PC zu langsam, manche Apps funktionieren nicht

iccu79 · 15.02.2015, 13:43

Hallo,

mein PC (Windows 8) ist seit einige sehr langsam und manche Apps gehen gar nicht und nur schlecht. Ich vermute, dass es ein Virus ist. Kaspersky zeigt, dass es eine Infektion gefunden hat, kann anscheinden aber nichts machen.

Vielen Dank für euere Hilfe,

Iccu

schrauber · 15.02.2015, 14:11

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

iccu79 · 15.02.2015, 14:18

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-02-2015
Ran by Iccu (administrator) on WISSYEON on 15-02-2015 13:31:56
Running from C:\Users\Iccu\Downloads
Loaded Profiles: UpdatusUser & Iccu (Available profiles: UpdatusUser & iccu79 & Iccu & Gast)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
() C:\Program Files\002\fpvoixdaog64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
() C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
() C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
() C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
() C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
() C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-11-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-11] (CyberLink Corp.)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863848 2014-05-26] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [fst_de_43] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [642664 2014-05-26] (SEIKO EPSON CORPORATION)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-1436231362-497779663-833076255-1001\...\Run: [AppLauncher] => C:\Program Files (x86)\Medion MediaPack 3\Ashampoo AppLauncher (Medion)\AppLauncher.exe [969656 2012-08-10] (Ashampoo)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\iccu79\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Iccu\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:63754;https=127.0.0.1:63754
ProxyEnable: [S-1-5-21-1436231362-497779663-833076255-1005] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-1436231362-497779663-833076255-1005] => http=127.0.0.1:63754;https=127.0.0.1:63754
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX&q={searchTerms}
HKU\S-1-5-21-1436231362-497779663-833076255-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1436231362-497779663-833076255-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX&q={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX

FireFox:
========
FF ProfilePath: C:\Users\Iccu\AppData\Roaming\Mozilla\Firefox\Profiles\f8g5syht.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Модуль перевірки посилань - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2013-11-22]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2013-11-22]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2013-11-22]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2013-11-22]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2013-11-22]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com
FF Extension: Quick Start - C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com [2014-06-18]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-29]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-29]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-29]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-29]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-29]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-29] (Kaspersky Lab ZAO)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [74712 2013-03-11] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [316376 2013-03-11] (CyberLink)
R2 fpvoixdaog64; C:\Program Files\002\fpvoixdaog64.exe [706560 2014-06-18] () [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2013-03-06] ()
R2 Verifies and fixes application compatibility issues; C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe [99496 2015-02-01] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-04-09] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-04-09] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [115296 2014-04-09] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-04-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-29] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-04-09] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-29] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-04-09] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-04-09] (Kaspersky Lab ZAO)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [2968280 2014-01-15] (Realtek Semiconductor Corporation                           )
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [X]
S3 iwdbus; \SystemRoot\System32\drivers\iwdbus.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-15 13:31 - 2015-02-15 13:32 - 00019644 _____ () C:\Users\Iccu\Downloads\FRST.txt
2015-02-15 13:31 - 2015-02-15 13:32 - 00000000 ____D () C:\FRST
2015-02-15 13:31 - 2015-02-15 13:31 - 02134528 _____ (Farbar) C:\Users\Iccu\Downloads\FRST64.exe
2015-02-15 13:30 - 2015-02-15 13:30 - 01125888 _____ (Farbar) C:\Users\Iccu\Downloads\FRST(1).exe
2015-02-15 13:27 - 2015-02-15 13:27 - 01125888 _____ (Farbar) C:\Users\Iccu\Downloads\FRST.exe
2015-02-15 12:21 - 2015-02-15 12:22 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Iccu\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-15 12:09 - 2015-02-15 12:09 - 00000000 ____D () C:\Users\Iccu\AppData\Roaming\Macromedia
2015-02-15 12:09 - 2015-02-15 12:09 - 00000000 ____D () C:\Users\Iccu\AppData\Local\Macromedia
2015-02-15 12:00 - 2015-02-15 12:00 - 04864744 _____ (AVAST Software) C:\Users\Iccu\Downloads\avast_free_antivirus_setup_online.exe
2015-02-15 11:51 - 2015-02-15 11:51 - 00000000 ____D () C:\Users\Iccu\AppData\Roaming\Mozilla
2015-02-15 11:51 - 2015-02-15 11:51 - 00000000 ____D () C:\Users\Iccu\AppData\Local\Mozilla
2015-02-15 11:46 - 2015-02-15 11:46 - 00000000 ___RD () C:\Users\iccu79\OneDrive
2015-02-15 10:36 - 2015-02-15 10:43 - 00000000 ____D () C:\Users\iccu79\Desktop\Daten Judoumfrage
2015-02-15 10:16 - 2015-02-15 11:46 - 00000000 ___RD () C:\Users\iccu79\OneDrive (14).old
2015-02-15 10:01 - 2015-02-15 10:16 - 00000000 ___RD () C:\Users\iccu79\OneDrive (13).old
2015-02-14 11:23 - 2015-02-14 11:23 - 00000000 __SHD () C:\Users\Iccu\AppData\Local\EmieUserList
2015-02-14 11:23 - 2015-02-14 11:23 - 00000000 __SHD () C:\Users\Iccu\AppData\Local\EmieSiteList
2015-02-14 11:23 - 2015-02-14 11:23 - 00000000 __SHD () C:\Users\Iccu\AppData\Local\EmieBrowserModeList
2015-02-14 11:22 - 2015-02-15 12:11 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{16B6DC73-A56A-455F-913C-29B6663FC670}
2015-02-14 11:04 - 2015-02-15 13:26 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1436231362-497779663-833076255-1005
2015-02-14 10:59 - 2015-02-14 11:03 - 00000000 ____D () C:\Users\Iccu\AppData\Local\Packages
2015-02-14 10:59 - 2015-02-14 10:59 - 00002350 _____ () C:\Users\Iccu\Desktop\Sicherer Zahlungsverkehr.lnk
2015-02-14 10:59 - 2015-02-14 10:59 - 00001454 _____ () C:\Users\Iccu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-14 10:59 - 2015-02-14 10:59 - 00000000 ____D () C:\Users\Iccu\AppData\Roaming\Adobe
2015-02-14 10:59 - 2015-02-14 10:59 - 00000000 ____D () C:\Users\Iccu\AppData\Local\VirtualStore
2015-02-14 10:58 - 2015-02-14 10:59 - 00000000 ____D () C:\Users\Iccu
2015-02-14 10:58 - 2015-02-14 10:58 - 00002346 _____ () C:\Users\Gast\Desktop\Sicherer Zahlungsverkehr.lnk
2015-02-14 10:58 - 2015-02-14 10:58 - 00000020 ___SH () C:\Users\Iccu\ntuser.ini
2015-02-14 10:58 - 2015-02-14 10:58 - 00000000 _SHDL () C:\Users\Iccu\Vorlagen
2015-02-14 10:58 - 2015-02-14 10:58 - 00000000 _SHDL () C:\Users\Iccu\Startmenü
2015-02-14 10:58 - 2015-02-14 10:58 - 00000000 _SHDL () C:\Users\Iccu\Netzwerkumgebung
2015-02-14 10:58 - 2015-02-14 10:58 - 00000000 _SHDL () C:\Users\Iccu\Lokale Einstellungen
2015-02-14 10:58 - 2015-02-14 10:58 - 00000000 _SHDL () C:\Users\Iccu\Eigene Dateien
2015-02-14 10:58 - 2015-02-14 10:58 - 00000000 _SHDL () C:\Users\Iccu\Druckumgebung
2015-02-14 10:58 - 2015-02-14 10:58 - 00000000 _SHDL () C:\Users\Iccu\Documents\Eigene Musik
2015-02-14 10:58 - 2015-02-14 10:58 - 00000000 _SHDL () C:\Users\Iccu\Documents\Eigene Bilder
2015-02-14 10:58 - 2015-02-14 10:58 - 00000000 _SHDL () C:\Users\Iccu\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-14 10:58 - 2015-02-14 10:58 - 00000000 _SHDL () C:\Users\Iccu\AppData\Local\Verlauf
2015-02-14 10:58 - 2015-02-14 10:58 - 00000000 _SHDL () C:\Users\Iccu\AppData\Local\Anwendungsdaten
2015-02-14 10:58 - 2015-02-14 10:58 - 00000000 _SHDL () C:\Users\Iccu\Anwendungsdaten
2015-02-14 10:58 - 2015-02-14 10:50 - 00000000 ____D () C:\Users\Iccu\AppData\Roaming\Compatibility Verifier
2015-02-14 10:58 - 2014-11-13 09:24 - 00000000 ___RD () C:\Users\Iccu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-14 10:58 - 2014-09-15 18:21 - 00000000 ___RD () C:\Users\Iccu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-14 10:58 - 2014-02-22 05:37 - 00000369 _____ () C:\Users\Iccu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-14 10:58 - 2014-02-22 05:37 - 00000369 _____ () C:\Users\Iccu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-14 10:58 - 2013-12-06 16:55 - 00001349 _____ () C:\Users\Iccu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security.lnk
2015-02-14 10:58 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Iccu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-14 10:58 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Iccu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-14 10:58 - 2012-08-11 05:24 - 00001217 _____ () C:\Users\Iccu\Desktop\ALDI Foto.lnk
2015-02-14 10:58 - 2012-08-11 05:22 - 00001275 _____ () C:\Users\Iccu\Desktop\Medion Services.lnk
2015-02-14 10:58 - 2012-08-05 13:12 - 00001809 _____ () C:\Users\Iccu\Desktop\ALDI Talk.lnk
2015-02-14 10:58 - 2012-08-05 13:11 - 00001153 _____ () C:\Users\Iccu\Desktop\ALDI Süd Reisen.lnk
2015-02-14 10:58 - 2012-08-05 13:11 - 00001025 _____ () C:\Users\Iccu\Desktop\ALDI Süd Startseite.lnk
2015-02-14 10:58 - 2012-08-05 13:10 - 00001895 _____ () C:\Users\Iccu\Desktop\ALDI Süd Blumen Service.lnk
2015-02-14 10:56 - 2015-02-14 10:57 - 00000000 ____D () C:\Users\Gast\AppData\Local\Packages
2015-02-14 10:56 - 2015-02-14 10:57 - 00000000 ____D () C:\Users\Gast
2015-02-14 10:56 - 2015-02-14 10:56 - 00001450 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-14 10:56 - 2015-02-14 10:56 - 00000020 ___SH () C:\Users\Gast\ntuser.ini
2015-02-14 10:56 - 2015-02-14 10:56 - 00000000 _SHDL () C:\Users\Gast\Vorlagen
2015-02-14 10:56 - 2015-02-14 10:56 - 00000000 _SHDL () C:\Users\Gast\Startmenü
2015-02-14 10:56 - 2015-02-14 10:56 - 00000000 _SHDL () C:\Users\Gast\Netzwerkumgebung
2015-02-14 10:56 - 2015-02-14 10:56 - 00000000 _SHDL () C:\Users\Gast\Lokale Einstellungen
2015-02-14 10:56 - 2015-02-14 10:56 - 00000000 _SHDL () C:\Users\Gast\Eigene Dateien
2015-02-14 10:56 - 2015-02-14 10:56 - 00000000 _SHDL () C:\Users\Gast\Druckumgebung
2015-02-14 10:56 - 2015-02-14 10:56 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Musik
2015-02-14 10:56 - 2015-02-14 10:56 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Bilder
2015-02-14 10:56 - 2015-02-14 10:56 - 00000000 _SHDL () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-14 10:56 - 2015-02-14 10:56 - 00000000 _SHDL () C:\Users\Gast\AppData\Local\Verlauf
2015-02-14 10:56 - 2015-02-14 10:56 - 00000000 _SHDL () C:\Users\Gast\AppData\Local\Anwendungsdaten
2015-02-14 10:56 - 2015-02-14 10:56 - 00000000 _SHDL () C:\Users\Gast\Anwendungsdaten
2015-02-14 10:56 - 2015-02-14 10:56 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Adobe
2015-02-14 10:56 - 2015-02-14 10:56 - 00000000 ____D () C:\Users\Gast\AppData\Local\VirtualStore
2015-02-14 10:56 - 2015-02-14 10:50 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Compatibility Verifier
2015-02-14 10:56 - 2014-11-13 09:24 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-14 10:56 - 2014-09-15 18:21 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-14 10:56 - 2014-02-22 05:37 - 00000369 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-14 10:56 - 2014-02-22 05:37 - 00000369 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-14 10:56 - 2013-12-06 16:55 - 00001349 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security.lnk
2015-02-14 10:56 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-14 10:56 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-14 10:56 - 2012-08-11 05:24 - 00001217 _____ () C:\Users\Gast\Desktop\ALDI Foto.lnk
2015-02-14 10:56 - 2012-08-11 05:22 - 00001275 _____ () C:\Users\Gast\Desktop\Medion Services.lnk
2015-02-14 10:56 - 2012-08-05 13:12 - 00001809 _____ () C:\Users\Gast\Desktop\ALDI Talk.lnk
2015-02-14 10:56 - 2012-08-05 13:11 - 00001153 _____ () C:\Users\Gast\Desktop\ALDI Süd Reisen.lnk
2015-02-14 10:56 - 2012-08-05 13:11 - 00001025 _____ () C:\Users\Gast\Desktop\ALDI Süd Startseite.lnk
2015-02-14 10:56 - 2012-08-05 13:10 - 00001895 _____ () C:\Users\Gast\Desktop\ALDI Süd Blumen Service.lnk
2015-02-13 15:34 - 2015-02-15 10:01 - 00000000 ___RD () C:\Users\iccu79\OneDrive (12).old
2015-02-13 15:32 - 2015-02-13 15:34 - 00000000 ___RD () C:\Users\iccu79\OneDrive (11).old
2015-02-13 15:10 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-13 15:10 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-13 15:06 - 2015-02-13 15:32 - 00000000 ___RD () C:\Users\iccu79\OneDrive (10).old
2015-02-11 18:19 - 2015-02-13 15:06 - 00000000 ___RD () C:\Users\iccu79\OneDrive (9).old
2015-02-11 14:39 - 2015-02-11 18:19 - 00000000 ___RD () C:\Users\iccu79\OneDrive (8).old
2015-02-11 14:33 - 2015-02-11 14:39 - 00000000 ___RD () C:\Users\iccu79\OneDrive (7).old
2015-02-11 14:14 - 2015-02-11 14:33 - 00000000 ___RD () C:\Users\iccu79\OneDrive (6).old
2015-02-11 13:57 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 13:57 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 13:57 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-02-11 13:57 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-02-11 13:57 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 13:57 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 13:57 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 13:57 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-02-11 13:57 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-02-11 13:57 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 13:57 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 13:57 - 2014-10-29 03:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 13:57 - 2014-10-29 03:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 13:57 - 2014-10-29 03:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 13:57 - 2014-10-29 03:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 13:57 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-02-11 13:57 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-02-11 13:57 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-02-11 13:57 - 2014-10-29 02:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 13:57 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-02-11 13:57 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-02-11 13:57 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-02-11 13:57 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-02-11 13:57 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-02-11 13:56 - 2015-02-04 00:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 13:56 - 2015-02-04 00:08 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 13:56 - 2015-02-04 00:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 13:56 - 2015-02-03 00:11 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 13:56 - 2015-02-03 00:11 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 13:56 - 2015-02-03 00:11 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 13:56 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-02-11 13:56 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 13:56 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 13:56 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 13:56 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 13:56 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-11 13:56 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 13:56 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 13:56 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 13:56 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 13:56 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 13:56 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 13:56 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-02-11 13:56 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-11 13:56 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-02-11 13:56 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 13:56 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 13:56 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 13:56 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 13:56 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 13:56 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 13:56 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-02-11 13:56 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-02-11 13:56 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-02-11 13:56 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 13:56 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-02-11 13:56 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 13:56 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 13:56 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 13:56 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 13:56 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 13:56 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 13:56 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 13:56 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 13:56 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 13:56 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 13:56 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 13:56 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 13:56 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 13:56 - 2014-12-09 00:12 - 00391526 _____ () C:\Windows\system32\ApnDatabase.xml
2015-02-11 13:54 - 2015-02-11 14:14 - 00000000 ___RD () C:\Users\iccu79\OneDrive (5).old
2015-02-11 13:53 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 13:40 - 2015-02-11 13:54 - 00000000 ___RD () C:\Users\iccu79\OneDrive (4).old
2015-02-10 09:52 - 2015-02-10 15:36 - 00026761 _____ () C:\Users\iccu79\Desktop\Mathe_BA_Bosserhoff_Lineare Algebra Analysis_Finanzmathe_El_Ouadoudi.xlsx
2015-02-10 09:38 - 2015-02-10 09:38 - 00000000 ____D () C:\ProgramData\APN
2015-02-09 14:57 - 2015-02-09 14:58 - 00000000 ____D () C:\Users\iccu79\AppData\Roaming\EndNote
2015-02-03 17:33 - 2015-02-10 15:36 - 00012845 _____ () C:\Users\iccu79\Desktop\Noten.xlsx
2015-02-02 11:36 - 2015-02-11 13:40 - 00000000 ___RD () C:\Users\iccu79\OneDrive (3).old
2015-01-28 10:17 - 2015-01-28 10:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-27 00:23 - 2015-01-27 00:23 - 00014464 _____ (Western Digital Technologies) C:\Windows\system32\Drivers\wdcsam64.sys
2015-01-24 14:32 - 2015-01-24 14:32 - 02006528 _____ () C:\Users\iccu79\Downloads\fima_bachelor_kapitel_1_grundlagen.ppt
2015-01-24 14:32 - 2015-01-24 14:32 - 01120256 _____ () C:\Users\iccu79\Downloads\fima_bachelor_kapitel_2_renten-_und_tilgungsrechnung.ppt
2015-01-24 14:31 - 2015-02-02 11:36 - 00000000 ___RD () C:\Users\iccu79\OneDrive (2).old
2015-01-24 11:43 - 2015-01-26 13:54 - 00000000 ____D () C:\Users\iccu79\Desktop\VWL
2015-01-24 11:43 - 2015-01-24 11:43 - 00000000 ____D () C:\Users\iccu79\Desktop\Rewe
2015-01-24 11:43 - 2015-01-24 11:43 - 00000000 ____D () C:\Users\iccu79\Desktop\KLR
2015-01-24 11:43 - 2015-01-24 11:43 - 00000000 ____D () C:\Users\iccu79\Desktop\HBL
2015-01-22 15:23 - 2015-01-22 15:23 - 00614198 _____ () C:\Users\iccu79\Desktop\Kortrektur.pptx
2015-01-22 12:31 - 2015-01-24 14:31 - 00000000 ___RD () C:\Users\iccu79\OneDrive.old
2015-01-20 16:53 - 2015-02-15 10:13 - 00000112 _____ () C:\ProgramData\V2Wa5Y.dat

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-15 13:25 - 2015-01-11 11:29 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Compatibility Verifier
2015-02-15 13:25 - 2015-01-11 11:29 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Compatibility Verifier
2015-02-15 13:23 - 2014-03-18 10:59 - 01912884 _____ () C:\Windows\WindowsUpdate.log
2015-02-15 13:21 - 2013-11-22 12:45 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-02-15 13:20 - 2014-01-21 14:00 - 00046480 _____ () C:\Windows\setupact.log
2015-02-15 13:20 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-15 13:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-15 12:51 - 2015-01-07 19:51 - 00000937 _____ () C:\Windows\Tasks\EPSON WF-2630 Series Update {E523065B-10CB-4279-B977-8F5DD00A325D}.job
2015-02-15 12:46 - 2015-01-07 19:46 - 00000937 _____ () C:\Windows\Tasks\EPSON WF-2630 Series Update {716A1012-DD0D-4618-A92B-7DA7DAA119E1}.job
2015-02-15 12:23 - 2014-07-11 16:14 - 00000000 ___RD () C:\Users\iccu79\Dropbox
2015-02-15 12:23 - 2014-07-11 16:12 - 00000000 ____D () C:\Users\iccu79\AppData\Roaming\Dropbox
2015-02-15 12:23 - 2014-04-18 12:03 - 00000000 ___DO () C:\Users\iccu79\SkyDrive
2015-02-15 12:20 - 2014-04-22 08:55 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-15 11:46 - 2014-03-27 12:01 - 00000000 ____D () C:\Users\iccu79
2015-02-15 10:32 - 2014-05-30 14:11 - 00000000 ____D () C:\Users\iccu79\Documents\Outlook-Dateien
2015-02-15 10:06 - 2013-08-22 14:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-02-15 09:59 - 2014-03-27 12:07 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1436231362-497779663-833076255-1002
2015-02-15 09:43 - 2014-03-27 12:22 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{EFCE2F42-B92A-4527-BCB8-8D1B6763A8F4}
2015-02-14 11:03 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-14 10:59 - 2014-03-27 12:02 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-02-14 10:50 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-14 10:49 - 2013-09-12 12:28 - 00765378 _____ () C:\Windows\system32\perfh007.dat
2015-02-14 10:49 - 2013-09-12 12:28 - 00159696 _____ () C:\Windows\system32\perfc007.dat
2015-02-14 10:49 - 2013-09-12 12:00 - 01780340 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-13 15:40 - 2014-04-22 11:36 - 00518144 ___SH () C:\Users\iccu79\Desktop\Thumbs.db
2015-02-13 14:54 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-02-11 14:03 - 2013-08-22 15:44 - 00483128 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 14:01 - 2014-12-12 19:49 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-11 14:01 - 2014-07-10 16:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 14:00 - 2014-04-14 11:09 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 13:58 - 2013-11-22 12:15 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-11 13:32 - 2014-07-11 16:13 - 00000000 ____D () C:\Users\iccu79\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-11 13:24 - 2014-03-31 14:12 - 00000000 ____D () C:\Program Files (x86)\Epson Software
2015-02-11 13:24 - 2013-09-12 11:53 - 00026962 _____ () C:\Windows\PFRO.log
2015-02-10 09:53 - 2013-09-13 08:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-10 09:52 - 2014-03-31 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-02-10 09:52 - 2014-03-31 14:10 - 00000000 ____D () C:\Program Files (x86)\epson
2015-02-10 09:50 - 2014-03-31 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2015-02-10 09:44 - 2014-03-31 14:11 - 00000000 ____D () C:\ProgramData\EPSON
2015-02-10 09:42 - 2014-11-25 14:01 - 00000000 ____D () C:\Users\iccu79\AppData\Local\Eastman_Kodak_Company
2015-02-10 09:42 - 2014-11-25 13:57 - 00000000 ____D () C:\Program Files (x86)\Kodak
2015-02-10 09:42 - 2014-11-25 13:45 - 00000000 ____D () C:\ProgramData\Kodak
2015-02-10 09:39 - 2014-06-25 12:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics
2015-02-10 09:37 - 2014-12-20 16:57 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-10 09:36 - 2014-12-20 16:57 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-10 09:36 - 2014-12-20 16:56 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-05 09:20 - 2014-04-22 08:55 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-05 09:14 - 2014-03-31 14:12 - 00000000 ____D () C:\Users\iccu79\AppData\Roaming\Epson
2015-02-03 20:31 - 2014-08-28 10:08 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2014-08-28 10:08 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-03 16:00 - 2014-05-30 13:28 - 00000000 ____D () C:\Users\iccu79\AppData\Local\Microsoft Help
2015-02-02 13:47 - 2014-06-18 08:57 - 00000000 ____D () C:\Program Files (x86)\SupTab
2015-02-02 13:16 - 2015-01-11 11:38 - 00000000 ____D () C:\Users\iccu79\AppData\Roaming\Compatibility Verifier
2015-01-29 16:05 - 2014-04-09 11:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-26 13:54 - 2014-11-11 16:03 - 00000000 ____D () C:\Users\iccu79\Desktop\REWE_Prüfungen

==================== Files in the root of some directories =======

2014-01-20 17:07 - 2014-01-20 17:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-01-23 11:19 - 2014-01-23 11:19 - 0000032 _____ () C:\ProgramData\Temp.log
2015-01-20 16:53 - 2015-02-15 10:13 - 0000112 _____ () C:\ProgramData\V2Wa5Y.dat

Files to move or delete:
====================
C:\ProgramData\V2Wa5Y.dat


Some content of TEMP:
====================
C:\Users\iccu79\AppData\Local\Temp\APNSetup.exe
C:\Users\iccu79\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqlhctn.dll
C:\Users\iccu79\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\iccu79\AppData\Local\Temp\speedupmypc.exe
C:\Users\iccu79\AppData\Local\Temp\_isC503.exe
C:\Users\iccu79\AppData\Local\Temp\_isD110.exe
C:\Users\iccu79\AppData\Local\Temp\_isD8CA.exe


Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\nsprs.dll
C:\Windows\SysWOW64\serauth1.dll
C:\Windows\SysWOW64\serauth2.dll
C:\Windows\SysWOW64\ssprs.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-14 14:05

==================== End Of Log ============================

--- --- ---

schrauber · 15.02.2015, 19:27

Addition.txt bitte auch posten.

iccu79 · 16.02.2015, 15:20

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-02-2015
Ran by Iccu at 2015-02-15 13:32:46
Running from C:\Users\Iccu\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Ashampoo AppLauncher (Medion) v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher (Medion)_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PowerDirector 11 (Version: 11.0.0.3714 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.2103 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.2103 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.51.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 2.20.0000 - SEIKO EPSON Corp.)
EPSON Scan PDF Extensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.)
EPSON WF-2630 Series Printer Uninstall (HKLM\...\EPSON WF-2630 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.32.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM\...\{DF5200AB-5AE6-4598-846B-8ABC3AE121B1}) (Version: 3.0.2.0 - SEIKO EPSON Corporation)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria de Fotografias (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
IBM SPSS Statistics 21 (HKLM-x32\...\{1E26B9C2-ED08-4EEA-83C8-A786502B41E5}) (Version: 21.0.0.0 - IBM Corp)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3383 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector (KB2289116) ªº§ó·s (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{75F91382-920C-4AE1-B9E6-FFFCEDA797E8}) (Version:  - Microsoft)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
NVIDIA Graphics Driver 332.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.35 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Podstawowe programy Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
R for Windows 3.1.2 (HKLM\...\R for Windows 3.1.2_is1) (Version: 3.1.2 - R Core Team)
Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7076 - Realtek Semiconductor Corp.)
Software Updater (HKLM-x32\...\{FA7EE274-7370-43B7-9A45-A39B17CCCDC5}) (Version: 4.3.3 - SEIKO EPSON CORPORATION)
Update für Microsoft Outlook Social Connector (KB2289116) (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{10B1662A-566C-43C2-8469-5A470E0C7D7B}) (Version:  - Microsoft)
Valokuvavalikoima (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Συλλογή φωτογραφιών (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

26-01-2015 11:43:34 Windows Update
02-02-2015 12:02:34 Geplanter Prüfpunkt
09-02-2015 15:20:54 Geplanter Prüfpunkt
14-02-2015 10:49:48 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0E7867A1-8BBB-4DCC-9114-EAF74A7C9070} - System32\Tasks\EPSON WF-2630 Series Update {716A1012-DD0D-4618-A92B-7DA7DAA119E1} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSMDE.EXE [2013-11-21] (SEIKO EPSON CORPORATION)
Task: {376E6A87-EAD0-4C11-B334-4675F88F0006} - System32\Tasks\EPSON WF-2630 Series Update {E523065B-10CB-4279-B977-8F5DD00A325D} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSMDE.EXE [2013-11-21] (SEIKO EPSON CORPORATION)
Task: {A48120AB-C4A1-4F83-88D4-C3468B1F6F19} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {B8F1E49F-9B1C-4D71-AFF3-E6177AB05848} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {BB09FE7B-70B5-4A74-A055-92064688B80D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-11] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON WF-2630 Series Update {716A1012-DD0D-4618-A92B-7DA7DAA119E1}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSMDE.EXE
Task: C:\Windows\Tasks\EPSON WF-2630 Series Update {E523065B-10CB-4279-B977-8F5DD00A325D}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSMDE.EXE

==================== Loaded Modules (whitelisted) ==============

2014-01-20 17:34 - 2014-01-08 01:48 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-06-18 08:59 - 2014-06-18 08:59 - 00706560 _____ () C:\Program Files\002\fpvoixdaog64.exe
2014-01-23 12:46 - 2013-03-06 15:42 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-02-02 13:42 - 2015-02-01 18:39 - 00099496 _____ () C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe
2015-01-11 11:29 - 2015-02-02 05:54 - 51306152 _____ () C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
2013-06-17 13:35 - 2013-06-17 13:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 15:52 - 2013-05-08 15:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2015-01-28 10:17 - 2015-01-28 10:17 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-01-11 11:29 - 2015-01-07 22:22 - 01360552 _____ () C:\Users\Default\AppData\Roaming\Compatibility Verifier\libglesv2.dll
2015-01-11 11:29 - 2015-01-07 22:22 - 00214184 _____ () C:\Users\Default\AppData\Roaming\Compatibility Verifier\libegl.dll
2015-01-11 11:29 - 2015-01-07 22:22 - 00985768 _____ () C:\Users\Default\AppData\Roaming\Compatibility Verifier\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\iccu79\OneDrive:ms-properties
AlternateDataStreams: C:\Users\iccu79\OneDrive (10).old:ms-properties
AlternateDataStreams: C:\Users\iccu79\OneDrive (11).old:ms-properties
AlternateDataStreams: C:\Users\iccu79\OneDrive (12).old:ms-properties
AlternateDataStreams: C:\Users\iccu79\OneDrive (13).old:ms-properties
AlternateDataStreams: C:\Users\iccu79\OneDrive (14).old:ms-properties
AlternateDataStreams: C:\Users\iccu79\OneDrive (2).old:ms-properties
AlternateDataStreams: C:\Users\iccu79\OneDrive (3).old:ms-properties
AlternateDataStreams: C:\Users\iccu79\OneDrive (4).old:ms-properties
AlternateDataStreams: C:\Users\iccu79\OneDrive (5).old:ms-properties
AlternateDataStreams: C:\Users\iccu79\OneDrive (6).old:ms-properties
AlternateDataStreams: C:\Users\iccu79\OneDrive (7).old:ms-properties
AlternateDataStreams: C:\Users\iccu79\OneDrive (8).old:ms-properties
AlternateDataStreams: C:\Users\iccu79\OneDrive (9).old:ms-properties
AlternateDataStreams: C:\Users\iccu79\OneDrive.old:ms-properties
AlternateDataStreams: C:\Users\iccu79\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1436231362-497779663-833076255-1005\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\MEDION\wallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "EKIJ5000StatusMonitor"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Conime"
HKLM\...\StartupApproved\Run32: => "FUFAXSTM"
HKLM\...\StartupApproved\Run32: => "EKStatusMonitor"
HKLM\...\StartupApproved\Run32: => "FUFAXRCV"
HKLM\...\StartupApproved\Run32: => "ApnTBMon"

==================== Accounts: =============================

Administrator (S-1-5-21-1436231362-497779663-833076255-500 - Administrator - Disabled)
Gast (S-1-5-21-1436231362-497779663-833076255-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1436231362-497779663-833076255-1004 - Limited - Enabled)
Iccu (S-1-5-21-1436231362-497779663-833076255-1005 - Administrator - Enabled) => C:\Users\Iccu
iccu79 (S-1-5-21-1436231362-497779663-833076255-1002 - Limited - Enabled) => C:\Users\iccu79
UpdatusUser (S-1-5-21-1436231362-497779663-833076255-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/15/2015 01:11:20 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: avpui.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.FileLoadException
Stapel:
   bei KasperskyLab.Kis.UI.EntryPoint.Start(System.Action`1<Microsoft.Practices.Unity.IUnityContainer>, System.Collections.Generic.IEnumerable`1<System.Type>)
   bei KasperskyLab.Kis.UI.EntryPoint+<>c__DisplayClass2.<Preload>b__1()
   bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bei System.Threading.ThreadHelper.ThreadStart()

Error: (02/15/2015 01:00:55 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: avpui.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.FileLoadException
Stapel:
   bei KasperskyLab.Kis.UI.EntryPoint.Start(System.Action`1<Microsoft.Practices.Unity.IUnityContainer>, System.Collections.Generic.IEnumerable`1<System.Type>)
   bei KasperskyLab.Kis.UI.EntryPoint+<>c__DisplayClass2.<Preload>b__1()
   bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bei System.Threading.ThreadHelper.ThreadStart()

Error: (02/15/2015 01:00:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.17284, Zeitstempel: 0x53f816dc
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 6.3.9600.17238, Zeitstempel: 0x53d0d45c
Ausnahmecode: 0xc000027b
Fehleroffset: 0x000000000084a6f2
ID des fehlerhaften Prozesses: 0xc0c
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (02/15/2015 01:00:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Wissyeon)
Description: Bei der Aktivierung der App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/15/2015 01:00:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Wissyeon)
Description: Bei der Aktivierung der App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/15/2015 01:00:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Wissyeon)
Description: Bei der Aktivierung der App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/15/2015 01:00:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Wissyeon)
Description: Bei der Aktivierung der App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/15/2015 01:00:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Wissyeon)
Description: Bei der Aktivierung der App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/15/2015 00:59:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Wissyeon)
Description: Bei der Aktivierung der App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/15/2015 00:59:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Wissyeon)
Description: Bei der Aktivierung der App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


System errors:
=============
Error: (02/15/2015 01:20:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (02/15/2015 01:20:32 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎15.‎02.‎2015 um 13:08:49 unerwartet heruntergefahren.

Error: (02/15/2015 01:08:57 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (02/15/2015 01:08:49 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎15.‎02.‎2015 um 12:58:23 unerwartet heruntergefahren.

Error: (02/15/2015 01:06:28 PM) (Source: DCOM) (EventID: 10000) (User: Wissyeon)
Description: C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}5{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/15/2015 01:06:28 PM) (Source: DCOM) (EventID: 10000) (User: Wissyeon)
Description: C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}5{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/15/2015 01:06:28 PM) (Source: DCOM) (EventID: 10000) (User: Wissyeon)
Description: C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}5{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/15/2015 01:06:28 PM) (Source: DCOM) (EventID: 10000) (User: Wissyeon)
Description: C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}5{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/15/2015 01:06:28 PM) (Source: DCOM) (EventID: 10000) (User: Wissyeon)
Description: C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}5{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/15/2015 01:06:28 PM) (Source: DCOM) (EventID: 10000) (User: Wissyeon)
Description: C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}5{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}


Microsoft Office Sessions:
=========================
Error: (02/15/2015 01:11:20 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: avpui.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.FileLoadException
Stapel:
   bei KasperskyLab.Kis.UI.EntryPoint.Start(System.Action`1<Microsoft.Practices.Unity.IUnityContainer>, System.Collections.Generic.IEnumerable`1<System.Type>)
   bei KasperskyLab.Kis.UI.EntryPoint+<>c__DisplayClass2.<Preload>b__1()
   bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bei System.Threading.ThreadHelper.ThreadStart()

Error: (02/15/2015 01:00:55 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: avpui.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.FileLoadException
Stapel:
   bei KasperskyLab.Kis.UI.EntryPoint.Start(System.Action`1<Microsoft.Practices.Unity.IUnityContainer>, System.Collections.Generic.IEnumerable`1<System.Type>)
   bei KasperskyLab.Kis.UI.EntryPoint+<>c__DisplayClass2.<Preload>b__1()
   bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bei System.Threading.ThreadHelper.ThreadStart()

Error: (02/15/2015 01:00:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1728453f816dcWindows.UI.Xaml.dll6.3.9600.1723853d0d45cc000027b000000000084a6f2c0c01d04916c5518b52C:\Windows\Explorer.EXEC:\Windows\System32\Windows.UI.Xaml.dll3f14fd7f-b50a-11e4-832d-c03fd54403df

Error: (02/15/2015 01:00:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Wissyeon)
Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2144927148

Error: (02/15/2015 01:00:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Wissyeon)
Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2144927148

Error: (02/15/2015 01:00:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Wissyeon)
Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2144927148

Error: (02/15/2015 01:00:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Wissyeon)
Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2144927148

Error: (02/15/2015 01:00:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Wissyeon)
Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2144927148

Error: (02/15/2015 00:59:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Wissyeon)
Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2144927148

Error: (02/15/2015 00:59:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Wissyeon)
Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2144927148


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU G3220 @ 3.00GHz
Percentage of memory in use: 38%
Total physical RAM: 4051.48 MB
Available physical RAM: 2482.94 MB
Total Pagefile: 4755.48 MB
Available Pagefile: 2838.75 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:869.8 GB) (Free:815.52 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:43.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber · 17.02.2015, 07:03

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

iccu79 · 17.02.2015, 18:10

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 17.02.2015
Suchlauf-Zeit: 12:34:47
Logdatei: mbam.txt
Administrator: Nein

Version: 2.00.4.1028
Malware Datenbank: v2015.02.17.06
Rootkit Datenbank: v2015.02.03.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: iccu79

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 278577
Verstrichene Zeit: 18 Min, 33 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 16
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Löschen bei Neustart, [b9d1f22df496bf77df6719f4d42fb54b], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, Löschen bei Neustart, [b9d1f22df496bf77df6719f4d42fb54b], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, Löschen bei Neustart, [b9d1f22df496bf77df6719f4d42fb54b], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, Löschen bei Neustart, [b9d1f22df496bf77df6719f4d42fb54b], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, Löschen bei Neustart, [b9d1f22df496bf77df6719f4d42fb54b], 
PUP.Optional.CompatibilityVerifier.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Verifies and fixes application compatibility issues, Löschen bei Neustart, [7c0ef42b2a60ee4837209105ef145aa6], 
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\LevelQualityWatcher, Löschen bei Neustart, [890132ed3a50d0660f9c2d8af013629e], 
PUP.Optional.RRSavings.A, HKLM\SOFTWARE\rrsavings, Löschen bei Neustart, [197168b7a7e3989e3eeef1d7de256a96], 
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Löschen bei Neustart, [8505a679d5b57fb7a27978842fd50cf4], 
PUP.Optional.FreeSoftToday.A, HKLM\SOFTWARE\WOW6432NODE\FREE_SOFT_TODAY, Löschen bei Neustart, [0882a679008a7cba4fa6a170b0551ae6], 
PUP.Optional.WindowsProtectManger.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsProtectManger, Löschen bei Neustart, [2763ea351e6cfc3acd1406b0f50e03fd], 
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\webssearchesSoftware, Löschen bei Neustart, [5e2ce33cb3d760d66df9339bad56cd33], 
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Löschen bei Neustart, [5337f32cb7d3bc7afc1f02fad62ea060], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP, Löschen bei Neustart, [25654cd394f69f97b90ae1ca788b55ab], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, Löschen bei Neustart, [5f2ba976c1c951e5886c496263a0a858], 
PUP.Optional.Tuto4Pc.A, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS, Löschen bei Neustart, [5c2e9e815f2b43f30dee5ebe27de54ac], 

Registrierungswerte: 5
PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_de_43, Löschen bei Neustart, [7812e6398604171f416e5c6bf50ed52b], 
PUP.Optional.QuickStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|quick_start@gmail.com, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com, Löschen bei Neustart, [ddad809f197149ed47d99837cc37c838]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP|dir, C:\Program Files (x86)\SupTab, Löschen bei Neustart, [25654cd394f69f97b90ae1ca788b55ab]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, amt, Löschen bei Neustart, [5f2ba976c1c951e5886c496263a0a858]
PUP.Optional.Tuto4Pc.A, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS|HostGUID, 7B477AB5-D9C0-4788-9CB5-2AAA3846162F, Löschen bei Neustart, [5c2e9e815f2b43f30dee5ebe27de54ac]

Registrierungsdaten: 12
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX),Löschen bei Neustart,[f09afe21602a2610c65703b612f308f8]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://istart.webssearches.com/web/?type=ds&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX&q={searchTerms}),Löschen bei Neustart,[dcae8798dfab082ee7391f9ad33214ec]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://istart.webssearches.com/?type=hp&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX),Löschen bei Neustart,[29618798305abe78e03f4b6e689da55b]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://istart.webssearches.com/?type=hp&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX),Löschen bei Neustart,[7812bc63d1b91e18fe23635654b15ea2]
PUP.Optional.WebsSearches, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://istart.webssearches.com/web/?type=ds&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX&q={searchTerms}),Löschen bei Neustart,[652543dcd7b3b0863e5be4d247be3cc4]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Löschen bei Neustart,[fb8f27f81179e65049b4fec48c795ba5]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX),Löschen bei Neustart,[0d7d0916a1e92f07130a17a217ee9b65]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://istart.webssearches.com/web/?type=ds&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX&q={searchTerms}),Löschen bei Neustart,[e9a1130c701a2313041c9c1d699c916f]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://istart.webssearches.com/?type=hp&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX),Löschen bei Neustart,[dbaf74ab523864d228f7f9c0699c5da3]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://istart.webssearches.com/?type=hp&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX),Löschen bei Neustart,[a3e774ab107ad462c45d6d4c7c89e61a]
PUP.Optional.WebsSearches, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://istart.webssearches.com/web/?type=ds&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX&q={searchTerms}),Löschen bei Neustart,[4a402ff03f4b6acc6c2d882e28ddce32]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Löschen bei Neustart,[0d7df52ab4d6a1955f9e4c76c04540c0]

Ordner: 73
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier, Löschen bei Neustart, [7c0ef42b2a60ee4837209105ef145aa6], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\locales, Löschen bei Neustart, [7c0ef42b2a60ee4837209105ef145aa6], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\iccu79\AppData\Roaming\Compatibility Verifier, In Quarantäne, [22689b84a8e22f070552672f51b247b9], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\iccu79\AppData\Roaming\Compatibility Verifier\locales, In Quarantäne, [22689b84a8e22f070552672f51b247b9], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\Iccu\AppData\Roaming\Compatibility Verifier, Löschen bei Neustart, [3951bc6395f5f54150070b8bd52e4bb5], 
PUP.Optional.CompatibilityVerifier.A, c:\users\iccu\appdata\roaming\compatibility verifier\locales, Löschen bei Neustart, [3951bc6395f5f54150070b8bd52e4bb5], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\include, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\include\tools, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\js\lib, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\js\module, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\js\pack, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\en, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\en-US, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\es, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\es-419, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\fr, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\fr-BE, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\fr-CA, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\fr-CH, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\fr-LU, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\it, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\it-CH, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\pl, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\pt-BR, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\ru, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\ru-MO, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\tr, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\vi, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\zh-CN, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\zh-TW, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\skin, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\skin\weather, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\defaults, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\defaults\preferences, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\modules, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.WebsSearches.A, C:\Users\iccu79\AppData\Roaming\webssearches, In Quarantäne, [d7b360bffe8cb97d5a6a8eceaa59fa06], 
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter, Löschen bei Neustart, [0c7e59c68bff13233a4bfd64af540af6], 
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\SSL, Löschen bei Neustart, [0c7e59c68bff13233a4bfd64af540af6], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger, Löschen bei Neustart, [741617081278c274b42217547f84bf41], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\log, Löschen bei Neustart, [741617081278c274b42217547f84bf41], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\update, Löschen bei Neustart, [741617081278c274b42217547f84bf41], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Users\iccu79\AppData\Roaming\SupTab, In Quarantäne, [6327ae714a40cd6931a8b7bbb152c23e], 
PUP.Optional.GenesisOffers, C:\Users\iccu79\AppData\Local\Genesis_06180759, In Quarantäne, [c2c839e6bad0eb4ba6167df950b322de], 

Dateien: 169
PUP.Optional.IEPluginService.A, C:\Program Files (x86)\SupTab\RSHP.exe, Löschen bei Neustart, [2e5ca57a97f3310554951f71e8193ec2], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\cef.pak, Löschen bei Neustart, [7c0ef42b2a60ee4837209105ef145aa6], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\cef_100_percent.pak, Löschen bei Neustart, [7c0ef42b2a60ee4837209105ef145aa6], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\cef_200_percent.pak, Löschen bei Neustart, [7c0ef42b2a60ee4837209105ef145aa6], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe, Löschen bei Neustart, [7c0ef42b2a60ee4837209105ef145aa6], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe, Löschen bei Neustart, [7c0ef42b2a60ee4837209105ef145aa6], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\d3dcompiler_46.dll, Löschen bei Neustart, [7c0ef42b2a60ee4837209105ef145aa6], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\debug.log, Löschen bei Neustart, [7c0ef42b2a60ee4837209105ef145aa6], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\ffmpegsumo.dll, Löschen bei Neustart, [7c0ef42b2a60ee4837209105ef145aa6], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\icudtl.dat, Löschen bei Neustart, [7c0ef42b2a60ee4837209105ef145aa6], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\libEGL.dll, Löschen bei Neustart, [7c0ef42b2a60ee4837209105ef145aa6], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\libGLESv2.dll, Löschen bei Neustart, [7c0ef42b2a60ee4837209105ef145aa6], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\NPSWF32_15_0_0_189.dll, Löschen bei Neustart, [7c0ef42b2a60ee4837209105ef145aa6], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\Default\AppData\Roaming\Compatibility Verifier\vcredist_x86.exe, Löschen bei Neustart, [7c0ef42b2a60ee4837209105ef145aa6], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\iccu79\AppData\Roaming\Compatibility Verifier\cef.pak, In Quarantäne, [22689b84a8e22f070552672f51b247b9], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\iccu79\AppData\Roaming\Compatibility Verifier\cef_100_percent.pak, In Quarantäne, [22689b84a8e22f070552672f51b247b9], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\iccu79\AppData\Roaming\Compatibility Verifier\cef_200_percent.pak, In Quarantäne, [22689b84a8e22f070552672f51b247b9], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\iccu79\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe, In Quarantäne, [22689b84a8e22f070552672f51b247b9], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\iccu79\AppData\Roaming\Compatibility Verifier\d3dcompiler_46.dll, In Quarantäne, [22689b84a8e22f070552672f51b247b9], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\iccu79\AppData\Roaming\Compatibility Verifier\ffmpegsumo.dll, In Quarantäne, [22689b84a8e22f070552672f51b247b9], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\iccu79\AppData\Roaming\Compatibility Verifier\icudtl.dat, In Quarantäne, [22689b84a8e22f070552672f51b247b9], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\iccu79\AppData\Roaming\Compatibility Verifier\libEGL.dll, In Quarantäne, [22689b84a8e22f070552672f51b247b9], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\iccu79\AppData\Roaming\Compatibility Verifier\libGLESv2.dll, In Quarantäne, [22689b84a8e22f070552672f51b247b9], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\iccu79\AppData\Roaming\Compatibility Verifier\NPSWF32_15_0_0_189.dll, In Quarantäne, [22689b84a8e22f070552672f51b247b9], 
PUP.Optional.CompatibilityVerifier.A, C:\Users\iccu79\AppData\Roaming\Compatibility Verifier\vcredist_x86.exe, In Quarantäne, [22689b84a8e22f070552672f51b247b9], 
PUP.Optional.CompatibilityVerifier.A, c:\users\iccu\appdata\roaming\compatibility verifier\cef.pak, Löschen bei Neustart, [3951bc6395f5f54150070b8bd52e4bb5], 
PUP.Optional.CompatibilityVerifier.A, c:\users\iccu\appdata\roaming\compatibility verifier\cef_100_percent.pak, Löschen bei Neustart, [3951bc6395f5f54150070b8bd52e4bb5], 
PUP.Optional.CompatibilityVerifier.A, c:\users\iccu\appdata\roaming\compatibility verifier\cef_200_percent.pak, Löschen bei Neustart, [3951bc6395f5f54150070b8bd52e4bb5], 
PUP.Optional.CompatibilityVerifier.A, c:\users\iccu\appdata\roaming\compatibility verifier\compatibilitycheck.exe, Löschen bei Neustart, [3951bc6395f5f54150070b8bd52e4bb5], 
PUP.Optional.CompatibilityVerifier.A, c:\users\iccu\appdata\roaming\compatibility verifier\compatibilitychecksvc.exe, Löschen bei Neustart, [3951bc6395f5f54150070b8bd52e4bb5], 
PUP.Optional.CompatibilityVerifier.A, c:\users\iccu\appdata\roaming\compatibility verifier\d3dcompiler_46.dll, Löschen bei Neustart, [3951bc6395f5f54150070b8bd52e4bb5], 
PUP.Optional.CompatibilityVerifier.A, c:\users\iccu\appdata\roaming\compatibility verifier\debug.log, Löschen bei Neustart, [3951bc6395f5f54150070b8bd52e4bb5], 
PUP.Optional.CompatibilityVerifier.A, c:\users\iccu\appdata\roaming\compatibility verifier\ffmpegsumo.dll, Löschen bei Neustart, [3951bc6395f5f54150070b8bd52e4bb5], 
PUP.Optional.CompatibilityVerifier.A, c:\users\iccu\appdata\roaming\compatibility verifier\icudtl.dat, Löschen bei Neustart, [3951bc6395f5f54150070b8bd52e4bb5], 
PUP.Optional.CompatibilityVerifier.A, c:\users\iccu\appdata\roaming\compatibility verifier\libegl.dll, Löschen bei Neustart, [3951bc6395f5f54150070b8bd52e4bb5], 
PUP.Optional.CompatibilityVerifier.A, c:\users\iccu\appdata\roaming\compatibility verifier\libglesv2.dll, Löschen bei Neustart, [3951bc6395f5f54150070b8bd52e4bb5], 
PUP.Optional.CompatibilityVerifier.A, c:\users\iccu\appdata\roaming\compatibility verifier\npswf32_15_0_0_189.dll, Löschen bei Neustart, [3951bc6395f5f54150070b8bd52e4bb5], 
PUP.Optional.CompatibilityVerifier.A, c:\users\iccu\appdata\roaming\compatibility verifier\vcredist_x86.exe, Löschen bei Neustart, [3951bc6395f5f54150070b8bd52e4bb5], 
PUP.Optional.InetStat.A, C:\Users\iccu79\AppData\Roaming\InetStat\inetstat.exe, In Quarantäne, [c5c5110e46449f973e03bde39b68c13f], 
PUP.Optional.WebsSearches.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml, Löschen bei Neustart, [88027aa51d6dd363ed7b23ab5ea5dc24], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome.manifest, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\install.rdf, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\index.html, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\quick_start.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\quick_start.xul, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\include\pageload.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\include\speed_dial.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\include\tools\about_blank_hook.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\include\tools\misc.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\include\tools\popup_image_helper.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\include\tools\urlrequestor.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\js\js.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\js\toolbar.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\js\lib\doT.min.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\js\lib\jquery-2.1.0.min.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\js\lib\jquery.autocomplete.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\js\module\bookmark.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\js\module\helpGider.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\js\module\hotSearch.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\js\module\other.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\js\module\pageManager.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\js\module\pageNew.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\js\module\search.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\js\module\searchMode.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\js\module\stat.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\js\module\wallpaper.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\js\module\weather.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\js\pack\browerStart.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\js\pack\common.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\js\pack\ga.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\content\js\pack\xagainit.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\en\locale.properties, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\en-US\locale.properties, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\es\locale.properties, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\es-419\locale.properties, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\fr\locale.properties, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\fr-BE\locale.properties, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\fr-CA\locale.properties, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\fr-CH\locale.properties, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\fr-LU\locale.properties, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\it\locale.properties, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\it-CH\locale.properties, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\pl\locale.properties, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\pt-BR\locale.properties, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\ru\locale.properties, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\ru-MO\locale.properties, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\tr\locale.properties, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\vi\locale.properties, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\zh-CN\locale.properties, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\locale\zh-TW\locale.properties, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\skin\arrow.png, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\skin\default_add_logo.png, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\skin\default_add_logo_hover.png, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\skin\default_logo.png, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\skin\googlelogo.png, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\skin\googlelogo2.png, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\skin\google_trends.png, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\skin\icon.png, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\skin\loading.gif, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\skin\logo.ico, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\skin\logo.png, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\skin\logo32.ico, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\skin\media.css, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\skin\style.css, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\chrome\skin\weather\0.png, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\defaults\preferences\fvd.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\defaults\preferences\preferences.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\modules\addonmanager.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\modules\aes.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\modules\config.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\modules\dialogs.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\modules\last_tab.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\modules\misc.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\modules\properties.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\modules\remoterequest.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\modules\restoreprefs.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\extensions\quick_start@gmail.com\modules\settings.js, In Quarantäne, [14760d12d7b352e4590b07559b681de3], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\log\wprotectmanager_2014-06-18[09-57-56-933].log, Löschen bei Neustart, [741617081278c274b42217547f84bf41], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\update\conf, Löschen bei Neustart, [741617081278c274b42217547f84bf41], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\ient.json, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\install.data, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\uninstall.exe, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WebDataJs, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\data.html, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE.html, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE8.html, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\main.css, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\ver.txt, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\arrow.png, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo.png, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo_hover.png, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_logo.png, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo.png, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo2.png, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\google_trends.png, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon128.png, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon16.png, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon48.png, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\loading.gif, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\logo32.ico, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\0.png, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\common.js, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ga.js, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ie8.js, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\js.js, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\library.js, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit.js, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt\messages.json, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json, Löschen bei Neustart, [e2a851ce533744f2f4e42e44b84b06fa], 
PUP.Optional.QuickStart.A, C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");), Ersetzt,[b5d57ea19feb12241e33817d62a31ee2]

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

Code:

ATTFilter

# AdwCleaner v4.110 - Bericht erstellt 17/02/2015 um 18:01:20
# Aktualisiert 05/02/2015 von Xplode
# Datenbank : 2015-02-05.2 [Lokal]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Iccu - WISSYEON
# Gestarted von : C:\Users\iccu79\Downloads\AdwCleaner_4.110.exe
# Option : Suchlauf

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml
Datei Gefunden : C:\Users\iccu79\AppData\Roaming\Mozilla\Firefox\Profiles\qllaihw9.default\searchplugins\ask-search.xml
Datei Gefunden : C:\Users\Public\Desktop\eBay.lnk
Datei Gefunden : C:\Windows\SysWOW64\RegistryHelperLM.ocx
Ordner Gefunden : C:\Program Files (x86)\predm
Ordner Gefunden : C:\Program Files (x86)\SupTab
Ordner Gefunden : C:\Program Files\002
Ordner Gefunden : C:\Program Files\RrFilter
Ordner Gefunden : C:\ProgramData\apn
Ordner Gefunden : C:\ProgramData\Registry Helper
Ordner Gefunden : C:\ProgramData\WindowsProtectManger
Ordner Gefunden : C:\Users\Gast\AppData\Roaming\Compatibility Verifier
Ordner Gefunden : C:\Users\Iccu\AppData\Roaming\Compatibility Verifier
Ordner Gefunden : C:\Users\iccu79\AppData\Roaming\InetStat

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Daten Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Daten Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:63754;hxxps=127.0.0.1:63754
Daten Gefunden : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Schlüssel Gefunden : HKLM\SOFTWARE\Free_soft_today
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : HKLM\SOFTWARE\Registry Helper
Schlüssel Gefunden : HKLM\SOFTWARE\SupDp
Schlüssel Gefunden : HKLM\SOFTWARE\SupTab
Schlüssel Gefunden : HKLM\SOFTWARE\supWindowsProtectManger
Schlüssel Gefunden : HKLM\SOFTWARE\Tutorials
Schlüssel Gefunden : HKLM\SOFTWARE\webssearchesSoftware
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\RrSavings
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416

Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://istart.webssearches.com/web/?type=ds&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX&q={searchTerms}
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://istart.webssearches.com/?type=hp&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://istart.webssearches.com/?type=hp&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://istart.webssearches.com/web/?type=ds&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX&q={searchTerms}
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://istart.webssearches.com/web/?type=ds&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX&q={searchTerms}
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://istart.webssearches.com/?type=hp&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://istart.webssearches.com/?type=hp&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://istart.webssearches.com/web/?type=ds&ts=1403078257&from=amt&uid=TOSHIBAXDT01ACA100_14791UENSXX14791UENSX&q={searchTerms}

-\\ Mozilla Firefox v35.0.1 (x86 de)

[qllaihw9.default] - Zeile Gefunden : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[qllaihw9.default] - Zeile Gefunden : user_pref("browser.search.defaultenginename", "webssearches");
[qllaihw9.default] - Zeile Gefunden : user_pref("browser.search.selectedEngine", "webssearches");
[qllaihw9.default] - Zeile Gefunden : user_pref("extensions.quick_start.enable_search1", false);
[qllaihw9.default] - Zeile Gefunden : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

-\\ Google Chrome v40.0.2214.111

*************************

AdwCleaner[R0].txt - [5977 Bytes] - [17/02/2015 13:59:26]
AdwCleaner[R1].txt - [5868 Bytes] - [17/02/2015 18:01:20]

########## EOF - \AdwCleaner\AdwCleaner[R1].txt - [5927 Bytes] ##########

schrauber · 18.02.2015, 06:26

AdwCleaner auch löschen lassen. Und den Rest bitte

15.02.2015, 19:27	#4
schrauber /// the machine /// TB-Ausbilder	PC zu langsam, manche Apps funktionieren nicht Addition.txt bitte auch posten. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

18.02.2015, 06:26	#8
schrauber /// the machine /// TB-Ausbilder	PC zu langsam, manche Apps funktionieren nicht AdwCleaner auch löschen lassen. Und den Rest bitte __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

PC zu langsam, manche Apps funktionieren nicht

Log-Analyse und Auswertung: PC zu langsam, manche Apps funktionieren nicht