSetup.exe
C:\Users\User\AppData\Local\Temp\TUUUninstallHelper.exe
C:\Users\User\AppData\Local\Temp\vlc-2.1.5-win64.exe
C:\Users\Wolf\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\Wolf\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Wolf\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Wolf\AppData\Local\Temp\Execute2App.exe
C:\Users\Wolf\AppData\Local\Temp\F-SecureNetworkInstaller.exe
C:\Users\Wolf\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\Wolf\AppData\Local\Temp\FreeAudioEditor.exe
C:\Users\Wolf\AppData\Local\Temp\fsc37E1.tmp.exe
C:\Users\Wolf\AppData\Local\Temp\fsc7E53.tmp.exe
C:\Users\Wolf\AppData\Local\Temp\fscD7E7.tmp.exe
C:\Users\Wolf\AppData\Local\Temp\fscF66F.tmp.exe
C:\Users\Wolf\AppData\Local\Temp\HPDiscoPM5412.dll
C:\Users\Wolf\AppData\Local\Temp\ICReinstall_Windows8_64bit.exe
C:\Users\Wolf\AppData\Local\Temp\Installer.exe
C:\Users\Wolf\AppData\Local\Temp\mgxfonts.exe
C:\Users\Wolf\AppData\Local\Temp\MgxVistaTools.dll
C:\Users\Wolf\AppData\Local\Temp\msvcp90.dll
C:\Users\Wolf\AppData\Local\Temp\msvcr90.dll
C:\Users\Wolf\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Wolf\AppData\Local\Temp\ose00000.exe
C:\Users\Wolf\AppData\Local\Temp\Quarantine.exe
C:\Users\Wolf\AppData\Local\Temp\readSTILog.dll
C:\Users\Wolf\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Wolf\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Wolf\AppData\Local\Temp\SetupAssistant.exe
C:\Users\Wolf\AppData\Local\Temp\shutdown1402416774.exe
C:\Users\Wolf\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Wolf\AppData\Local\Temp\SpOrder.dll
C:\Users\Wolf\AppData\Local\Temp\sqlite3.dll
C:\Users\Wolf\AppData\Local\Temp\vhnolbao.dll
C:\Users\Wolf\AppData\Local\Temp\vlc-2.1.5-win64.exe
C:\Users\Wolf\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-13 09:51

==================== End Of Log ============================
         
--- --- ---





Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-02-2015
Ran by Wolf at 2015-02-14 16:28:40
Running from C:\Users\Wolf\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Antivirus (Enabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17}
AS: Antivirus (Enabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1-abc.net Database (Remove only) (HKLM-x32\...\1-abc.net Database) (Version:  - )
4Musics Multiformat Converter 5.2 (HKLM-x32\...\4Musics Multiformat Converter 5.2_is1) (Version:  - NeSoft)
AbAlarm (HKLM-x32\...\AbAlarm_is1) (Version: 8.1 - Abelssoft)
Abelssoft Backup (HKLM-x32\...\Abelssoft Backup_is1) (Version: 4.0.5 - Abelssoft)
Acronis*True*Image*Home 2011 (HKLM-x32\...\{257D8E32-4971-4199-BE23-093A00A6DE91}) (Version: 14.0.5041 - Acronis)
Adobe Acrobat  9 Standard - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}) (Version: 9.5.5 - Adobe Systems)
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM-x32\...\{AC76BA86-1033-F400-BA7E-000000000004}_955) (Version:  - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.0.465 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe GoLive CS2 Deutsch (HKLM-x32\...\Adobe GoLive CS2 Deutsch) (Version: 8.0 - Ihr Firmenname)
Adobe InDesign CS2 (HKLM-x32\...\Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}) (Version: 004.000.000 - Adobe Systems Incorporated)
Adobe Photoshop Elements 13 (HKLM-x32\...\{609818B9-23EB-4196-B466-EFE05E92A32F}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
Air Display Support (HKLM\...\{F51E7212-5D41-4EFA-9E92-BF23C98EBD71}) (Version: 2.0.3.440 - Avatron Software, Inc)
Air Media Server 1.0.19 (HKLM-x32\...\{400007B6-409E-4C11-85DA-1D8C59EA432B}) (Version: 1.0.19 - App Dynamic)
Apple Application Support (32-Bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 12 v.12.0.5 (HKLM-x32\...\{91B33C97-93EB-244C-F687-71D85E45A206}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 7 v.7.0.9 (HKLM-x32\...\{C92AB6F1-9C93-0F51-ED50-15ABBCBDD142}_is1) (Version: 7.0.9 - Ashampoo GmbH & Co. KG)
Assistant 5.05.010 (HKLM-x32\...\Assistant) (Version: 5.5.10.0 - Medion)
Audials (HKLM-x32\...\{9116E9E6-E1F9-4835-95B8-31E7F158E9F7}) (Version: 10.0.50301.100 - Audials AG)
AxCrypt 1.7.2931.0 (HKLM\...\{E191812E-F3A0-4F87-98D9-DCD03321278D}) (Version: 1.7.2931.0 - Axantum Software AB)
Belkin Bluetooth Software (HKLM-x32\...\{90535871-81B9-4D99-8A13-A7EE97F2D7FE}) (Version: 3.0.1.912 - WIDCOMM, Inc.)
Boxcryptor 2.0 (HKLM-x32\...\{7719E084-D193-4AF1-B0E7-E347150EB76C}) (Version: 2.0.431.403 - Secomba GmbH)
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{982E1601-0DFC-4FD3-A427-AC6570697858}) (Version: 12.55.01 - Broadcom Corporation)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
CHIPDRIVE MyKey (HKLM-x32\...\CHIPDRIVE MyKey_CDInst21) (Version:  - Identive GmbH)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Computer Security 14.99.103.0 (release) (x32 Version: 14.99.103.0 - F-Secure Corporation) Hidden
concept/design onlineTV 8 (HKLM-x32\...\{D2AC7034-15AC-4F62-85BD-1E48021E45D6}_is1) (Version: 8.5.0.20 - concept/design GmbH)
DDBAC (HKLM-x32\...\{021BC94E-D464-4B9D-96F1-C6566B476A71}) (Version: 5.3.3 - DataDesign)
Designer 2.0 (HKLM-x32\...\Designer 2.0_is1) (Version: 7.9.4 - Fomanu AG)
DesignPro 5 (HKLM-x32\...\InstallShield_{AC610C8A-67CB-4633-9211-81A5E104FAD4}) (Version: 5.0.1056 - Avery Dennison)
DesignPro 5 (x32 Version: 5.0.1056 - Avery Dennison) Hidden
Deutsche Post E-Porto (HKLM\...\{AFEF38CC-13B4-45E9-AD68-1A842627B203}) (Version: 2.3.0 - Deutsche Post AG)
Dragon NaturallySpeaking 13 (HKLM-x32\...\{33EA20FB-5389-4938-BA59-2BCD9BB68F41}) (Version: 13.00.000 - Nuance Communications Inc.)
Dropbox (HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\Dropbox) (Version: 1.6.16 - Dropbox, Inc.)
DW 1525 Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 8.0 - Dell)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Evernote v. 5.8.3 (HKLM-x32\...\{404B3FB8-A820-11E4-83FC-00163E98E7D6}) (Version: 5.8.3.6507 - Evernote Corp.)
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Free Audio Editor version 1.0.8.128 (HKLM-x32\...\Free Audio Editor_is1) (Version: 1.0.8.128 - DVDVideoSoft Ltd.)
Free M4a to MP3 Converter 8.0 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
F-Secure (HKLM-x32\...\F-Secure ServiceEnabler 666) (Version: 2.15.358.0 - F-Secure Corporation)
F-Secure (x32 Version: 2.15.358.0 - F-Secure Corporation) Hidden
F-Secure CCF Reputation (x32 Version: 2.0.1337.0 - F-Secure) Hidden
F-Secure CCF Scanning 1.51.111.300 (release) (x32 Version: 1.51.111.300 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.02.141 (x32 Version: 1.02.141 - F-Secure Corporation) Hidden
F-Secure SafeSearch 1.03.159.0 (release) (x32 Version: 1.03.159.0 - F-Secure Corporation) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.06) (Version: 9.06 - Artifex Software Inc.)
GSview 5.0 (HKLM\...\GSview 5.0) (Version: 5.0 - Ghostgum Software Pty Ltd)
Hauppauge WinTV 7 (HKLM-x32\...\Hauppauge WinTV 7) (Version: v7.0.32211 (CD 3.7) - Hauppauge Computer Works)
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{AF43C18E-693D-4126-B190-8F55E3623D5D}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Incomedia WebSite X5 v11 - Evolution Demo (HKLM-x32\...\{F7565F59-64EE-41B6-B159-D7A6224F86F1}_is1) (Version: 11.0.2.14 - Incomedia s.r.l.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.2.50.1050 - Intel Corporation)
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
KeyDepot (HKLM\...\KeyDepot_is1) (Version: 3.00 - Abelssoft)
K-Lite Mega Codec Pack 9.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.2.0 - )
Launcher for Skype (HKLM-x32\...\{82799854-39DF-4EC3-8778-918CE0C81A3F}_is1) (Version: 1.6.8 - binaerkombinat)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Luminance HDR 2.3.0 (HKLM\...\{7020FC34-6E04-4858-924D-354B28CB2402}_is1) (Version:  - Luminance HDR Dev Team)
Macromedia Dreamweaver 4 (HKLM-x32\...\{ABDA9912-5D00-11D4-BAE7-9367CA097955}) (Version: 4.0 - Macromedia)
Macromedia Extension Manager (HKLM-x32\...\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}) (Version: 1.2 - Macromedia)
MAGIX Foto Manager MX Deluxe (HKLM-x32\...\MAGIX_{6E6FF6CD-9CF3-4434-BB5D-24943FD54FFC}) (Version: 9.0.2.251 - MAGIX AG)
MAGIX Foto Manager MX Deluxe (Version: 9.0.2.251 - MAGIX AG) Hidden
MAGIX Fotos auf DVD easy (HKLM-x32\...\MAGIX_{15551AB4-B400-4F56-8DC1-86655F329206}) (Version: 1.0.3.15 - MAGIX AG)
MAGIX Fotos auf DVD easy (Version: 1.0.3.15 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\{B1FEBE01-42BB-4D05-8180-6C5ABD91E97E}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare 4.3.6.1987 (D) (HKLM-x32\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Slideshow Maker 2 (HKLM-x32\...\MAGIX_{48897B17-3DD2-4BAA-A81D-4E4EA8E9FD51}) (Version: 2.0.1.9 - MAGIX AG)
MAGIX Slideshow Maker 2 (Version: 2.0.1.9 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{E35C4E27-2BA0-40D3-876E-6D3C28DE622D}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video deluxe 15 8.0.0.62 (D) (HKLM-x32\...\MAGIX Video deluxe 15 D) (Version: 8.0.0.62 - MAGIX AG)
MAGIX Video deluxe 17 Plus (HKLM-x32\...\MAGIX_MSI_Videodeluxe17_plus) (Version: 10.0.0.32 - MAGIX AG)
MAGIX Video deluxe 17 Plus (x32 Version: 10.0.0.32 - MAGIX AG) Hidden
MAGIX Video deluxe 2013 Plus (HKLM-x32\...\MAGIX_{2B9CA7F6-64A9-4346-9238-CDC3604A8D66}) (Version: 12.0.0.30 - MAGIX AG)
MAGIX Video deluxe 2013 Plus (Version: 12.0.0.30 - MAGIX AG) Hidden
MAGIX Video deluxe Plus 2013 Update (Version: 12.0.4.2 - MAGIX AG) Hidden
MailStore Home 7.1.0.7815 (HKLM-x32\...\MailStore Home_universal1) (Version: 7.1.0.7815 - MailStore Software GmbH)
Marketsplash Schnellzugriffe (HKLM-x32\...\{7A108EBC-C9DF-4E14-93A8-42CF316F1ECF}) (Version: 1.0.1.7 - Hewlett-Packard)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook 2010 (HKLM-x32\...\Office14.OUTLOOKR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft_VC100_CRT_x64 (HKLM\...\{17106CA8-E65A-4D02-95BE-79AF8C698935}) (Version: 1.0.0 - Microsoft)
MindManager X5 Pro (HKLM-x32\...\{49F4C76E-EB85-4977-BC20-73D17F862014}) (Version: 5.0.878 - Mindjet LLC)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 17.0.2 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.2 (x86 de)) (Version: 17.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
myEcho for Windows 1.0.0.2 (HKLM-x32\...\{AF26BC68-6024-42FA-BDCC-FB1609AB164E}_is1) (Version: 1.0.0.2 - Scott Hanselman and Greg Shackles)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
NetObjects Fusion 12.0 (HKLM-x32\...\{1FC5FB51-567F-484A-99C8-9420BD7A1069}) (Version: 12 German - NetObjects)
NetObjects Fusion 12.0 (x32 Version: 12.00.5000.5222 - NetObjects) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.2 - )
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-3911170492-2722250824-168465764-1000\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
NVIDIA 3D Vision Controller-Treiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.49 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.49 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5856 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
OGS Mahjong 1.1.0 (HKLM-x32\...\OGS Mahjong) (Version: 1.1.0 - Opensource Game Studio)
Online Safety 2.115.2783.1598 (x32 Version: 2.115.2783.1598 - F-Secure Corporation) Hidden
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Paragon Partition Manager™ 10.0 Professional (HKLM\...\{A35001F0-F1E4-11DD-A38B-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Fresh (HKLM-x32\...\PC Fresh_is1) (Version: 2014 - (Abelssoft) Ascora GmbH)
Philipp Winterberg - Namibia 2.00 (HKLM-x32\...\Philipp Winterberg - Namibia 2.00) (Version: 2.00 - Philipp Winterberg)
PhraseExpress v10.1.28 (HKLM-x32\...\PhraseExpress_is1) (Version: 10.1.28 - Bartels Media GmbH)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5953 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.) Hidden
SCR3xxx Smart Card Reader (HKLM-x32\...\{17B0906A-26ED-45D0-B51B-83EF1AADCCFE}) (Version: 8.52 - Identive)
Scribus 1.4.1 (HKLM-x32\...\Scribus 1.4.1) (Version: 1.4.1 - The Scribus Team)
Secunia PSI (3.0.0.7011) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7011 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-001A-0000-0000-0000000FF1CE}_Office14.OUTLOOKR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
simplitec simplicheck (HKLM-x32\...\{183D780B-28F9-41BA-A2CB-605F324A5781}) (Version: 1.3.10.0 - simplitec GmbH)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartTools Publishing • Outlook Ferien & Feiertags-Assistent 2014 (HKLM-x32\...\SmartToolsFerien & Feiertags-Assistent 2014v7.00) (Version: v7.00 - SmartTools Publishing)
StarMoney (x32 Version: 3.0.5.8 - StarFinanz) Hidden
StarMoney 8.0  (HKLM-x32\...\{889D72C6-0615-4D55-A010-2FC4B45905FF}) (Version: 8.0 - Star Finanz GmbH)
Studie zur Verbesserung von HP Officejet 6500 E710n-z Produkten (HKLM\...\{E8C633FD-8719-448F-9A55-F04CFDD53E67}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.0 - Krzysztof Kowalczyk)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64) (HKLM\...\{4A5A427F-BA39-4BF0-7777-9A47FBE60C9F}) (Version: 11.0.0 - Nuance Communications Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9603 - Broadcom Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinSCP 5.6.4 RC (HKLM-x32\...\winscp3_is1) (Version: 5.6.4 RC - Martin Prikryl)
WinX Free WMV to MP4 Converter 2.0.4 (HKLM-x32\...\WinX Free WMV to MP4 Converter_is1) (Version:  - Digiarty Software,Inc.)
Wuala CBFS (HKLM-x32\...\Wuala CBFS) (Version: 3.2.107.0 - LaCie)
Wuala OverlayIcons (HKLM-x32\...\Wuala OverlayIcons) (Version: 1.0.0.2 - LaCie)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3911170492-2722250824-168465764-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Wolf\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3911170492-2722250824-168465764-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wolf\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3911170492-2722250824-168465764-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wolf\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3911170492-2722250824-168465764-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wolf\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3911170492-2722250824-168465764-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wolf\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)

==================== Restore Points  =========================

11-02-2015 16:20:27 Konfiguriert Power2Go
11-02-2015 18:38:44 TuneUp Utilities 2014 wird entfernt
11-02-2015 18:40:39 TuneUp Utilities 2014 (de-DE) wird entfernt
12-02-2015 12:17:37 Windows Update
14-02-2015 15:23:13 Revo Uninstaller's restore point - Buzzdock
14-02-2015 15:29:51 Revo Uninstaller's restore point - Dealply
14-02-2015 15:33:41 Revo Uninstaller's restore point - QuickShare

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0021FC1F-3D19-4B38-9DDB-2E9866A74868} - System32\Tasks\AdvancedDriverUpdater_UPDATES => C:\Program Files (x86)\Advanced Driver Updater\adu.exe
Task: {21EF784C-8BF7-4FAC-8090-D3BC81F6A473} - System32\Tasks\PC Fresh => C:\Program Files (x86)\PC Fresh\PC Fresh.exe [2013-09-12] (Ascora GmbH)
Task: {3676996A-5784-4559-BB37-2D239BADDC0E} - System32\Tasks\{3A890FA0-7EC7-402D-8340-12EE6D15AA52} => pcalua.exe -a C:\Users\User\Downloads\template_calendar_basic(1).exe -d C:\Users\User\Downloads
Task: {55277DCC-F48D-4B65-8D19-EF861C63991A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05] (Google Inc.)
Task: {5ED12BD1-8BC3-487B-8BDA-AE809C7BF353} - System32\Tasks\Abelssoft\Alarm-ID_635316855851413413 => C:\Program Files (x86)\AbAlarm\AbAlarm.exe [2014-03-26] (Ascora GmbH)
Task: {6CF42AD4-1E63-4D87-AC00-C2A93A413248} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {6ED4D75F-2C06-4F1A-9362-DF6CAB7C5392} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3911170492-2722250824-168465764-1003UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2015-01-22] (Google Inc.)
Task: {71866212-21CC-4FC5-BD66-B4F8F7430E69} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9768CA0F-5F46-4F8E-8814-301ED1B8D176} - System32\Tasks\{9530C331-4651-4E3A-A8AE-46F6BF606984} => pcalua.exe -a C:\Users\User\Dropbox\Apps\puffinbrowser\Install_CopyTrans_Suite.exe -d C:\Users\User\Dropbox\Apps\puffinbrowser
Task: {9FE32A53-60B7-48B7-939B-AA732B376CE2} - System32\Tasks\{82427CB5-55D4-49A7-A5A7-6970ED20B4D7} => pcalua.exe -a C:\Users\User\Downloads\templates_calendar_collection_full.exe -d C:\Users\User\Downloads
Task: {A157B0AA-4D3D-4711-9372-691BB1E9B47A} - System32\Tasks\AdobeAAMUpdater-1.0-Wolf-PC-Wolf => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {BC175EB6-96D3-4726-8A1E-DC017DEAFCDC} - System32\Tasks\AbelssoftBackupStart => C:\Program Files (x86)\Abelssoft Backup\Backup.exe [2014-01-10] (Ascora GmbH)
Task: {C0DC6A49-41ED-40A4-BA9F-C517514420C6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3911170492-2722250824-168465764-1003Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2015-01-22] (Google Inc.)
Task: {C7FFEADB-FA74-4F3C-AD3C-F528AF3FDD16} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {C8A71770-AFC0-4662-8EC9-7D5BCBC9E519} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {DB58355C-6BE4-48B6-95B5-2CD176D27DB0} - System32\Tasks\AdobeAAMUpdater-1.0-Wolf-PC-User => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {E1550AB5-40B4-4B1D-B806-C46BDAD2257E} - System32\Tasks\HpWebReg.exe => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HpWebReg.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {E84DF6E3-02FD-41C2-BBE7-E4132E405786} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05] (Google Inc.)
Task: C:\Windows\Tasks\AbelssoftBackupStart.job => C:\Program Files (x86)\Abelssoft Backup\Backup.exe
Task: C:\Windows\Tasks\AdvancedDriverUpdater_UPDATES.job => C:\Program Files (x86)\Advanced Driver Updater\adu.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3911170492-2722250824-168465764-1003Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3911170492-2722250824-168465764-1003UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PC Fresh.job => C:\Program Files (x86)\PC Fresh\PC Fresh.exe

==================== Loaded Modules (whitelisted) ==============

2013-09-06 14:34 - 2013-06-21 11:23 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-25 09:55 - 2013-08-25 09:55 - 00860160 _____ () C:\Program Files\Avatron\Air Display\libGLESv2.dll
2013-08-25 10:10 - 2013-08-25 10:10 - 01043968 _____ () C:\Program Files\Avatron\Air Display\platforms\qwindows.dll
2013-08-25 09:56 - 2013-08-25 09:56 - 00052736 _____ () C:\Program Files\Avatron\Air Display\libEGL.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2014-12-19 15:57 - 2014-12-19 15:57 - 05979808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-12-19 15:57 - 2014-12-19 15:57 - 01039008 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-10-29 11:40 - 2013-11-26 10:58 - 00045608 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\FSAVHRES.eng
2013-12-11 14:35 - 2013-12-11 14:35 - 00220200 _____ () C:\Program Files (x86)\F-Secure\daas2.dll
2014-09-21 15:45 - 2011-08-23 10:04 - 00057344 _____ () C:\Program Files (x86)\WinTV\TVServer\libhdhomerun.dll
2014-09-21 15:45 - 2014-02-14 09:59 - 00025600 _____ () C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServerps.dll
2013-02-20 10:01 - 2011-01-13 11:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 8.0\ouservice\PATCHW32.dll
2014-10-25 18:23 - 2014-09-09 11:25 - 00271192 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Snap 7\CrashRpt1402.dll
2014-10-25 18:23 - 2014-09-09 11:25 - 00040792 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Snap 7\MouseHook.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2004-10-01 14:13 - 2004-10-01 14:13 - 00053248 _____ () C:\Program Files (x86)\Belkin\Bluetooth Software\btkeyind.dll
2003-01-22 18:29 - 2003-01-22 18:29 - 00024576 ____R () C:\Program Files (x86)\Mindjet\MindManager 5\sys\PDF\GER\W2K\fmt_jb2.dll
2003-01-23 14:55 - 2003-01-23 14:55 - 00018944 ____R () C:\Program Files (x86)\Mindjet\MindManager 5\sys\PDF\GER\W2K\fmt_xcx.dll
2003-04-27 16:02 - 2003-04-27 16:02 - 00011264 ____R () C:\Program Files (x86)\Mindjet\MindManager 5\sys\PDF\GER\W2K\fmt_xmf.dll
2003-02-05 16:22 - 2003-02-05 16:22 - 00017920 ____R () C:\Program Files (x86)\Mindjet\MindManager 5\sys\PDF\GER\W2K\xc_local.dll
2013-03-02 19:33 - 2014-03-26 17:50 - 00457512 _____ () C:\Program Files (x86)\PhraseExpress\pexlang.dll
2012-10-29 11:40 - 2013-11-26 10:58 - 00056360 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\FSGUI\fsavures.eng
2012-10-29 11:40 - 2013-11-26 10:58 - 00154664 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\FSGUI\flyerres.eng
2013-06-13 09:20 - 2009-02-27 16:39 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.deu
2013-06-13 09:20 - 2009-02-27 16:32 - 00020480 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\AcroTray.FRA
2014-04-01 20:45 - 2014-04-01 20:45 - 00592936 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.79_none_b59ec33311fcd586\QtMultimediaKit1.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2015-01-07 21:27 - 2015-01-07 21:27 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2014-10-16 10:15 - 2014-10-16 10:15 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2012-10-29 11:44 - 2012-10-29 11:44 - 00030888 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll
2012-10-29 11:40 - 2014-02-24 17:58 - 00212008 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Spam Control\fsas.dll
2015-01-07 21:27 - 2015-01-07 21:27 - 00746160 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll
2015-01-07 21:27 - 2015-01-07 21:27 - 00136368 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libegl.dll
2015-02-06 14:01 - 2015-02-04 10:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
2015-02-06 14:01 - 2015-02-04 10:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
2015-02-06 14:01 - 2015-02-04 10:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
2015-02-06 14:01 - 2015-02-04 10:02 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3911170492-2722250824-168465764-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Wolf\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-3911170492-2722250824-168465764-500 - Administrator - Disabled)
Gast (S-1-5-21-3911170492-2722250824-168465764-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-3911170492-2722250824-168465764-1002 - Limited - Enabled)
User (S-1-5-21-3911170492-2722250824-168465764-1003 - Limited - Enabled) => C:\Users\User
Wolf (S-1-5-21-3911170492-2722250824-168465764-1000 - Administrator - Enabled) => C:\Users\Wolf

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU 880 @ 3.07GHz
Percentage of memory in use: 38%
Total physical RAM: 8151.08 MB
Available physical RAM: 5044.82 MB
Total Pagefile: 16300.34 MB
Available Pagefile: 12385.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:443.13 GB) (Free:142.65 GB) NTFS
Drive d: (Daten) (Fixed) (Total:488.28 GB) (Free:403.76 GB) NTFS
Drive x: (HP OJ6500_E710nz) (CDROM) (Total:0.29 GB) (Free:0 GB) CDFS
Drive z: (32_00_00) (Fixed) (Total:931.51 GB) (Free:382.9 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 32E67CEA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=443.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 931.5 GB) (Disk ID: C64DC1DA)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 14.02.2015, 17:38   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7 (64): positive find ads - Standard

Win7 (64): positive find ads



FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
CHR StartupUrls: Default -> "http://www.google.com/", "http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=hp&installDate=16/10/2013"
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3911170492-2722250824-168465764-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} ->  No File
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} ->  No File
HKLM-x32\...\Run: [] => [X]
EmptyTemp:
Hosts:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 14.02.2015, 18:23   #11
Wolf99
 
Win7 (64): positive find ads - Standard

Win7 (64): positive find ads



So, hier die Datei Fixlog.txt.

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-02-2015
Ran by Wolf at 2015-02-14 18:03:33 Run:1
Running from C:\Users\Wolf\Desktop
Loaded Profiles: Wolf (Available profiles: Wolf & User & Gast)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=hp&installDate=16/10/2013"
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3911170492-2722250824-168465764-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} ->  No File
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} ->  No File
HKLM-x32\...\Run: [] => [X]
EmptyTemp:
Hosts:
         
*****************

Chrome StartupUrls deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-3911170492-2722250824-168465764-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found. 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}" => Key deleted successfully.
"HKCR\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}" => Key deleted successfully.
"HKCR\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}" => Key deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 12.4 GB temporary data.


The system needed a reboot. 

==== End of Fixlog 18:05:22 ====
         

Alt 14.02.2015, 18:25   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7 (64): positive find ads - Standard

Win7 (64): positive find ads



Okay, dann Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 16.02.2015, 10:33   #13
Wolf99
 
Win7 (64): positive find ads - Standard

Win7 (64): positive find ads



So, hier kommen die nächsten Logs:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 15.02.2015
Suchlauf-Zeit: 17:49:13
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.02.15.03
Rootkit Datenbank: v2015.02.03.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Wolf

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 463729
Verstrichene Zeit: 12 Min, 28 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 12
PUP.Optional.Snapdo.T, HKU\S-1-5-21-3911170492-2722250824-168465764-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, In Quarantäne, [3c83ee30a8e257dfbc81f450cb3829d7], 
PUP.Optional.Snapdo.T, HKU\S-1-5-21-3911170492-2722250824-168465764-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, In Quarantäne, [3c83ee30a8e257dfbc81f450cb3829d7], 
PUP.Optional.QuickShare.A, HKU\S-1-5-21-3911170492-2722250824-168465764-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantäne, [17a836e8216940f6ed580f31ce354db3], 
PUP.Optional.QuickShare.A, HKU\S-1-5-21-3911170492-2722250824-168465764-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantäne, [17a836e8216940f6ed580f31ce354db3], 
PUP.Optional.QuickShare.A, HKU\S-1-5-21-3911170492-2722250824-168465764-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantäne, [17a836e8216940f6ed580f31ce354db3], 
PUP.Optional.QuickShare.A, HKU\S-1-5-21-3911170492-2722250824-168465764-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantäne, [17a836e8216940f6ed580f31ce354db3], 
PUP.Optional.DealPly.A, HKU\S-1-5-21-3911170492-2722250824-168465764-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}, In Quarantäne, [a01f32ec3753b383bcdc55b9986b3ac6], 
PUP.Optional.DealPly.A, HKU\S-1-5-21-3911170492-2722250824-168465764-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}, In Quarantäne, [a01f32ec3753b383bcdc55b9986b3ac6], 
PUP.Optional.DealPly.A, HKU\S-1-5-21-3911170492-2722250824-168465764-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}, In Quarantäne, [a01f32ec3753b383bcdc55b9986b3ac6], 
PUP.Optional.DealPly.A, HKU\S-1-5-21-3911170492-2722250824-168465764-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}, In Quarantäne, [a01f32ec3753b383bcdc55b9986b3ac6], 
PUP.Optional.DealPly.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DealPlyLive, In Quarantäne, [6e511509a5e53ef8a338985757ad41bf], 
PUP.Optional.DealPly.A, HKU\S-1-5-21-3911170492-2722250824-168465764-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DealPlyLive, In Quarantäne, [19a627f72b5ff73fc318d11ed72d8a76], 

Registrierungswerte: 2
PUP.Optional.Snapdo.T, HKU\S-1-5-21-3911170492-2722250824-168465764-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {006ee092-9658-4fd6-bd8e-a21a348e59f5}, In Quarantäne, [09b68698dcae5bdb10b5832eee15d52b]
PUP.Optional.SmartBar.A, HKU\S-1-5-21-3911170492-2722250824-168465764-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Browser Infrastructure Helper, C:\Users\Gast\AppData\Local\Smartbar\Application\QuickShare.exe startup, In Quarantäne, [635c2fef2c5e3cfa290d9459db29a45c]

Registrierungsdaten: 5
PUP.Optional.Snapdo, HKU\S-1-5-21-3911170492-2722250824-168465764-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&q={searchTerms}&installDate=16/10/2013, Gut: (www.google.com), Schlecht: (hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&q={searchTerms}&installDate=16/10/2013),Ersetzt,[0db2e33b2169d5610c2e2f91957042be]
PUP.Optional.Snapdo, HKU\S-1-5-21-3911170492-2722250824-168465764-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&q={searchTerms}&installDate=16/10/2013, Gut: (www.google.com), Schlecht: (hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&q={searchTerms}&installDate=16/10/2013),Ersetzt,[5b64ce505238cc6a142900c06c997d83]
PUP.Optional.Snapdo, HKU\S-1-5-21-3911170492-2722250824-168465764-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&q={searchTerms}&installDate=16/10/2013, Gut: (www.google.com), Schlecht: (hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&q={searchTerms}&installDate=16/10/2013),Ersetzt,[0eb1aa748a001b1b55e50db3fe07936d]
PUP.Optional.Snapdo, HKU\S-1-5-21-3911170492-2722250824-168465764-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&q={searchTerms}&installDate=16/10/2013, Gut: (www.google.com), Schlecht: (hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&q={searchTerms}&installDate=16/10/2013),Ersetzt,[af10839b7a1075c11c228a3609fcdb25]
PUP.Optional.Snapdo, HKU\S-1-5-21-3911170492-2722250824-168465764-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&q={searchTerms}&installDate=16/10/2013, Gut: (www.google.com), Schlecht: (hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=fa0a40a2-e660-4017-b374-49e155d7ea9a&searchtype=ds&q={searchTerms}&installDate=16/10/2013),Ersetzt,[e0df8896d3b796a02c11f3cd966fea16]

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 10
PUP.Optional.Bunndle, C:\Program Files\CamStudio 2.7\BunndleOfferManager.exe, In Quarantäne, [457abf5f99f1c670650ad9849d6324dc], 
PUP.Optional.DownloadSponsor, C:\Users\User\Downloads\spartipp-haushaltsbuch-1-8.exe, In Quarantäne, [7e41e836fc8ec27450201061fa0bca36], 
PUP.Optional.OpenCandy, C:\Users\User\Downloads\AxCrypt-1.7.2931.0-Setup.exe, In Quarantäne, [546b41dd1a70df57a18fb7303ec7b64a], 
PUP.Optional.InstallCore, C:\Users\User\Downloads\4musics.exe, In Quarantäne, [f4cb2af4a9e12b0b762492c31fe27987], 
PUP.Optional.InstallCore, C:\Users\User\Downloads\adobe-digital-editions.exe, In Quarantäne, [9b240d11bad0bb7b4ada204e01043cc4], 
PUP.Optional.Softonic.A, C:\Users\User\Downloads\SoftonicDownloader_fuer_axcrypt.exe, In Quarantäne, [8c3326f868220333dfa955f27e8337c9], 
PUP.Optional.InstallCore.A, C:\Users\Wolf\Downloads\CamStudioSetup_v2.7.2.exe, In Quarantäne, [dce346d8602ab28493cc15fe3ec4c53b], 
PUP.Optional.Softonic.A, C:\Users\Wolf\Downloads\SoftonicDownloader_fuer_picasa.exe, In Quarantäne, [8d3240deb1d9f145f39568df18e99a66], 
PUP.Optional.QuickShare.A, C:\Users\User\AppData\Local\DownloadAssist\Offers\QuickShare1.exe, In Quarantäne, [00bfc856e0aa48eee408d44ccc34b050], 
PUP.Optional.SnapDo.A, C:\Windows\Installer\17f81f.msi, In Quarantäne, [0bb474aa6525b3832f61b9f2d0319070], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=f97024890a563842986e7f304ab7fade
# engine=22482
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-02-15 11:44:04
# local_time=2015-02-16 12:44:04 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 45930843 175673694 0 0
# scanned=537120
# found=106
# cleaned=0
# scan_time=22493
sh=0B668FB944E12DF552E44B9081DCB9946DBCAEE4 ft=1 fh=66a967231e0799d1 vn="Variante von Win32/Systweak.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced Driver Updater\adu.exe.vir"
sh=4C8337C919D0C81320F475784E5AB1F917F93B4A ft=1 fh=3c6905b182c7351f vn="Variante von Win32/Systweak.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced Driver Updater\aduuninstall.exe.vir"
sh=F408D7A985D604EB353C9E686AD1AE96A14B5EAF ft=1 fh=15c8ea0dc0006ef7 vn="Variante von Win32/BrowseFox.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\updater.bak.vir"
sh=8B54D68883B54C902E517D64D92105BC222BEF1D ft=1 fh=6fa08a25d4a573da vn="Variante von Win32/BrowseFox.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\updater.exe.vir"
sh=5339ABEE428B92A04DF04A1D1B81896A68CF7CBD ft=0 fh=0000000000000000 vn="Win32/DealPly.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPly.crx.vir"
sh=B93A611E29C3BD6E13E9F3A2BD98F17EED127102 ft=0 fh=0000000000000000 vn="Win32/DealPly.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPly.xpi.vir"
sh=2D6B1EC0EFA47C992C32AD9CECFB0EC4543ACA0A ft=1 fh=7076499debea4e9c vn="Variante von Win32/DealPly.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyUpdateVer.exe.vir"
sh=0F081DBA3288108E77AA7797D5EE28B077C43B88 ft=1 fh=827545bc3cf01bf5 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe.vir"
sh=0F081DBA3288108E77AA7797D5EE28B077C43B88 ft=1 fh=827545bc3cf01bf5 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLive.exe.vir"
sh=0F081DBA3288108E77AA7797D5EE28B077C43B88 ft=1 fh=827545bc3cf01bf5 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveHandler.exe.vir"
sh=A658B92B519F7898937EE2AE8CF53A62F620C923 ft=1 fh=7f9bfa912e5e181c vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdate.dll.vir"
sh=6D00C85C60CAF98D39E5CD07AACE53C757A99C49 ft=1 fh=ed4a7cab0d6835d6 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ru.dll.vir"
sh=7489D541CA03F640A02B20A33A88C70691D689D5 ft=1 fh=5216003ac57facf4 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir"
sh=0652CF8AA5ACCADDDD31EE32521742F0CF6A62B0 ft=1 fh=6730b7aa2ee36939 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\psmachine.dll.vir"
sh=BF265371BAACB4EC1F33B801676B3C981C7DEB10 ft=1 fh=65f02b0d06ed4e18 vn="Variante von Win32/BrowseFox.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugincontainer.bak.vir"
sh=3EF9034F5F7BB7BB97D01D9A34B1B043CF970D96 ft=1 fh=434b49abbb42c04d vn="Variante von Win32/BrowseFox.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugincontainer.exe.vir"
sh=C4FFF4CCD0A33221574BB270140251F2738082B2 ft=1 fh=e065184dc8f5370d vn="Variante von Win32/BrowseFox.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\3\Plugin.exe.vir"
sh=F43CA0564BE82BC2619DF0AA73487194B44DF301 ft=1 fh=f789de418bf24965 vn="Variante von Win32/BrowseFox.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\3bak\Plugin.exe.vir"
sh=822762DA92CA1D425C347DCCA7188D3CBA087A96 ft=1 fh=2267ecf571dda35b vn="Win32/BrowseFox.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\4\Plugin.exe.vir"
sh=1CC7FB331854BF0B10F51D33278A378E2CEDDB30 ft=1 fh=1667748edb8effd6 vn="Win32/BrowseFox.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\4bak\Plugin.exe.vir"
sh=D5F9525A86304D61D4FEB58C4E8785CD9D55E248 ft=1 fh=46a6f57e1a57b219 vn="Variante von Win32/BrowseFox.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\5\Plugin.exe.vir"
sh=ED1059DA162FF39C8E833556BC9C8C913CFD8CFD ft=1 fh=ddb26ada8e4ae02c vn="Variante von Win32/BrowseFox.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\5bak\Plugin.exe.vir"
sh=653421A384FF25CB9063993A35D457641E08163A ft=1 fh=cba3c73216e4275e vn="Variante von Win32/BrowseFox.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\8\Plugin.exe.vir"
sh=EC3CB0680E963BDCE0DB4984F3ECF3B4E49EBEDB ft=1 fh=f21796289f7ad7d6 vn="Variante von Win32/BrowseFox.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\8bak\Plugin.exe.vir"
sh=8990E276CAA3CF2ED2209CBF57913165E8E340AD ft=1 fh=938c9632c995d755 vn="Variante von MSIL/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\BrowserHelper.exe.vir"
sh=A2B585B74CE69BE4BD1E10E08A1F96B21A0B8CB6 ft=1 fh=4e6c174265a6a556 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Interop.SHDocVw.dll.vir"
sh=070F0EF16B1870B20C482FA44EEBE8294F23A9A9 ft=1 fh=2eb7a04530ad975e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\MACTrackBarLib.dll.vir"
sh=21C6BD07C36AC3C681F93FFB573C30F2C606DC3F ft=1 fh=37a0abbf9b55f981 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\NDde.dll.vir"
sh=B17BDD9A791CC884A0C340D74FC40D53C11A96C1 ft=1 fh=541488a5ad412f96 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Newtonsoft.Json.dll.vir"
sh=8D305D5A743C4FA6193FC21FD3341698332FA128 ft=1 fh=067245ea1f058098 vn="Variante von Win32/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\QuickShare.exe.vir"
sh=B64AEE904CDE1749CE7EA1D917C0A1E5D48DA3BC ft=1 fh=514902572a97660f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll.vir"
sh=24F80D0093FBC348E1DD4DC668B778E647D4C976 ft=1 fh=8cb54be7ec2f0bdb vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll.vir"
sh=F88A3C1636FF8B51AA1FAB5BF185A196562A6FCA ft=1 fh=f29543b6b4e93ad4 vn="Variante von Win32/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll.vir"
sh=729105B22149AAF88493E60F9F5A6792EFC80C78 ft=1 fh=d346a96f69bff003 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll.vir"
sh=A80B229DF2FA04B6BC5C7D7A47F2755EA3843AF6 ft=1 fh=d52ed53f52f9438a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll.vir"
sh=84D1910DEC5C3FABFD1E1D44841259E7F5FE7A54 ft=1 fh=c44c8e31de4f5cf2 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll.vir"
sh=FA906415E199EBEF0A19DA0986B5A893DD0B4959 ft=1 fh=32aea522a4a49f3b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll.vir"
sh=C68CAEED0189A8CC3ED0DD861033A113F0B7055F ft=1 fh=fe0e02f5d66bbd56 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.Base.dll.vir"
sh=4D01F3A72C792D23C2AC483D8F616706CBA86E57 ft=1 fh=3e4b5be84ac3f79a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll.vir"
sh=F27791C7915CC30B27ECA57AAF06D0E0D25BC09D ft=1 fh=84cdce3c65118ae1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.DefaultBrowser.dll.vir"
sh=A649D0044923FA0780913912485B812BBE464726 ft=1 fh=7b9159063eee9b42 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll.vir"
sh=5340D7875DFB8A55C23D3E9A5E52E2930388AC68 ft=1 fh=83dfdf4f25571383 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll.vir"
sh=63A154FA3956A42D257DAA5F4A2FC3326AFA3CF4 ft=1 fh=a7b6901cd7f62787 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ShareManagerLocalPlugin.dll.vir"
sh=37DEA2DE9DD5AC6EE15198160AA74835D5B64B4A ft=1 fh=2de7094191406f20 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll.vir"
sh=BF92DD0CB2C6355E29756B94D4F1868C17047823 ft=1 fh=a6ab022afad9e54c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessEntities.dll.vir"
sh=662A11BE1087BB9F3F397294B5296F275F334A01 ft=1 fh=b4ca62093e1ba8f6 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll.vir"
sh=3B9C0A0859685B6FC5BCA2A9074B693419E7452D ft=1 fh=b0a84723e8ab01f7 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll.vir"
sh=2E24B96C6CCE9A64DEAF2985663FFC202F305E26 ft=1 fh=137bf65d41a7b0e1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Personalization.Settings.PersonalizationSettingsManager.dll.vir"
sh=82777106EA45BB35964B2D96F1CC162F82B2D4F7 ft=1 fh=317270a10cb1140f vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Personalization.Settings.PublisherSettingsManager.dll.vir"
sh=3539EE5A4F2DFF2B2BB7B44D8BA2530B26CC07A6 ft=1 fh=f2889898a5483011 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Personalization.Settings.UserSettingsManager.dll.vir"
sh=33CBECF595EC2352AA6ADF45210C2A811092A29F ft=1 fh=cd5bff7f28956953 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll.vir"
sh=63368DE3C80EA6661DCC540F3E71B6F774AC56F6 ft=1 fh=2f9bb30bb76cc95f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.BrowserHelperUtils.dll.vir"
sh=0A62394F6C8912C5461507153F7084E8D1AA26C2 ft=1 fh=6d993863a49d2b20 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.GeneralUtilities.dll.vir"
sh=F9DB06B27441D96BEABDB9DB548EEA683442A753 ft=1 fh=4508ccec1153f725 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll.vir"
sh=5492FE0DA2E9F29F8008916C5D83B727930B4A53 ft=1 fh=802a037d81e6c97c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll.vir"
sh=F6A20C5EB7369E2878E23540A94D7BD6ACD6D437 ft=1 fh=2403be0b577fc584 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.NetSeer.dll.vir"
sh=3B4FC42A542441B5727F10B4910EF1CDE4FACD53 ft=1 fh=0354afc6c5a6c2d5 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll.vir"
sh=443BCB73249D73F6650D7D89416CD70F44FCEEBE ft=1 fh=1880b86997065064 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.ProductsRemovalLibary.dll.vir"
sh=28ED102EB58DA8F22E7D73D3040E46E8B1D45EF1 ft=1 fh=62ae878b03043e2f vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.ProductUninstaller.dll.vir"
sh=DADC791B713F8F9F2D51421C80533E0CD59BAB94 ft=1 fh=f4cac559f4370f47 vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.SetBrowsersSettings.dll.vir"
sh=24BA4E2BBD5136FFECFED26323FE8A72F7F2738F ft=1 fh=39224725b94bb06e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.SetBrowsersSettingsAutoUpdater.dll.vir"
sh=EB1782B2723D8EE10249597059C3C3B36D6201AC ft=1 fh=c3052f775fd58929 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.ShortcutsLibrary.dll.vir"
sh=74686000C2D33B8AC91E835A1BD4FB69FE2923A3 ft=1 fh=b49770d7bfa93155 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.SideBySide.dll.vir"
sh=8F8C37FF51527ACA1DB9A1680CB0281B89F0FFED ft=1 fh=ec30a536e181f5ec vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll.vir"
sh=3BD0FB8092AEF7E95531C37432DC224055624676 ft=1 fh=6501640a08136ae6 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll.vir"
sh=CBF9AF7E8DED8C1B4314E263137D72583E662BFD ft=1 fh=8794e8c87b304c6a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.Translations.dll.vir"
sh=B79F217C622C0B5B6DAA19B3C74D2F087A1CFD3A ft=1 fh=a7b9390926b62c50 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.UninstallScreen.dll.vir"
sh=F9389F48421E4A22F80A3BFC646050D4570D2FA1 ft=1 fh=7f35a7f5e0568bba vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.UrlHistorySupplier.dll.vir"
sh=CC8B6A07E8F48C236194745F3C1212AB10B8A0FC ft=1 fh=16dfeb9c8f4444db vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.Utilities.dll.vir"
sh=8F2E7716BE9E1C71D5215CE4BE5EC926483C7AD8 ft=1 fh=77c79c9f87e268d9 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir"
sh=8F2E7716BE9E1C71D5215CE4BE5EC926483C7AD8 ft=1 fh=77c79c9f87e268d9 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir"
sh=866D243BC86FE5FC60209F450E20EC9B095F9030 ft=1 fh=992f160aaecfc783 vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir"
sh=866D243BC86FE5FC60209F450E20EC9B095F9030 ft=1 fh=992f160aaecfc783 vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir"
sh=4E1859C68B485319F073A43575C1FF619AA1E82E ft=1 fh=ae77c318e1a23889 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe.vir"
sh=A6FD149D506F3EE6FFD460BECEDF628AACD3CAF1 ft=1 fh=c2e118c96fb78a0e vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir"
sh=22F6244F7101C7606598B297999FD61CF74DE280 ft=1 fh=6fa47544827ee62a vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\ar\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=E8A59ACD6A0C80D97C8ADF0DA29C75ADD6E415DD ft=1 fh=e4761d541f40a67f vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=0FCFEC24FD73D4F15567BD261E70673B485986FC ft=1 fh=17fac77928ecd0af vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\es\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=EF4529F6D6ED96A1615BE1F2BA541BACA5844190 ft=1 fh=dab3c819e78cf271 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=52EC8EA3384AFADB66589E275EB894B4924CB652 ft=1 fh=fc2f9713cd4001d7 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\he\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=C7E054C7BA58AE2D703DB29C52346A3ED84FEF57 ft=1 fh=53532950b9749a4f vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_20.dll.vir"
sh=C546BA3CA78F93EB65DCCEA191BC40B9F940E2EA ft=1 fh=6fd80785d353cf5d vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_21.dll.vir"
sh=7C15DA5A80F24F0383C992CFB03CF68E95A464B1 ft=1 fh=be427aaf403ae2ff vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_22.dll.vir"
sh=95544372D9D68E8AFAE5E9DA8B07C14CE5406ABB ft=1 fh=dd489ec711c15129 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_23.dll.vir"
sh=BA8871127FB23B24A8963B6A5992DED58259E590 ft=1 fh=65df87dcc97c6ea8 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_24.dll.vir"
sh=400E3ACE4D1F8D697919AA7B1F941E8CDD2FC735 ft=1 fh=02362f902529ea69 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\it\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=59093E1D20DC233C5116B3C03DF1367A088B1536 ft=1 fh=eadc1f3a0144d9ec vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\nl\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=A24E0308386680857DE0CF2FA0EB1BC60B93E303 ft=1 fh=54e672e8b7a42c53 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\pt\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=AB2D4EF9EC062B299201D91662B199F821E5A850 ft=1 fh=b457e29583ba1fa6 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\ru\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=BCDC173F925130FFD31E9BF0D11377076FCAB3DF ft=1 fh=d2bc47b1b9271ad1 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\tr\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=C454D15B75DADFDA42FC58C76D2FF72212A9A213 ft=1 fh=53b864a121d00884 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.DMP.dll.vir"
sh=DAB495D4C36C18A1547F938BB95DE9AE37B6B737 ft=1 fh=8e57c39575e4e045 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.MessengerPlugin.dll.vir"
sh=238D68911D5B3614CC0D6D2A8E7AE76AE515B811 ft=1 fh=c7731cdd54332ea7 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.NotepadPlugin.dll.vir"
sh=76B151721539533DD63E01CB2F175ADB5DAE9409 ft=1 fh=142af487ae64d514 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.ScreenCapturePlugin.dll.vir"
sh=391A8B6792FEDD4D711BA3A117ED039BFBAD8D6F ft=1 fh=bcc98d01cbefe114 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.UninstallProductsPlugin.dll.vir"
sh=95DBF48C3F1B9F0175A7BBB3578E1CB2F8C57ADB ft=1 fh=f0f560a5a66a039a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WeatherPlugin.dll.vir"
sh=7BCC2AD191C8751897858F205B9CBA2FAC4BA519 ft=1 fh=a6ff2d0b145de3f5 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WordPlugin.dll.vir"
sh=16068B8977B4DC562AE782D91BC009472667E331 ft=1 fh=c3b5a87b7d152749 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Temp\OCS\ocs_v71a.exe.vir"
sh=BB56C012D1320388514575B2C95EB14922AD5E46 ft=1 fh=7c81f3fa14a3e2bc vn="Variante von Win32/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Temp\Smartbar\b43d7ddb-8f1d-40dd-96b5-a920c18a2876\QuickObrw.exe.vir"
sh=9CA4774891E9538150DBC295BC303D11173CE7FB ft=0 fh=0000000000000000 vn="Win32/DealPly.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\img9ts5g.default\Extensions\{906000A4-88D9-4D52-B209-7A772970D91F}\chrome\content\dealplyshopping.xul.vir"
sh=8A3DA8FB53582A141FA6E789414FF85925FCB49B ft=1 fh=3d4517e6bcadc197 vn="Variante von Win32/Systweak.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Downloads\adusetup_ashampoo.exe"
sh=32363875A3E277A03447EC35855D754742849307 ft=1 fh=f06ed60b456de3a1 vn="Variante von Win32/DownloadGuide.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Downloads\azu_mro_13.9.13_CB-DL-Manager.exe"
sh=D039CBE0EF3C5F37F1219821DCA4373CB4E709A8 ft=1 fh=39d64ba8a4558427 vn="Win32/Somoto.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Downloads\m4a-to-mp3-converter.exe"
sh=16BED9BA805EABF0596E4EDB29BE28B885C79B68 ft=1 fh=f68f46d8f5ef0b94 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Dropbox\Public\SoftonicDownloader_fuer_google-calendar-sync.exe"
sh=14EB4FC8E2471462F0F1D178BEF47B4BCC6AA60D ft=1 fh=287220d4d394cc07 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll"
sh=8237F6391EACA07CBB9C5DEDABAB9AB3EC7B64BA ft=1 fh=d5199cb279894a35 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="D:\downloads\ashampoo_snap_3_3.31_sm.exe"
         
ESET-log.txt nochmal (vielleicht nicht vollständig übertragen):

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=f97024890a563842986e7f304ab7fade
# engine=22482
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-02-15 11:44:04
# local_time=2015-02-16 12:44:04 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 45930843 175673694 0 0
# scanned=537120
# found=106
# cleaned=0
# scan_time=22493
sh=0B668FB944E12DF552E44B9081DCB9946DBCAEE4 ft=1 fh=66a967231e0799d1 vn="Variante von Win32/Systweak.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced Driver Updater\adu.exe.vir"
sh=4C8337C919D0C81320F475784E5AB1F917F93B4A ft=1 fh=3c6905b182c7351f vn="Variante von Win32/Systweak.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced Driver Updater\aduuninstall.exe.vir"
sh=F408D7A985D604EB353C9E686AD1AE96A14B5EAF ft=1 fh=15c8ea0dc0006ef7 vn="Variante von Win32/BrowseFox.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\updater.bak.vir"
sh=8B54D68883B54C902E517D64D92105BC222BEF1D ft=1 fh=6fa08a25d4a573da vn="Variante von Win32/BrowseFox.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\updater.exe.vir"
sh=5339ABEE428B92A04DF04A1D1B81896A68CF7CBD ft=0 fh=0000000000000000 vn="Win32/DealPly.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPly.crx.vir"
sh=B93A611E29C3BD6E13E9F3A2BD98F17EED127102 ft=0 fh=0000000000000000 vn="Win32/DealPly.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPly.xpi.vir"
sh=2D6B1EC0EFA47C992C32AD9CECFB0EC4543ACA0A ft=1 fh=7076499debea4e9c vn="Variante von Win32/DealPly.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyUpdateVer.exe.vir"
sh=0F081DBA3288108E77AA7797D5EE28B077C43B88 ft=1 fh=827545bc3cf01bf5 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe.vir"
sh=0F081DBA3288108E77AA7797D5EE28B077C43B88 ft=1 fh=827545bc3cf01bf5 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLive.exe.vir"
sh=0F081DBA3288108E77AA7797D5EE28B077C43B88 ft=1 fh=827545bc3cf01bf5 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveHandler.exe.vir"
sh=A658B92B519F7898937EE2AE8CF53A62F620C923 ft=1 fh=7f9bfa912e5e181c vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdate.dll.vir"
sh=6D00C85C60CAF98D39E5CD07AACE53C757A99C49 ft=1 fh=ed4a7cab0d6835d6 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ru.dll.vir"
sh=7489D541CA03F640A02B20A33A88C70691D689D5 ft=1 fh=5216003ac57facf4 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir"
sh=0652CF8AA5ACCADDDD31EE32521742F0CF6A62B0 ft=1 fh=6730b7aa2ee36939 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\psmachine.dll.vir"
sh=BF265371BAACB4EC1F33B801676B3C981C7DEB10 ft=1 fh=65f02b0d06ed4e18 vn="Variante von Win32/BrowseFox.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugincontainer.bak.vir"
sh=3EF9034F5F7BB7BB97D01D9A34B1B043CF970D96 ft=1 fh=434b49abbb42c04d vn="Variante von Win32/BrowseFox.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugincontainer.exe.vir"
sh=C4FFF4CCD0A33221574BB270140251F2738082B2 ft=1 fh=e065184dc8f5370d vn="Variante von Win32/BrowseFox.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\3\Plugin.exe.vir"
sh=F43CA0564BE82BC2619DF0AA73487194B44DF301 ft=1 fh=f789de418bf24965 vn="Variante von Win32/BrowseFox.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\3bak\Plugin.exe.vir"
sh=822762DA92CA1D425C347DCCA7188D3CBA087A96 ft=1 fh=2267ecf571dda35b vn="Win32/BrowseFox.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\4\Plugin.exe.vir"
sh=1CC7FB331854BF0B10F51D33278A378E2CEDDB30 ft=1 fh=1667748edb8effd6 vn="Win32/BrowseFox.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\4bak\Plugin.exe.vir"
sh=D5F9525A86304D61D4FEB58C4E8785CD9D55E248 ft=1 fh=46a6f57e1a57b219 vn="Variante von Win32/BrowseFox.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\5\Plugin.exe.vir"
sh=ED1059DA162FF39C8E833556BC9C8C913CFD8CFD ft=1 fh=ddb26ada8e4ae02c vn="Variante von Win32/BrowseFox.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\5bak\Plugin.exe.vir"
sh=653421A384FF25CB9063993A35D457641E08163A ft=1 fh=cba3c73216e4275e vn="Variante von Win32/BrowseFox.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\8\Plugin.exe.vir"
sh=EC3CB0680E963BDCE0DB4984F3ECF3B4E49EBEDB ft=1 fh=f21796289f7ad7d6 vn="Variante von Win32/BrowseFox.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\8bak\Plugin.exe.vir"
sh=8990E276CAA3CF2ED2209CBF57913165E8E340AD ft=1 fh=938c9632c995d755 vn="Variante von MSIL/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\BrowserHelper.exe.vir"
sh=A2B585B74CE69BE4BD1E10E08A1F96B21A0B8CB6 ft=1 fh=4e6c174265a6a556 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Interop.SHDocVw.dll.vir"
sh=070F0EF16B1870B20C482FA44EEBE8294F23A9A9 ft=1 fh=2eb7a04530ad975e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\MACTrackBarLib.dll.vir"
sh=21C6BD07C36AC3C681F93FFB573C30F2C606DC3F ft=1 fh=37a0abbf9b55f981 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\NDde.dll.vir"
sh=B17BDD9A791CC884A0C340D74FC40D53C11A96C1 ft=1 fh=541488a5ad412f96 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Newtonsoft.Json.dll.vir"
sh=8D305D5A743C4FA6193FC21FD3341698332FA128 ft=1 fh=067245ea1f058098 vn="Variante von Win32/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\QuickShare.exe.vir"
sh=B64AEE904CDE1749CE7EA1D917C0A1E5D48DA3BC ft=1 fh=514902572a97660f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll.vir"
sh=24F80D0093FBC348E1DD4DC668B778E647D4C976 ft=1 fh=8cb54be7ec2f0bdb vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll.vir"
sh=F88A3C1636FF8B51AA1FAB5BF185A196562A6FCA ft=1 fh=f29543b6b4e93ad4 vn="Variante von Win32/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll.vir"
sh=729105B22149AAF88493E60F9F5A6792EFC80C78 ft=1 fh=d346a96f69bff003 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll.vir"
sh=A80B229DF2FA04B6BC5C7D7A47F2755EA3843AF6 ft=1 fh=d52ed53f52f9438a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll.vir"
sh=84D1910DEC5C3FABFD1E1D44841259E7F5FE7A54 ft=1 fh=c44c8e31de4f5cf2 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll.vir"
sh=FA906415E199EBEF0A19DA0986B5A893DD0B4959 ft=1 fh=32aea522a4a49f3b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll.vir"
sh=C68CAEED0189A8CC3ED0DD861033A113F0B7055F ft=1 fh=fe0e02f5d66bbd56 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.Base.dll.vir"
sh=4D01F3A72C792D23C2AC483D8F616706CBA86E57 ft=1 fh=3e4b5be84ac3f79a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll.vir"
sh=F27791C7915CC30B27ECA57AAF06D0E0D25BC09D ft=1 fh=84cdce3c65118ae1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.DefaultBrowser.dll.vir"
sh=A649D0044923FA0780913912485B812BBE464726 ft=1 fh=7b9159063eee9b42 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll.vir"
sh=5340D7875DFB8A55C23D3E9A5E52E2930388AC68 ft=1 fh=83dfdf4f25571383 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll.vir"
sh=63A154FA3956A42D257DAA5F4A2FC3326AFA3CF4 ft=1 fh=a7b6901cd7f62787 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ShareManagerLocalPlugin.dll.vir"
sh=37DEA2DE9DD5AC6EE15198160AA74835D5B64B4A ft=1 fh=2de7094191406f20 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll.vir"
sh=BF92DD0CB2C6355E29756B94D4F1868C17047823 ft=1 fh=a6ab022afad9e54c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessEntities.dll.vir"
sh=662A11BE1087BB9F3F397294B5296F275F334A01 ft=1 fh=b4ca62093e1ba8f6 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll.vir"
sh=3B9C0A0859685B6FC5BCA2A9074B693419E7452D ft=1 fh=b0a84723e8ab01f7 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll.vir"
sh=2E24B96C6CCE9A64DEAF2985663FFC202F305E26 ft=1 fh=137bf65d41a7b0e1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Personalization.Settings.PersonalizationSettingsManager.dll.vir"
sh=82777106EA45BB35964B2D96F1CC162F82B2D4F7 ft=1 fh=317270a10cb1140f vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Personalization.Settings.PublisherSettingsManager.dll.vir"
sh=3539EE5A4F2DFF2B2BB7B44D8BA2530B26CC07A6 ft=1 fh=f2889898a5483011 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Personalization.Settings.UserSettingsManager.dll.vir"
sh=33CBECF595EC2352AA6ADF45210C2A811092A29F ft=1 fh=cd5bff7f28956953 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll.vir"
sh=63368DE3C80EA6661DCC540F3E71B6F774AC56F6 ft=1 fh=2f9bb30bb76cc95f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.BrowserHelperUtils.dll.vir"
sh=0A62394F6C8912C5461507153F7084E8D1AA26C2 ft=1 fh=6d993863a49d2b20 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.GeneralUtilities.dll.vir"
sh=F9DB06B27441D96BEABDB9DB548EEA683442A753 ft=1 fh=4508ccec1153f725 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll.vir"
sh=5492FE0DA2E9F29F8008916C5D83B727930B4A53 ft=1 fh=802a037d81e6c97c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll.vir"
sh=F6A20C5EB7369E2878E23540A94D7BD6ACD6D437 ft=1 fh=2403be0b577fc584 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.NetSeer.dll.vir"
sh=3B4FC42A542441B5727F10B4910EF1CDE4FACD53 ft=1 fh=0354afc6c5a6c2d5 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll.vir"
sh=443BCB73249D73F6650D7D89416CD70F44FCEEBE ft=1 fh=1880b86997065064 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.ProductsRemovalLibary.dll.vir"
sh=28ED102EB58DA8F22E7D73D3040E46E8B1D45EF1 ft=1 fh=62ae878b03043e2f vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.ProductUninstaller.dll.vir"
sh=DADC791B713F8F9F2D51421C80533E0CD59BAB94 ft=1 fh=f4cac559f4370f47 vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.SetBrowsersSettings.dll.vir"
sh=24BA4E2BBD5136FFECFED26323FE8A72F7F2738F ft=1 fh=39224725b94bb06e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.SetBrowsersSettingsAutoUpdater.dll.vir"
sh=EB1782B2723D8EE10249597059C3C3B36D6201AC ft=1 fh=c3052f775fd58929 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.ShortcutsLibrary.dll.vir"
sh=74686000C2D33B8AC91E835A1BD4FB69FE2923A3 ft=1 fh=b49770d7bfa93155 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.SideBySide.dll.vir"
sh=8F8C37FF51527ACA1DB9A1680CB0281B89F0FFED ft=1 fh=ec30a536e181f5ec vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll.vir"
sh=3BD0FB8092AEF7E95531C37432DC224055624676 ft=1 fh=6501640a08136ae6 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll.vir"
sh=CBF9AF7E8DED8C1B4314E263137D72583E662BFD ft=1 fh=8794e8c87b304c6a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.Translations.dll.vir"
sh=B79F217C622C0B5B6DAA19B3C74D2F087A1CFD3A ft=1 fh=a7b9390926b62c50 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.UninstallScreen.dll.vir"
sh=F9389F48421E4A22F80A3BFC646050D4570D2FA1 ft=1 fh=7f35a7f5e0568bba vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.UrlHistorySupplier.dll.vir"
sh=CC8B6A07E8F48C236194745F3C1212AB10B8A0FC ft=1 fh=16dfeb9c8f4444db vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\Smartbar.Resources.Utilities.dll.vir"
sh=8F2E7716BE9E1C71D5215CE4BE5EC926483C7AD8 ft=1 fh=77c79c9f87e268d9 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir"
sh=8F2E7716BE9E1C71D5215CE4BE5EC926483C7AD8 ft=1 fh=77c79c9f87e268d9 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir"
sh=866D243BC86FE5FC60209F450E20EC9B095F9030 ft=1 fh=992f160aaecfc783 vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir"
sh=866D243BC86FE5FC60209F450E20EC9B095F9030 ft=1 fh=992f160aaecfc783 vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir"
sh=4E1859C68B485319F073A43575C1FF619AA1E82E ft=1 fh=ae77c318e1a23889 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe.vir"
sh=A6FD149D506F3EE6FFD460BECEDF628AACD3CAF1 ft=1 fh=c2e118c96fb78a0e vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir"
sh=22F6244F7101C7606598B297999FD61CF74DE280 ft=1 fh=6fa47544827ee62a vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\ar\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=E8A59ACD6A0C80D97C8ADF0DA29C75ADD6E415DD ft=1 fh=e4761d541f40a67f vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=0FCFEC24FD73D4F15567BD261E70673B485986FC ft=1 fh=17fac77928ecd0af vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\es\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=EF4529F6D6ED96A1615BE1F2BA541BACA5844190 ft=1 fh=dab3c819e78cf271 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=52EC8EA3384AFADB66589E275EB894B4924CB652 ft=1 fh=fc2f9713cd4001d7 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\he\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=C7E054C7BA58AE2D703DB29C52346A3ED84FEF57 ft=1 fh=53532950b9749a4f vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_20.dll.vir"
sh=C546BA3CA78F93EB65DCCEA191BC40B9F940E2EA ft=1 fh=6fd80785d353cf5d vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_21.dll.vir"
sh=7C15DA5A80F24F0383C992CFB03CF68E95A464B1 ft=1 fh=be427aaf403ae2ff vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_22.dll.vir"
sh=95544372D9D68E8AFAE5E9DA8B07C14CE5406ABB ft=1 fh=dd489ec711c15129 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_23.dll.vir"
sh=BA8871127FB23B24A8963B6A5992DED58259E590 ft=1 fh=65df87dcc97c6ea8 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_24.dll.vir"
sh=400E3ACE4D1F8D697919AA7B1F941E8CDD2FC735 ft=1 fh=02362f902529ea69 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\it\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=59093E1D20DC233C5116B3C03DF1367A088B1536 ft=1 fh=eadc1f3a0144d9ec vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\nl\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=A24E0308386680857DE0CF2FA0EB1BC60B93E303 ft=1 fh=54e672e8b7a42c53 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\pt\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=AB2D4EF9EC062B299201D91662B199F821E5A850 ft=1 fh=b457e29583ba1fa6 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\ru\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=BCDC173F925130FFD31E9BF0D11377076FCAB3DF ft=1 fh=d2bc47b1b9271ad1 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Application\tr\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=C454D15B75DADFDA42FC58C76D2FF72212A9A213 ft=1 fh=53b864a121d00884 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.DMP.dll.vir"
sh=DAB495D4C36C18A1547F938BB95DE9AE37B6B737 ft=1 fh=8e57c39575e4e045 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.MessengerPlugin.dll.vir"
sh=238D68911D5B3614CC0D6D2A8E7AE76AE515B811 ft=1 fh=c7731cdd54332ea7 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.NotepadPlugin.dll.vir"
sh=76B151721539533DD63E01CB2F175ADB5DAE9409 ft=1 fh=142af487ae64d514 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.ScreenCapturePlugin.dll.vir"
sh=391A8B6792FEDD4D711BA3A117ED039BFBAD8D6F ft=1 fh=bcc98d01cbefe114 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.UninstallProductsPlugin.dll.vir"
sh=95DBF48C3F1B9F0175A7BBB3578E1CB2F8C57ADB ft=1 fh=f0f560a5a66a039a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WeatherPlugin.dll.vir"
sh=7BCC2AD191C8751897858F205B9CBA2FAC4BA519 ft=1 fh=a6ff2d0b145de3f5 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WordPlugin.dll.vir"
sh=16068B8977B4DC562AE782D91BC009472667E331 ft=1 fh=c3b5a87b7d152749 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Temp\OCS\ocs_v71a.exe.vir"
sh=BB56C012D1320388514575B2C95EB14922AD5E46 ft=1 fh=7c81f3fa14a3e2bc vn="Variante von Win32/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Local\Temp\Smartbar\b43d7ddb-8f1d-40dd-96b5-a920c18a2876\QuickObrw.exe.vir"
sh=9CA4774891E9538150DBC295BC303D11173CE7FB ft=0 fh=0000000000000000 vn="Win32/DealPly.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\img9ts5g.default\Extensions\{906000A4-88D9-4D52-B209-7A772970D91F}\chrome\content\dealplyshopping.xul.vir"
sh=8A3DA8FB53582A141FA6E789414FF85925FCB49B ft=1 fh=3d4517e6bcadc197 vn="Variante von Win32/Systweak.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Downloads\adusetup_ashampoo.exe"
sh=32363875A3E277A03447EC35855D754742849307 ft=1 fh=f06ed60b456de3a1 vn="Variante von Win32/DownloadGuide.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Downloads\azu_mro_13.9.13_CB-DL-Manager.exe"
sh=D039CBE0EF3C5F37F1219821DCA4373CB4E709A8 ft=1 fh=39d64ba8a4558427 vn="Win32/Somoto.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Downloads\m4a-to-mp3-converter.exe"
sh=16BED9BA805EABF0596E4EDB29BE28B885C79B68 ft=1 fh=f68f46d8f5ef0b94 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Dropbox\Public\SoftonicDownloader_fuer_google-calendar-sync.exe"
sh=14EB4FC8E2471462F0F1D178BEF47B4BCC6AA60D ft=1 fh=287220d4d394cc07 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll"
sh=8237F6391EACA07CBB9C5DEDABAB9AB3EC7B64BA ft=1 fh=d5199cb279894a35 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="D:\downloads\ashampoo_snap_3_3.31_sm.exe"
         

Alt 16.02.2015, 10:40   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7 (64): positive find ads - Standard

Win7 (64): positive find ads



FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Users\User\Downloads\adusetup_ashampoo.exe
C:\Users\User\Downloads\azu_mro_13.9.13_CB-DL-Manager.exe
C:\Users\User\Downloads\m4a-to-mp3-converter.exe
C:\Users\User\Dropbox\Public\SoftonicDownloader_fuer_google-calendar-sync.exe
C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw
D:\downloads\ashampoo_snap_3_3.31_sm.exe
EmptyTemp:
Hosts:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 16.02.2015, 11:18   #15
Wolf99
 
Win7 (64): positive find ads - Standard

Win7 (64): positive find ads



So, hier die FIXLOG.TXT:

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-02-2015
Ran by Wolf at 2015-02-16 11:06:36 Run:2
Running from C:\Users\Wolf\Desktop
Loaded Profiles: Wolf (Available profiles: Wolf & User & Gast)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\User\Downloads\adusetup_ashampoo.exe
C:\Users\User\Downloads\azu_mro_13.9.13_CB-DL-Manager.exe
C:\Users\User\Downloads\m4a-to-mp3-converter.exe
C:\Users\User\Dropbox\Public\SoftonicDownloader_fuer_google-calendar-sync.exe
C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw
D:\downloads\ashampoo_snap_3_3.31_sm.exe
EmptyTemp:
Hosts:
         
*****************

C:\Users\User\Downloads\adusetup_ashampoo.exe => Moved successfully.
C:\Users\User\Downloads\azu_mro_13.9.13_CB-DL-Manager.exe => Moved successfully.
C:\Users\User\Downloads\m4a-to-mp3-converter.exe => Moved successfully.
C:\Users\User\Dropbox\Public\SoftonicDownloader_fuer_google-calendar-sync.exe => Moved successfully.
C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw => Moved successfully.
D:\downloads\ashampoo_snap_3_3.31_sm.exe => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 81.4 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 11:06:57 ====
         

Antwort

Themen zu Win7 (64): positive find ads
ads by positive finds, browser, buzzdock entfernen, dankbar, dealply entfernen, fehlercode 22, fehlercode windows, firefox, google, neustart, positive, positive finds, quickshare entfernen, spyhunter, spyhunter entfernen, systems, systemsteuerung, this device is disabled. (code 22), werbung




Ähnliche Themen: Win7 (64): positive find ads


  1. Great Find
    Plagegeister aller Art und deren Bekämpfung - 21.07.2015 (5)
  2. Ads Positive Finds bei win7 - wie entfernen ?
    Log-Analyse und Auswertung - 06.03.2015 (16)
  3. Find-All-You-Want.com entfernen
    Anleitungen, FAQs & Links - 17.02.2015 (2)
  4. Probleme mit Adware "Positive Find Ads"
    Plagegeister aller Art und deren Bekämpfung - 12.02.2015 (15)
  5. Positive Finds auf Win7 64bit - brauche dringend Hilfe!
    Log-Analyse und Auswertung - 08.02.2015 (14)
  6. Schrauber? Find ich gut!
    Lob, Kritik und Wünsche - 31.10.2014 (0)
  7. Key-Find.com entfernen
    Anleitungen, FAQs & Links - 17.03.2014 (2)
  8. virus wo find ich die
    Mülltonne - 02.09.2013 (0)
  9. can not find dwlgina3.dll
    Log-Analyse und Auswertung - 03.02.2012 (33)
  10. Bump.exe Find.exe Cmd.exe und Co. 100% CPU Auslastung
    Plagegeister aller Art und deren Bekämpfung - 21.01.2012 (3)
  11. Windows 7: can not find dwlgina3.dll
    Log-Analyse und Auswertung - 11.01.2012 (5)
  12. Verdacht ... find' aber nix
    Log-Analyse und Auswertung - 19.02.2009 (1)
  13. Problem mit find.bat
    Log-Analyse und Auswertung - 20.07.2008 (13)
  14. Verständnisproblem - Find.bat
    Lob, Kritik und Wünsche - 02.10.2005 (12)
  15. Find.bat
    Plagegeister aller Art und deren Bekämpfung - 15.05.2005 (2)

Zum Thema Win7 (64): positive find ads - Hallo allerseits! Seit zwei Tagen werden meine Browser (Firefox und Google Chrom) mit Werbung offenbar von Ads by Positive Finds zugekleistert. Löschen in der Systemsteuerung und Neustart brachte keinen Erfolg. - Win7 (64): positive find ads...
Archiv
Du betrachtest: Win7 (64): positive find ads auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.