Windows 8 komplett Virenfrei machen!

Leo98 · 30.06.2015, 19:28

Hallo,
ich habe das Problem, dass sich einfach irgendwelche Setups immer wieder öffnen und ich auch Programme wie Crossbrowse oder 3D BubbleSound nicht deinstallieren kann. Kann mir jemand helfen meinen PC komplett Virenfrei zu machen?
Danke im Voraus!

cosinus · 30.06.2015, 19:47

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Leo98 · 30.06.2015, 20:03

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
Ran by Leon (administrator) on LEON-PC on 30-06-2015 20:57:58
Running from C:\Users\Leon\Desktop
Loaded Profiles: Leon (Available Profiles: Leon)
Platform: Windows 8.1 Pro with Media Center (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(DTools LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Users\Leon\AppData\Roaming\00000000-1427290565-0000-0000-8C89A57CCF91\jnspAA3E.tmp
() C:\Program Files (x86)\Product Deals\bin\utilProductDeals.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(WS) C:\Program Files (x86)\WordShark_1.10.0.19\Service\wssvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(BrowserV27.06) C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-6.exe
(BrowserV27.06) C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-1-6.exe
() C:\Users\Leon\AppData\Roaming\00000000-1427290565-0000-0000-8C89A57CCF91\knsoB9AD.tmp
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Users\Leon\AppData\Local\gmsd_de_005010015\upgmsd_de_005010015.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\gmsd_de_005010015\gmsd_de_005010015.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [3D BubbleSound] => C:\Program Files\BubbleSound\3D BubbleSound.exe [14115328 2015-01-09] (zik.mu)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-01-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-06-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [976832 2010-06-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM-x32\...\Run: [gmsd_de_563] => [X]
HKLM-x32\...\Run: [SmartWeb] => C:\Users\Leon\AppData\Local\SmartWeb\SmartWebHelper.exe [270368 2015-02-17] (SoftBrain Technologies Ltd.)
HKLM-x32\...\Run: [gmsd_de_005010015] => C:\Program Files (x86)\gmsd_de_005010015\gmsd_de_005010015.exe [3984040 2015-06-27] ()
HKLM-x32\...\RunOnce: [upgmsd_de_005010015.exe] => C:\Users\Leon\AppData\Local\gmsd_de_005010015\upgmsd_de_005010015.exe [3298472 2015-06-27] ()
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28787840 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\...\Run: [GoogleChromeAutoLaunch_A86699F941DA303A05CE9685C5BFFD4A] => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe [637440 2015-05-12] (Crossbrowse)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-11-04]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk [2012-11-04]
ShortcutTarget: phase-6 Reminder.lnk -> C:\Program Files (x86)\phase-6\phase-6\reminder\reminder.exe (phase-6)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk [2012-11-04]
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk [2012-11-04]
ShortcutTarget: WDSmartWare.lnk -> C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
Startup: C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk [2015-06-27]
ShortcutTarget: crossbrowse.lnk -> C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (Crossbrowse)
Startup: C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk [2015-06-27]
ShortcutTarget: SmartWeb.lnk -> C:\Users\Leon\AppData\Local\SmartWeb\SmartWebHelper.exe (SoftBrain Technologies Ltd.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:57889;https=127.0.0.1:57889
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts=1432722120&z=7da3618e633ee4e003706e3g4zccao5m0o6oee6teg&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts=1432722120&z=7da3618e633ee4e003706e3g4zccao5m0o6oee6teg&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1432722022&z=663ff635630f78f6df10e0dg6z9cdoem8oagbt8t3c&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=1432722120&z=7da3618e633ee4e003706e3g4zccao5m0o6oee6teg&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=1432722120&z=7da3618e633ee4e003706e3g4zccao5m0o6oee6teg&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1432722022&z=663ff635630f78f6df10e0dg6z9cdoem8oagbt8t3c&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP&q={searchTerms}
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1432722022&z=663ff635630f78f6df10e0dg6z9cdoem8oagbt8t3c&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP&q={searchTerms}
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts=1432722120&z=7da3618e633ee4e003706e3g4zccao5m0o6oee6teg&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=1432722120&z=7da3618e633ee4e003706e3g4zccao5m0o6oee6teg&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1432722022&z=663ff635630f78f6df10e0dg6z9cdoem8oagbt8t3c&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2382863035-827234180-2916811482-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=face&utm_campaign=install_ie&utm_content=ds&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP&ts=1432722128&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2382863035-827234180-2916811482-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=face&utm_campaign=install_ie&utm_content=ds&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP&ts=1432722128&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2382863035-827234180-2916811482-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www-searching.com/search.aspx?s=F6Rztutdk0004,ce89c980-787c-4d87-87e6-d5f943658c5c&site=shyosie&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2382863035-827234180-2916811482-1001 -> {9520242B-F0C8-45A5-B08B-87303ABE231A} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=face&utm_campaign=install_ie&utm_content=ds&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP&ts=1432722128&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2382863035-827234180-2916811482-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=face&utm_campaign=install_ie&utm_content=ds&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP&ts=1432722128&type=default&q={searchTerms}
BHO-x32: Product Deals 1.0.0.7 -> {dd01946e-5501-4e11-b279-efdffd4c1487} -> C:\Program Files (x86)\Product Deals\ProductDealsbho.dll [2015-06-27] (Product Deals)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{52A50DEE-C720-435A-A07A-9DBB2C6A6C02}: [DhcpNameServer] 192.168.178.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-24] ()
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-01-07] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-24] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-06-27] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-06-27] (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-01-07] (Adobe Systems)
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlusV1\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha582\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta576\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta10961\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha666\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1068\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3481\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5512\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home8091\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6792\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release1053\ff [not found]

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (FullContact for Gmail) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnaibnehbbinoohhjafknihmlopdhhip [2015-06-17]
CHR Extension: (BrowserV27.06) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn [2015-06-27]
CHR Extension: (Search Module Plus v2) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlcgehabolcakkjhgmgpkagpolbjlhfa [2015-06-27]
CHR Extension: (RIghtOffeoRApP) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhnbdkfjeoiocmmieikoneglejjlaoff [2015-06-17]
CHR Extension: (pioclpoplcdbaefihamjohnefbikjilc) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2015-06-12]
CHR HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlcgehabolcakkjhgmgpkagpolbjlhfa] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cgfjmjikpifldhhealodkfifokhbagcm] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta576\ch\VideoPlayerV3beta576.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [cploeijpnfbpcdomjmfgchlfgbennncn] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5512\ch\MediaViewV1alpha5512.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [fgkebcoamghomfiajpbllppihcjgjkbb] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3481\ch\MediaViewV1alpha3481.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [jjalkigbjoajjokfnmepdiknfmpbdpjo] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1068\ch\MediaViewerV1alpha1068.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [leldcecnejhenamkemkecblolkahkbei] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta10961\ch\VideoPlayerV3beta10961.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ngcmhddamaepplokdinlhhhflhnakhbe] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home8091\ch\MediaWatchV1home8091.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 531ae1a4; c:\Program Files (x86)\SystemProtract\SystemProtract.dll [1574400 2015-06-27] () [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-06-27] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-06-27] (globalUpdate) [File not signed] <==== ATTENTION
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
S2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [157824 2015-05-18] (XTab system)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 roqytuxe; C:\Users\Leon\AppData\Roaming\00000000-1427290565-0000-0000-8C89A57CCF91\knsoB9AD.tmp [153600 2015-06-27] () [File not signed]
R2 terecyne; C:\Users\Leon\AppData\Roaming\00000000-1427290565-0000-0000-8C89A57CCF91\jnspAA3E.tmp [151552 2015-03-25] () [File not signed]
R2 Util Product Deals; C:\Program Files (x86)\Product Deals\bin\utilProductDeals.exe [473336 2015-06-27] ()
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [129536 2009-11-13] (WDC) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WDSmartWareBackgroundService; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [697000 2015-05-27] (DTools LIMITED) <==== ATTENTION
R2 wssvc_1.10.0.19; C:\Program Files (x86)\WordShark_1.10.0.19\Service\wssvc.exe [299096 2015-06-16] (WS)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 SolidWorks Licensing Service; "C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation)
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-01-25] (Emsisoft GmbH)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R1 wsfd_1_10_0_19; C:\Windows\System32\drivers\wsfd_1_10_0_19.sys [57728 2015-06-16] (WS)
R3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S1 cherimoya; system32\drivers\cherimoya.sys [X]
S1 innfd_1_10_0_14; system32\drivers\innfd_1_10_0_14.sys [X]
S1 lmimirr; \SystemRoot\system32\DRIVERS\lmimirr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-30 20:57 - 2015-06-30 20:58 - 00026330 _____ C:\Users\Leon\Desktop\FRST.txt
2015-06-30 20:57 - 2015-06-30 20:58 - 00000000 ____D C:\FRST
2015-06-30 20:56 - 2015-06-30 20:56 - 02112512 _____ (Farbar) C:\Users\Leon\Desktop\FRST64.exe
2015-06-30 20:54 - 2015-06-30 20:54 - 02112512 _____ (Farbar) C:\Users\Leon\Downloads\EAE5.tmp
2015-06-27 21:03 - 2015-06-30 20:12 - 00003136 _____ C:\WINDOWS\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-1-6.job
2015-06-27 21:03 - 2015-06-30 20:12 - 00002444 _____ C:\WINDOWS\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-5_user.job
2015-06-27 21:03 - 2015-06-30 20:12 - 00002444 _____ C:\WINDOWS\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-5.job
2015-06-27 21:03 - 2015-06-30 20:12 - 00001016 _____ C:\WINDOWS\Tasks\EdxgtdGXxzVyef6a.job
2015-06-27 21:03 - 2015-06-30 20:11 - 00005516 _____ C:\WINDOWS\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-6.job
2015-06-27 21:03 - 2015-06-30 20:11 - 00005180 _____ C:\WINDOWS\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-7.job
2015-06-27 21:03 - 2015-06-30 20:11 - 00003136 _____ C:\WINDOWS\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-1-7.job
2015-06-27 21:03 - 2015-06-27 21:03 - 00008520 _____ C:\WINDOWS\System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-6
2015-06-27 21:03 - 2015-06-27 21:03 - 00008184 _____ C:\WINDOWS\System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-7
2015-06-27 21:03 - 2015-06-27 21:03 - 00006140 _____ C:\WINDOWS\System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-1-7
2015-06-27 21:03 - 2015-06-27 21:03 - 00006140 _____ C:\WINDOWS\System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-1-6
2015-06-27 21:03 - 2015-06-27 21:03 - 00005448 _____ C:\WINDOWS\System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-5
2015-06-27 21:03 - 2015-06-27 21:03 - 00004020 _____ C:\WINDOWS\System32\Tasks\EdxgtdGXxzVyef6a
2015-06-27 21:03 - 2015-06-27 21:03 - 00000000 ____D C:\Program Files (x86)\85c3582f-9a9c-4e9f-93c7-824223714908
2015-06-27 21:02 - 2015-06-30 20:11 - 00004156 _____ C:\WINDOWS\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-3.job
2015-06-27 21:02 - 2015-06-30 20:11 - 00000960 _____ C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-06-27 21:02 - 2015-06-27 21:07 - 00000964 _____ C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-06-27 21:02 - 2015-06-27 21:03 - 00000000 ____D C:\Program Files (x86)\BrowserV27.06
2015-06-27 21:02 - 2015-06-27 21:02 - 00007160 _____ C:\WINDOWS\System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-3
2015-06-27 21:02 - 2015-06-27 21:02 - 00003936 _____ C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-06-27 21:02 - 2015-06-27 21:02 - 00003700 _____ C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-06-27 21:01 - 2015-06-30 20:11 - 00001070 _____ C:\WINDOWS\Tasks\Crossbrowse.job
2015-06-27 21:01 - 2015-06-27 21:01 - 00004066 _____ C:\WINDOWS\System32\Tasks\Crossbrowse
2015-06-27 21:01 - 2015-06-27 21:01 - 00002410 _____ C:\Users\Public\Desktop\Crossbrowse.lnk
2015-06-27 21:01 - 2015-06-27 21:01 - 00002287 _____ C:\Users\Public\Desktop\YouTube.lnk
2015-06-27 21:01 - 2015-06-27 21:01 - 00000000 ____D C:\Users\Leon\AppData\Local\Crossbrowse
2015-06-27 21:01 - 2015-06-27 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
2015-06-27 21:00 - 2015-06-27 21:00 - 00000000 ____D C:\Program Files (x86)\Crossbrowse
2015-06-27 20:53 - 2015-06-27 20:53 - 00004392 _____ C:\WINDOWS\System32\Tasks\Installer_shopperpro
2015-06-27 20:53 - 2015-06-27 20:53 - 00004380 _____ C:\WINDOWS\System32\Tasks\Installer_geforce
2015-06-27 20:53 - 2015-06-27 20:53 - 00000879 _____ C:\Users\Leon\Desktop\3D BubbleSound.lnk
2015-06-27 20:53 - 2015-06-27 20:53 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BubbleSound 1.0
2015-06-27 20:53 - 2015-06-27 20:53 - 00000000 ____D C:\Program Files\BubbleSound
2015-06-27 20:52 - 2015-06-27 20:52 - 00004174 _____ C:\WINDOWS\System32\Tasks\WordShark Auto Updater 1.10.0.19 Pending Update
2015-06-27 20:52 - 2015-06-27 20:52 - 00004164 _____ C:\WINDOWS\System32\Tasks\WordShark Auto Updater 1.10.0.19 Core
2015-06-27 20:52 - 2015-06-27 20:52 - 00003532 _____ C:\WINDOWS\System32\Tasks\Inst_Rep
2015-06-27 20:52 - 2015-06-27 20:52 - 00000000 ____D C:\Users\Leon\AppData\Local\CrashRpt
2015-06-27 20:52 - 2015-06-27 20:52 - 00000000 ____D C:\Program Files (x86)\WordShark_1.10.0.19
2015-06-27 20:52 - 2015-06-27 20:52 - 00000000 ____D C:\Program Files (x86)\Product Deals
2015-06-27 20:51 - 2015-06-27 21:03 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx
2015-06-27 20:51 - 2015-06-27 20:51 - 00613255 _____ (CMI Limited) C:\Users\Leon\AppData\Local\nsg56A7.tmp
2015-06-27 20:51 - 2015-06-27 20:51 - 00000000 __SHD C:\Users\Leon\AppData\Roaming\AnyProtectEx
2015-06-27 20:47 - 2015-06-30 20:37 - 00000000 ____D C:\Users\Leon\AppData\Local\gmsd_de_005010015
2015-06-27 20:47 - 2015-06-27 20:48 - 00000000 ____D C:\Program Files (x86)\gmsd_de_005010015
2015-06-27 17:25 - 2015-06-27 17:25 - 00000000 ____D C:\Program Files (x86)\SystemProtract
2015-06-24 14:30 - 2015-06-27 17:25 - 00000000 ____D C:\ProgramData\dcb6892700001287
2015-06-24 14:21 - 2015-06-30 20:27 - 00000024 _____ C:\Users\Leon\AppData\Roaming\appdataFr25.bin
2015-06-17 18:30 - 2015-06-17 18:30 - 00000000 ____D C:\Program Files (x86)\FullContact for Gmail
2015-06-17 18:29 - 2015-06-27 18:29 - 00000368 _____ C:\WINDOWS\Tasks\WeddingWiz.job
2015-06-17 18:29 - 2015-06-24 18:29 - 00000000 ____D C:\ProgramData\{75b40529-ff81-e21a-75b4-40529ff814a7}
2015-06-17 18:29 - 2015-06-17 18:29 - 00003252 _____ C:\WINDOWS\System32\Tasks\WeddingWiz
2015-06-17 16:13 - 2015-06-17 16:13 - 00001177 _____ C:\Users\Leon\Desktop\Run all Night - Verknüpfung.lnk
2015-06-16 00:27 - 2015-06-16 00:27 - 00057728 _____ (WS) C:\WINDOWS\system32\Drivers\wsfd_1_10_0_19.sys
2015-06-12 21:03 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-12 21:03 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-12 21:03 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-12 21:03 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-12 21:03 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-12 21:03 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-12 21:03 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-12 21:03 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-12 21:03 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-12 21:03 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-12 21:03 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-12 21:03 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-12 21:03 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-12 21:03 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-12 21:03 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-12 21:03 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-12 21:03 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-12 21:03 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-12 21:03 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-12 21:03 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-12 21:03 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-12 21:03 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-12 21:03 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-12 21:03 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-12 21:03 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-12 21:03 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-12 21:03 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-12 21:03 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-12 21:03 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-12 21:03 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-12 21:03 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-12 21:03 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-12 21:03 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-12 21:03 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-12 21:03 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-12 21:03 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-12 21:03 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-12 21:03 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-12 21:03 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-12 21:03 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-12 20:33 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-12 20:32 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-12 20:32 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-12 20:32 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-12 20:32 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-12 20:32 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-12 20:32 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-12 20:32 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-12 20:32 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-12 20:31 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-12 20:31 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-12 20:31 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-12 20:31 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-12 20:28 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-12 20:28 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-12 20:22 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-12 20:22 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-12 20:19 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-12 20:19 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-12 20:19 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-12 20:13 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-12 20:13 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-12 20:13 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-12 20:13 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-12 20:13 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-12 20:13 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-12 20:13 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-12 20:13 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-12 20:13 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-12 20:13 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-12 20:13 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-12 20:13 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-12 20:13 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-12 20:13 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-12 20:13 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-12 20:13 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-12 20:13 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-12 20:13 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-12 20:13 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-12 20:13 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-12 20:09 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-12 20:03 - 2015-06-17 18:29 - 00000000 ____D C:\Program Files (x86)\NewSaveor
2015-06-12 20:03 - 2015-06-17 18:29 - 00000000 ____D C:\Program Files (x86)\NeweSeaVer
2015-06-12 20:03 - 2015-06-12 20:03 - 00000000 ____D C:\Program Files (x86)\NewSaVeR
2015-06-12 19:42 - 2015-06-17 18:30 - 00000000 ____D C:\Program Files (x86)\IndepthSystem
2015-06-11 19:50 - 2015-06-24 14:47 - 18174128 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-30 20:50 - 2013-11-26 20:08 - 01100151 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-30 20:50 - 2013-08-22 16:46 - 00356431 _____ C:\WINDOWS\setupact.log
2015-06-30 20:47 - 2013-12-18 17:13 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Skype
2015-06-30 20:45 - 2013-11-26 21:18 - 00003922 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A6EF7ABD-A2A8-4971-A471-E9D91CE51F45}
2015-06-30 20:43 - 2013-10-01 16:10 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-30 20:14 - 2013-10-01 16:09 - 00000000 ____D C:\Users\Leon\AppData\Local\Adobe
2015-06-30 20:12 - 2015-03-01 14:04 - 00000000 ___RD C:\Users\Leon\iCloudDrive
2015-06-30 20:12 - 2014-11-19 00:16 - 00000000 ____D C:\Users\Leon\AppData\Local\LogMeIn Hamachi
2015-06-30 20:12 - 2014-03-10 16:40 - 00000000 ___DO C:\Users\Leon\SkyDrive
2015-06-30 20:12 - 2013-07-15 16:51 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-30 20:11 - 2015-03-25 15:36 - 00000000 ____D C:\Users\Leon\AppData\Roaming\00000000-1427290565-0000-0000-8C89A57CCF91
2015-06-30 20:11 - 2015-02-10 18:01 - 00001698 _____ C:\WINDOWS\Tasks\ACQUPTNI.job
2015-06-30 20:11 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-27 22:12 - 2012-11-04 12:45 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2382863035-827234180-2916811482-1001
2015-06-27 21:38 - 2014-12-29 22:28 - 00000000 __SHD C:\Users\Leon\AppData\Local\EmieBrowserModeList
2015-06-27 21:38 - 2014-08-17 15:47 - 00000000 ____D C:\Users\Leon\AppData\Roaming\vlc
2015-06-27 21:38 - 2014-05-28 15:18 - 00000000 __SHD C:\Users\Leon\AppData\Local\EmieUserList
2015-06-27 21:38 - 2014-05-28 15:18 - 00000000 __SHD C:\Users\Leon\AppData\Local\EmieSiteList
2015-06-27 21:02 - 2015-05-27 12:25 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-06-27 21:01 - 2014-04-12 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-27 20:57 - 2013-11-26 20:08 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-27 20:57 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-27 20:55 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-06-27 20:47 - 2015-05-27 12:20 - 00000000 ____D C:\Users\Leon\AppData\Local\SmartWeb
2015-06-27 18:29 - 2015-05-27 12:29 - 00000364 _____ C:\WINDOWS\Tasks\Bidaily Synchronize Task[d492].job
2015-06-27 17:55 - 2014-05-13 15:41 - 00000000 ____D C:\Users\Leon\AppData\Roaming\UseNeXT
2015-06-27 17:54 - 2014-05-13 15:41 - 00000000 ____D C:\Users\Leon\Documents\UseNeXT
2015-06-27 17:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-24 15:48 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-24 14:47 - 2013-10-01 16:10 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-21 17:36 - 2013-12-19 19:29 - 00385536 ___SH C:\Users\Leon\Desktop\Thumbs.db
2015-06-20 05:02 - 2015-05-06 20:11 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-20 05:02 - 2015-05-06 20:11 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-17 18:30 - 2015-05-27 12:29 - 00000000 ____D C:\ProgramData\5786049068603124795
2015-06-17 15:56 - 2014-07-28 17:33 - 00000000 ____D C:\Users\Leon\AppData\Roaming\dvdcss
2015-06-17 13:48 - 2015-05-27 12:44 - 00000000 ____D C:\ProgramData\12e8f0fe0000708d
2015-06-15 22:15 - 2013-11-26 20:12 - 00000000 ____D C:\Users\Leon
2015-06-15 19:51 - 2013-09-29 21:05 - 00138670 _____ C:\WINDOWS\PFRO.log
2015-06-15 19:49 - 2014-12-11 18:42 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-15 19:49 - 2014-07-13 12:48 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-15 19:49 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-13 16:40 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-13 15:10 - 2013-08-22 16:44 - 05162592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-12 22:47 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-12 22:46 - 2013-08-28 18:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-12 22:41 - 2012-12-13 18:30 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-12 19:44 - 2013-12-18 17:13 - 00000000 ____D C:\ProgramData\Skype
2015-06-12 19:43 - 2015-05-27 12:46 - 00000000 ____D C:\ProgramData\32345d43000071e4
2015-06-11 19:51 - 2013-09-30 06:14 - 01785582 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-11 19:51 - 2013-09-30 05:58 - 00767850 _____ C:\WINDOWS\system32\perfh007.dat
2015-06-11 19:51 - 2013-09-30 05:58 - 00160170 _____ C:\WINDOWS\system32\perfc007.dat

==================== Files in the root of some directories =======

2015-06-24 14:21 - 2015-06-30 20:27 - 0000024 _____ () C:\Users\Leon\AppData\Roaming\appdataFr25.bin
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Leon\AppData\Roaming\EdxgtdGXxzVyef6a
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Leon\AppData\Roaming\EdxgtdGXxzVyef6a.exe
2014-08-25 17:32 - 2015-01-25 16:32 - 0000189 _____ () C:\Users\Leon\AppData\Roaming\WB.CFG
2013-04-23 16:37 - 2013-04-25 15:25 - 0004608 _____ () C:\Users\Leon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-04 17:32 - 2014-12-18 21:32 - 0000010 _____ () C:\Users\Leon\AppData\Local\DSI.DAT
2014-12-04 17:32 - 2014-12-04 17:32 - 0022528 _____ () C:\Users\Leon\AppData\Local\dsisetup2482016872.exe
2014-12-18 21:32 - 2014-12-18 21:32 - 0022528 _____ () C:\Users\Leon\AppData\Local\dsisetup6149092032.exe
2015-06-27 20:51 - 2015-06-27 20:51 - 0613255 _____ (CMI Limited) C:\Users\Leon\AppData\Local\nsg56A7.tmp
2015-05-27 12:45 - 2015-05-27 12:45 - 0000000 _____ () C:\Users\Leon\AppData\Local\Temp.dat
2012-11-04 18:17 - 2012-11-04 19:32 - 0001511 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Leon\AppData\Local\Temp\5068.exe
C:\Users\Leon\AppData\Local\Temp\5650.exe
C:\Users\Leon\AppData\Local\Temp\8958.exe
C:\Users\Leon\AppData\Local\Temp\9413.exe
C:\Users\Leon\AppData\Local\Temp\fsd50AE.exe
C:\Users\Leon\AppData\Local\Temp\jue5F6.exe
C:\Users\Leon\AppData\Local\Temp\optprosetup.exe
C:\Users\Leon\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Leon\AppData\Local\Temp\Uninstall.exe
C:\Users\Leon\AppData\Local\Temp\UninstallModule.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-27 22:12

==================== End of log ============================

[CODE]Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by Leon at 2015-06-30 20:59:21
Running from C:\Users\Leon\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2382863035-827234180-2916811482-500 - Administrator - Disabled)
Gast (S-1-5-21-2382863035-827234180-2916811482-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2382863035-827234180-2916811482-1006 - Limited - Enabled)
Leon (S-1-5-21-2382863035-827234180-2916811482-1001 - Administrator - Enabled) => C:\Users\Leon

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.2.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.0.465 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.2.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.2 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.2.0 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.4 - BlueJ Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BrowserV27.06 (HKLM-x32\...\BrowserV27.06) (Version: 1.36.01.22 - BrowserV27.06) <==== ATTENTION
BubbleSound (HKLM\...\BubbleSound) (Version: 1.0 - BubbleSound) <==== ATTENTION!
Crossbrowse (HKLM-x32\...\Crossbrowse) (Version: 39.6.2171.95 - The Crossbrowse Authors) <==== ATTENTION!
Farming Simulator 2013 (HKLM-x32\...\Steam App 220260) (Version:  - Giants Software)
Free MP4 Video Converter version 5.0.45.716 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.45.716 - DVDVideoSoft Ltd.)
FreeCAD 0.15 - A free open source CAD system (HKLM-x32\...\FreeCAD 0.15) (Version: 0.15.4671 - Juergen Riegel)
FullContact for Gmail (HKLM-x32\...\{9777123F-5BF8-6C86-217E-7EB783C2E885}) (Version:  - )
GamesDesktop 014.005010015 (HKLM-x32\...\gmsd_de_005010015_is1) (Version:  - GAMESDESKTOP) <==== ATTENTION
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 6000 E609 Series (HKLM\...\{B16A196A-B3C9-4C19-A968-59365071A39F}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Landwirtschafts Simulator 2013 Hagensted Modified 2013 MoreRealistic (HKLM-x32\...\{F09E06EB-D878-4E4E-9190-84E3C4C1DC27}_is1) (Version: Landwirtschafts Simulator 2013 Hagensted Modified 4.1.5 MoreRealistic - Black Panther Group)
LinkFunc (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{1c94d82}) (Version:  - Software Publisher) <==== ATTENTION
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710F4C1C-CC18-4C49-8CBF-51240C89A1A2}) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version:  - )
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 352.86 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
phase-6 2.3.4 (HKLM-x32\...\phase-6) (Version: 2.3.4 - phase-6)
Phoenix R/C® (HKLM-x32\...\PhoenixRC) (Version: 5.0.w - Runtime Games Ltd)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
Product Deals (HKLM\...\Product Deals) (Version: 2015.06.27.152917 - Product Deals) <==== ATTENTION
Python 3.3.0 (HKLM-x32\...\{526b1417-92c1-3737-8247-4abc49ccc8e4}) (Version: 3.3.150 - Python Software Foundation)
Python 3.4.0 (HKLM-x32\...\{a37f2d73-72d1-364d-ba5d-cea430bcc040}) (Version: 3.4.150 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version:  - )
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
SmartWeb (HKLM-x32\...\SmartWeb) (Version: 8.0.9 - SoftBrain Technologies Ltd.) <==== ATTENTION
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
SystemProtract (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{531ae1a4}) (Version:  - Software Publisher) <==== ATTENTION
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WD SmartWare (HKLM\...\{604CB4FC-3D32-405F-A109-165F170529B6}) (Version: 1.2.0.8 - Western Digital)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WordShark 1.10.0.19 (HKLM-x32\...\WordShark_1.10.0.19) (Version: 1.10.0.19 - WordShark)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2382863035-827234180-2916811482-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Leon\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File

==================== Restore Points =========================

12-06-2015 20:26:20 Windows Update
21-06-2015 18:33:42 Geplanter Prüfpunkt

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-01-26 20:28 - 00000035 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01C299DB-AFC2-46DF-BB3F-A2B525A64596} - System32\Tasks\ACQUPTNI => C:\Users\Leon\AppData\Roaming\ACQUPTNI.exe <==== ATTENTION
Task: {0216AE07-699A-4BB7-AB29-F85108FBB9D9} - System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-1-7 => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-1-7.exe [2015-06-27] (BrowserV27.06) <==== ATTENTION
Task: {08FD8D94-C398-49C1-AA51-733B384E259A} - System32\Tasks\{823F7D7D-FBED-45B8-A935-5DDD590C629B} => pcalua.exe -a F:\setup.exe -d F:\
Task: {0D8E31FB-D4D4-4446-BC6F-1BA95589E585} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated)
Task: {11E75BD7-6885-45A1-B8B2-3693436AAE53} - System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-5 => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-5.exe [2015-06-27] (BrowserV27.06) <==== ATTENTION
Task: {13463012-30B6-4247-BC02-37FE5C00DF48} - System32\Tasks\{CF902354-A649-4A7E-8190-4A65E8788D8E} => Chrome.exe hxxp://ui.skype.com/ui/0/6.18.0.105/de/go/help.faq.installer?LastError=1638
Task: {1C59BF04-615A-4B1A-87EC-51C410034FEC} - System32\Tasks\WordShark Auto Updater 1.10.0.19 Core => C:\Program Files (x86)\WordShark_1.10.0.19\Update\WordSharkAutoUpdateClient.exe [2015-06-16] (WS)
Task: {1F08BE77-D0D4-4E7C-B6B0-F740D1BCEC67} - System32\Tasks\Inst_Rep => C:\Users\Leon\AppData\Local\Installer\Install_2191\DCytdkietut_tutdk_setup.exe [2015-06-27] ()
Task: {26384295-2CE1-48AC-9D71-5D7126C8BB09} - System32\Tasks\EdxgtdGXxzVyef6a => C:\Users\Leon\AppData\Roaming\EdxgtdGXxzVyef6a.exe [2015-04-20] () <==== ATTENTION
Task: {33611046-8A30-4F36-A146-D93BDF4E2628} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3794E0FB-19ED-4750-AF95-E23EB8030445} - System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-6 => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-6.exe [2015-06-27] (BrowserV27.06) <==== ATTENTION
Task: {3991A6EA-FEFD-402B-A879-67079AA75AC9} - System32\Tasks\WeddingWiz => c:\programdata\{75b40529-ff81-e21a-75b4-40529ff814a7}\8778777218675216938b.exe [2014-06-17] () <==== ATTENTION
Task: {3C2BBD85-47BD-4854-9F5E-05FDFB4FBC3B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-12] (Microsoft Corporation)
Task: {3DC1AF42-D326-4596-818F-2BD9F98B393A} - System32\Tasks\Run_Browser => C:\Users\Leon\AppData\Local\UnicoBrowser\Application\unicobrowser.exe <==== ATTENTION
Task: {40B89F98-CC97-4BE1-A22E-FAA00CF8DA0A} - System32\Tasks\{09F2AA2A-27B0-4CBC-A144-E8CF57EAF434} => pcalua.exe -a C:\Users\Leon\AppData\Roaming\omiga-plus\UninstallManager.exe -c  -ptid=pcs <==== ATTENTION
Task: {44EC837A-94C1-4F1B-BBC7-F8B74315F267} - System32\Tasks\Periodic Synchronize Task => c:\programdata\{e7f32564-9f9f-a002-e7f3-325649f99592}\hqghumeaylnlf.exe [2014-05-27] (PC Utilities Software Limited) <==== ATTENTION
Task: {5F8F0868-CFDD-4EA9-8F50-08946A440D18} - System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-7 => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-7.exe [2015-06-27] (BrowserV27.06) <==== ATTENTION
Task: {6C9F9837-99E9-4BB1-9256-0DF14358EA34} - System32\Tasks\{41A37D8F-AC88-4B51-83E1-6EE3A1645E1F} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.0.105/de/go/help.faq.installer?LastError=1638
Task: {7DE12135-AD60-43BB-BAAA-E49610CFA484} - System32\Tasks\WordShark Auto Updater 1.10.0.19 Pending Update => C:\Program Files (x86)\WordShark_1.10.0.19\Update\WordSharkAutoUpdateClient.exe [2015-06-16] (WS)
Task: {8C46E5C6-7477-4E21-8FFC-A7A086B6B0A9} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-06-27] (globalUpdate) <==== ATTENTION
Task: {96C083C5-5F3F-4939-9E76-465A63A4A5D6} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\Leon\AppData\Local\SmartWeb\SmartWebHelper.exe [2015-02-17] (SoftBrain Technologies Ltd.) <==== ATTENTION
Task: {983C2AD4-693E-4541-B5F0-6613FD1F3B8B} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)
Task: {A0B6EBC2-ECC8-48BB-92FC-B24D4818D025} - System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-3 => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-3.exe [2015-06-27] (BrowserV27.06) <==== ATTENTION
Task: {AE1D0E88-0FF1-4A7E-9DF1-330D5961E4BA} - System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-1-6 => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-1-6.exe [2015-06-27] (BrowserV27.06) <==== ATTENTION
Task: {AF7467F0-A70A-4ABC-BAA4-5EFB878012EA} - System32\Tasks\Bidaily Synchronize Task[d492] => c:\programdata\{916c61b0-822e-8f89-916c-c61b082286c2}\pricelessinstaller.exe [2014-05-27] () <==== ATTENTION
Task: {B5EEBCAF-F049-4ED6-897D-3305D45D7362} - System32\Tasks\Installer_geforce => C:\Users\Leon\AppData\Local\Installer\Installgeforce_14157\DCytdkietut_tutdk_setup.exe [2015-06-27] ()
Task: {C4A7EE1A-3F8D-4B54-ADC1-66F8F1D69679} - System32\Tasks\Installer_shopperpro => C:\Users\Leon\AppData\Local\Installer\Installshopperpro_14157\DCytdkietut_tutdk_setup.exe [2015-06-27] () <==== ATTENTION
Task: {C65826B8-E311-49F8-BE15-12ACA0203B9A} - System32\Tasks\{2F9E877F-B4D9-4267-B25B-0CA46AD9EE8D} => pcalua.exe -a "C:\Program Files (x86)\Wajam\uninstall.exe"
Task: {C87E6801-8E41-4D2B-B0F0-B24915E2E7C4} - System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-5_user => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-5.exe [2015-06-27] (BrowserV27.06) <==== ATTENTION
Task: {CF8CA595-F4C4-488A-B1BF-21D3678AA0FC} - System32\Tasks\{385F51D0-3B19-4913-88F1-85B409FAD9D8} => Chrome.exe hxxp://ui.skype.com/ui/0/6.18.0.106/de/go/help.faq.installer?source=lightinstaller&amp;LastError=1638
Task: {D8C904F1-61F9-4CFC-95A5-4B532C443C1F} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe [2015-06-27] () <==== ATTENTION
Task: {F592366E-7B59-4CAC-9D18-9F35DF4847ED} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-zihangl@hotmail.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {F81D49E4-90E8-4AD9-AF4B-178E695A667B} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-06-27] (globalUpdate) <==== ATTENTION
Task: {FB9E6523-1996-4EF3-BBEE-D53F54B393A6} - System32\Tasks\{F659F721-3DBD-4186-AFA6-06C5F2084EEB} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.0.105/de/go/help.faq.installer?LastError=1638
Task: {FBB214C2-16EF-4B61-A9D5-ED94A382D2C6} - System32\Tasks\{0B169B13-5F71-4518-A9DE-5A3487767D32} => pcalua.exe -a C:\PROGRA~3\TARMAI~1\{889DF~1\Setup.exe -c /remove /q0
Task: {FDBDF7B0-2609-48F0-A698-C8DD913EB657} - System32\Tasks\{D07C67D3-9738-44A2-9444-502EA9E813F3} => pcalua.exe -a C:\Users\Leon\AppData\Roaming\istartsurf\UninstallManager.exe -c  -ptid=face
Task: {FE47FA48-FF13-4ED3-8D03-2B1F9A83CC13} - System32\Tasks\MaxComputerCleaner_Start => C:\Program Files (x86)\Max Computer Cleaner\MaxComputerCleaner.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-1-6.job => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-1-6.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-1-7.job => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-1-7.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-3.job => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-3.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-5.job => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-5_user.job => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-6.job => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-6.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-7.job => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-7.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\ACQUPTNI.job => C:\Users\Leon\AppData\Roaming\ACQUPTNI.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Bidaily Synchronize Task[d492].job => c:\programdata\{916c61b0-822e-8f89-916c-c61b082286c2}\pricelessinstaller.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\EdxgtdGXxzVyef6a.job => C:\Users\Leon\AppData\Roaming\EdxgtdGXxzVyef6a.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Periodic Synchronize Task.job => c:\programdata\{e7f32564-9f9f-a002-e7f3-325649f99592}\hqghumeaylnlf.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\WeddingWiz.job => c:\programdata\{75b40529-ff81-e21a-75b4-40529ff814a7}\8778777218675216938b.exe <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2015-01-08 20:12 - 2015-01-08 20:12 - 02264576 _____ () C:\Program Files\BubbleSound\BubbleSound.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-25 15:36 - 2015-03-25 15:36 - 00151552 _____ () C:\Users\Leon\AppData\Roaming\00000000-1427290565-0000-0000-8C89A57CCF91\jnspAA3E.tmp
2015-06-27 17:30 - 2015-06-27 17:30 - 00473336 _____ () C:\Program Files (x86)\Product Deals\bin\utilProductDeals.exe
2015-06-27 22:41 - 2015-06-27 22:41 - 00153600 _____ () C:\Users\Leon\AppData\Roaming\00000000-1427290565-0000-0000-8C89A57CCF91\knsoB9AD.tmp
2013-11-26 20:08 - 2015-05-12 05:30 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-12-19 16:57 - 2014-12-19 16:57 - 01039008 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-06-27 20:47 - 2015-06-27 11:55 - 03298472 _____ () C:\Users\Leon\AppData\Local\gmsd_de_005010015\upgmsd_de_005010015.exe
2009-08-19 16:49 - 2009-08-19 16:49 - 00049152 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll
2009-02-25 15:18 - 2009-02-25 15:18 - 01196032 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\sqlite3.DLL
2015-06-27 20:47 - 2015-06-27 11:55 - 03984040 _____ () C:\Program Files (x86)\gmsd_de_005010015\gmsd_de_005010015.exe
2014-12-19 16:57 - 2014-12-19 16:57 - 05979808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-06-27 17:25 - 2015-06-27 17:25 - 01574400 _____ () c:\Program Files (x86)\SystemProtract\SystemProtract.dll
2013-07-01 08:20 - 2015-04-16 19:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 18:41 - 2015-04-23 04:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-05-22 18:34 - 2015-06-04 20:56 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-20 18:41 - 2015-04-23 04:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 18:41 - 2015-04-23 04:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-08-29 19:16 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 19:16 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 19:16 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 19:16 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 19:16 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-07-09 17:56 - 2015-06-04 20:56 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-07 22:27 - 2015-01-07 22:27 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2013-07-09 13:45 - 2015-05-11 21:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-06-27 20:53 - 2015-06-27 20:52 - 01215464 _____ () C:\Users\Leon\AppData\Local\Installer\Installshopperpro_14157\DCytdkietut_tutdk_setup.exe
2015-06-27 20:53 - 2015-06-27 20:52 - 01215464 _____ () C:\Users\Leon\AppData\Local\Installer\Installgeforce_14157\DCytdkietut_tutdk_setup.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\Users\Leon\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Leon\SkyDrive.old:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2382863035-827234180-2916811482-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Leon\Pictures\Von Leon Phone\Eigene Aufnahmen\star_wars_fiction_planet-wallpaper-1920x1080.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{356EF6F9-6608-420D-A211-568AA96063C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{B58B5C66-E57E-4908-A141-42FF45B64E2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{BB65198B-805A-4096-BF3D-EE38572C6859}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{95017594-A92F-49FB-9509-7861CCD4D9B2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{4F4D61EA-125A-464A-BB85-3B48D969794C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{9B684E05-06A9-494A-8A44-280BD664DF30}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{C554B0CC-2501-4975-8907-BD7A59397AEF}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Windows Migration Assistant\MigrationAssistant.exe
FirewallRules: [{789A75E4-D6A3-488C-A219-41CE9D9841BB}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Windows Migration Assistant\MigrationAssistant.exe
FirewallRules: [UDP Query User{0B900D45-43DF-409C-BBF6-62CE8D17BA7F}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{D154F55D-606F-48FF-8F32-6A834EAAEFF3}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{9491403C-B54E-41ED-9620-1CB022B98C06}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{654908AA-035F-49CB-8C76-E76EBA1AE52E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{3D7719F2-0BBC-40B1-BFC7-49E8280B604B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{0CF041A8-6160-453F-B015-2F4ACC641AB2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{1E7F5FFA-2155-4932-8B18-55F0CED88339}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{ADDCB91B-94ED-4134-85B2-1BB30F11B4BA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{CD1B061B-DC28-4EAB-B56D-7AF202A20A2C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{D2F252F7-AEF9-4A84-B86D-9B5D12055586}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{5CCFFA36-83A8-4D08-9C34-007E96EDD096}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{CE571066-974C-487C-970A-8C0C869EA8DB}] => (Allow) C:\Users\Leon\AppData\Local\Temp\7zS7066\setup\hpznui40.exe
FirewallRules: [{FA83AC9F-8188-4005-AB2C-51834BB99336}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{43D427C2-5121-49A1-BC36-FA66B8AD66F6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0A29EDE9-7F9C-4DC6-8B57-B58D31D1832D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4CFF07FA-C2DA-47F1-B17F-1B7602508324}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D9AD0DD2-2422-4768-ACD0-46DFEB004A87}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{2C5A48F5-82C5-4826-AF19-971870DE2990}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{2ACAEFB2-1119-4A74-8263-52C00AF70C71}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{826E0F0E-62B0-4E02-8620-8A8F3D65EF2B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{52D3CD5E-B195-4393-BEF2-8C9979C9D7E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{35F34E12-4D9C-44C6-B09D-D2413445097B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{C468925C-1C01-4995-9D88-38F9E82A6DE4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{EEC2226D-1367-467B-99BE-CB6EF2EEF599}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{4656F860-56FE-4716-B744-6C5873C46867}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{54607361-6B99-4EAA-8622-7909600D028A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{A849DFCB-4234-48C5-97F0-4135A71CC01A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D8C8E179-068D-4715-94CF-4867C1EB057F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{1D722400-A7B8-479D-A2CF-1E57B02D0435}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{0364D27C-D551-4DD2-A2E8-B1246D8A3854}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D83AF453-E117-4E88-A834-9A0D44411348}] => (Block) %ProgramFiles%\Adobe\Adobe Premiere Pro CC\Adobe Premiere Pro.exe
FirewallRules: [TCP Query User{3F46B805-CE45-404D-85F1-BCE22C704198}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [UDP Query User{40D039D6-057D-4801-9A66-9812B7F7F32D}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [{7B1C3D3B-2966-43E6-BB00-4576B2182095}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C5B7CD81-58BF-49D6-BBE1-2B4068DE6BBB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DD964D3E-0909-4A46-8493-85C5605C9C9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{6B86A981-F149-4C7D-AF89-D7EA8E3D2362}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{CEA183ED-4935-41A2-B5A0-FB0993158400}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{10030CAB-E70D-45C8-943E-1E24B49CCECB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{1B1D99BF-7DE2-4ADD-87A0-41A16BA29321}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{865372F5-B5D0-42BC-9765-8A14F73ACF1F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{AB9990EF-CD7A-47C4-BB9F-177EAA211D0F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{12607D76-AB00-4BF9-879C-317628AF11D9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{26C8D775-609E-4A8D-8DDF-C9300B2E8269}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{2B592EC3-471F-4DA2-BE2D-AA5444483CDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{41086246-1DFD-452D-BA89-063EB416C7FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CD29C4B2-154A-405C-9CD9-97CF49F04D6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BCE6F531-6552-4083-AC42-26D6D19DCD0D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{EC63A99F-8B77-4357-81DA-129C662EC55D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{FB74311C-976E-4DB5-90A7-E641429B33A7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{A889303E-1BEE-4FD2-9B92-7226EEB89EAF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [TCP Query User{09FB3544-9D43-49E7-9D25-7E97464B3277}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{23314F1C-F859-490A-B7BD-4BCFE770A9C2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{43C62960-AC73-40A8-89DF-1571D27E78AD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{79E39708-D1E2-45AE-9E7F-818FE1E62EF9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AB7ADEB0-9A17-497B-AB67-7BECD8ACA877}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{12AA050A-C819-447F-80A6-2050A14D9C4B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{B7BD5375-6176-4B3A-9302-E16579E14FC1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{04CEC8D5-FC26-4126-9A14-4565296BFC49}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CAA77D42-41E7-4818-85BF-C80C05B5E1B3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{115A1154-AD46-401A-B409-7B73D7ACF82F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{294D328A-1805-41B3-90B8-31D216C67DD2}C:\program files (x86)\bluej\jdk\jre\bin\java.exe] => (Allow) C:\program files (x86)\bluej\jdk\jre\bin\java.exe
FirewallRules: [UDP Query User{49F324D8-11A4-4C2C-B822-AD45BEAD9AC2}C:\program files (x86)\bluej\jdk\jre\bin\java.exe] => (Allow) C:\program files (x86)\bluej\jdk\jre\bin\java.exe
FirewallRules: [{D5FC304A-4ED9-44AA-96E8-686B4E335D83}] => (Block) C:\program files (x86)\bluej\jdk\jre\bin\java.exe
FirewallRules: [{2A71F0A9-D1BF-4DA6-9441-444137CE2069}] => (Block) C:\program files (x86)\bluej\jdk\jre\bin\java.exe
FirewallRules: [{DA3DA8C8-1211-4429-A5DF-A35783F9D6F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{F128B0D3-CC38-4DED-B0CA-F25301B66A40}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{040B521B-E004-43A9-AAE6-1047A71158B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{410843EB-B7DE-425E-AADD-2D7D2EB90FAC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{94C9606C-426F-40A7-80B2-84E4315A9684}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{B1CE8C80-5D40-4549-964D-F9241E3E5C35}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{AACB3D4E-0965-46B2-A98E-9F6C9EC23A28}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5E600DF6-2B30-4F0C-893A-7FE9B1B0FF1D}] => (Allow) C:\Program Files (x86)\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{63418954-619D-4648-A00B-85BE70E7AD4B}] => (Allow) C:\Program Files (x86)\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{FC71F779-33A7-4ACA-AE64-E7AA48180C67}] => (Allow) C:\Program Files (x86)\PhoenixRC\phoenixRC.exe
FirewallRules: [{8D294C7E-43F4-4598-BE1F-3A8521C1C1E1}] => (Allow) C:\Program Files (x86)\PhoenixRC\phoenixRC.exe
FirewallRules: [TCP Query User{C554F61C-5F2D-4296-BBBC-1466DC2829D8}C:\program files (x86)\phoenixrc\simulator.exe] => (Allow) C:\program files (x86)\phoenixrc\simulator.exe
FirewallRules: [UDP Query User{F44A46DE-4FE1-4639-A192-8698C764DE70}C:\program files (x86)\phoenixrc\simulator.exe] => (Allow) C:\program files (x86)\phoenixrc\simulator.exe
FirewallRules: [{EA168274-8B7D-4C0D-A6B9-7A0498C4E21A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{52E3EAD9-60B0-4054-B4D9-A52EF23BF039}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/30/2015 08:54:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm crossbrowse.exe, Version 39.6.2171.95 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3bc

Startzeit: 01d0b36047908544

Endzeit: 10

Anwendungspfad: C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe

Berichts-ID: 69146400-1f59-11e5-bed9-8c89a57ccf91

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/30/2015 08:50:31 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (06/30/2015 08:37:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm myoffergroup_de.tmp, Version 51.52.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1a74

Startzeit: 01d0b360b381a35e

Endzeit: 4294967295

Anwendungspfad: C:\Users\Leon\AppData\Local\Temp\is-7CM3Q.tmp\myoffergroup_de.tmp

Berichts-ID: 06f2ca34-1f57-11e5-bed9-8c89a57ccf91

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/30/2015 08:37:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm gentlemjmp_ieu.tmp, Version 51.52.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 197c

Startzeit: 01d0b360c83f261f

Endzeit: 4294967295

Anwendungspfad: C:\Users\Leon\AppData\Local\Temp\is-1NEON.tmp\gentlemjmp_ieu.tmp

Berichts-ID: 03a96d38-1f57-11e5-bed9-8c89a57ccf91

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/30/2015 08:27:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20905 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1bcc

Startzeit: 01d0b3603f4b1eb9

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20905_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: a5bb430d-1f55-11e5-bed9-8c89a57ccf91

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20905_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/27/2015 10:03:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17840, Zeitstempel: 0x555fe1bb
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x10571000
ID des fehlerhaften Prozesses: 0x8f8
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (06/27/2015 09:38:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005473b
ID des fehlerhaften Prozesses: 0x2cc
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (06/27/2015 08:59:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 43.0.2357.124, Zeitstempel: 0x5571c187
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f42c2
Ausnahmecode: 0xc0000142
Fehleroffset: 0x0009d4f2
ID des fehlerhaften Prozesses: 0xfc8
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5

Error: (06/27/2015 08:58:01 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (4292) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde.

Error: (06/27/2015 08:57:40 PM) (Source: WDSmartWareBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args)


System errors:
=============
Error: (06/27/2015 11:05:30 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (06/27/2015 11:05:29 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (06/27/2015 08:59:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/27/2015 08:55:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Diagnostics Tracking Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (06/27/2015 08:55:28 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "DiagTrack" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (06/27/2015 08:54:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Diagnostics Tracking Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/24/2015 08:02:30 PM) (Source: DCOM) (EventID: 10010) (User: LEON-PC)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (06/15/2015 08:17:26 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎15.‎06.‎2015 um 19:52:20 unerwartet heruntergefahren.

Error: (06/15/2015 07:50:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Diagnostics Tracking Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (06/15/2015 07:50:57 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "DiagTrack" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).


Microsoft Office:
=========================
Error: (06/30/2015 08:54:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: crossbrowse.exe39.6.2171.953bc01d0b3604790854410C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe69146400-1f59-11e5-bed9-8c89a57ccf91

Error: (06/30/2015 08:50:31 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: -2147024883

Error: (06/30/2015 08:37:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: myoffergroup_de.tmp51.52.0.01a7401d0b360b381a35e4294967295C:\Users\Leon\AppData\Local\Temp\is-7CM3Q.tmp\myoffergroup_de.tmp06f2ca34-1f57-11e5-bed9-8c89a57ccf91

Error: (06/30/2015 08:37:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: gentlemjmp_ieu.tmp51.52.0.0197c01d0b360c83f261f4294967295C:\Users\Leon\AppData\Local\Temp\is-1NEON.tmp\gentlemjmp_ieu.tmp03a96d38-1f57-11e5-bed9-8c89a57ccf91

Error: (06/30/2015 08:27:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.209051bcc01d0b3603f4b1eb94294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20905_x64__8wekyb3d8bbwe\LiveComm.exea5bb430d-1f55-11e5-bed9-8c89a57ccf91microsoft.windowscommunicationsapps_17.5.9600.20905_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (06/27/2015 10:03:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17840555fe1bbunknown0.0.0.000000000c0000005105710008f801d0b112decc87e6C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEunknown9db2fd51-1d07-11e5-bed9-8c89a57ccf91

Error: (06/27/2015 09:38:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.3.9600.17736550f4336c0000005000000000005473b2cc01d0b10b73f24690C:\Program Files\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\ntdll.dll09fb5b5d-1d04-11e5-bed9-8c89a57ccf91

Error: (06/27/2015 08:59:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe43.0.2357.1245571c187ntdll.dll6.3.9600.17736550f42c2c00001420009d4f2fc801d0b10b62d4837eC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\WINDOWS\SYSTEM32\ntdll.dlla1ebc215-1cfe-11e5-bed9-8c89a57ccf91

Error: (06/27/2015 08:58:01 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail4292WindowsMail0:

Error: (06/27/2015 08:57:40 PM) (Source: WDSmartWareBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args)


CodeIntegrity Errors:
===================================
  Date: 2015-06-27 20:55:23.255
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-05-13 20:24:37.808
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-13 20:24:37.589
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-08 17:08:20.445
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-02 16:45:45.286
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-26 19:55:02.509
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-02 12:33:18.521
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-30 21:17:08.175
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-30 20:23:12.813
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-18 20:44:25.696
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Percentage of memory in use: 52%
Total physical RAM: 4077.64 MB
Available physical RAM: 1934.11 MB
Total Pagefile: 5805.26 MB
Available Pagefile: 3197.05 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:1811.92 GB) (Free:1350.97 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:25.83 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1811.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End of log ============================

--- --- ---

Leo98 · 30.06.2015, 20:05

[CODE]Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by Leon at 2015-06-30 20:59:21
Running from C:\Users\Leon\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2382863035-827234180-2916811482-500 - Administrator - Disabled)
Gast (S-1-5-21-2382863035-827234180-2916811482-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2382863035-827234180-2916811482-1006 - Limited - Enabled)
Leon (S-1-5-21-2382863035-827234180-2916811482-1001 - Administrator - Enabled) => C:\Users\Leon

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.2.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.0.465 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.2.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.2 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.2.0 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.4 - BlueJ Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BrowserV27.06 (HKLM-x32\...\BrowserV27.06) (Version: 1.36.01.22 - BrowserV27.06) <==== ATTENTION
BubbleSound (HKLM\...\BubbleSound) (Version: 1.0 - BubbleSound) <==== ATTENTION!
Crossbrowse (HKLM-x32\...\Crossbrowse) (Version: 39.6.2171.95 - The Crossbrowse Authors) <==== ATTENTION!
Farming Simulator 2013 (HKLM-x32\...\Steam App 220260) (Version:  - Giants Software)
Free MP4 Video Converter version 5.0.45.716 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.45.716 - DVDVideoSoft Ltd.)
FreeCAD 0.15 - A free open source CAD system (HKLM-x32\...\FreeCAD 0.15) (Version: 0.15.4671 - Juergen Riegel)
FullContact for Gmail (HKLM-x32\...\{9777123F-5BF8-6C86-217E-7EB783C2E885}) (Version:  - )
GamesDesktop 014.005010015 (HKLM-x32\...\gmsd_de_005010015_is1) (Version:  - GAMESDESKTOP) <==== ATTENTION
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 6000 E609 Series (HKLM\...\{B16A196A-B3C9-4C19-A968-59365071A39F}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Landwirtschafts Simulator 2013 Hagensted Modified 2013 MoreRealistic (HKLM-x32\...\{F09E06EB-D878-4E4E-9190-84E3C4C1DC27}_is1) (Version: Landwirtschafts Simulator 2013 Hagensted Modified 4.1.5 MoreRealistic - Black Panther Group)
LinkFunc (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{1c94d82}) (Version:  - Software Publisher) <==== ATTENTION
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710F4C1C-CC18-4C49-8CBF-51240C89A1A2}) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version:  - )
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 352.86 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
phase-6 2.3.4 (HKLM-x32\...\phase-6) (Version: 2.3.4 - phase-6)
Phoenix R/C® (HKLM-x32\...\PhoenixRC) (Version: 5.0.w - Runtime Games Ltd)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
Product Deals (HKLM\...\Product Deals) (Version: 2015.06.27.152917 - Product Deals) <==== ATTENTION
Python 3.3.0 (HKLM-x32\...\{526b1417-92c1-3737-8247-4abc49ccc8e4}) (Version: 3.3.150 - Python Software Foundation)
Python 3.4.0 (HKLM-x32\...\{a37f2d73-72d1-364d-ba5d-cea430bcc040}) (Version: 3.4.150 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version:  - )
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
SmartWeb (HKLM-x32\...\SmartWeb) (Version: 8.0.9 - SoftBrain Technologies Ltd.) <==== ATTENTION
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
SystemProtract (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{531ae1a4}) (Version:  - Software Publisher) <==== ATTENTION
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WD SmartWare (HKLM\...\{604CB4FC-3D32-405F-A109-165F170529B6}) (Version: 1.2.0.8 - Western Digital)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WordShark 1.10.0.19 (HKLM-x32\...\WordShark_1.10.0.19) (Version: 1.10.0.19 - WordShark)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2382863035-827234180-2916811482-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Leon\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File

==================== Restore Points =========================

12-06-2015 20:26:20 Windows Update
21-06-2015 18:33:42 Geplanter Prüfpunkt

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-01-26 20:28 - 00000035 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01C299DB-AFC2-46DF-BB3F-A2B525A64596} - System32\Tasks\ACQUPTNI => C:\Users\Leon\AppData\Roaming\ACQUPTNI.exe <==== ATTENTION
Task: {0216AE07-699A-4BB7-AB29-F85108FBB9D9} - System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-1-7 => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-1-7.exe [2015-06-27] (BrowserV27.06) <==== ATTENTION
Task: {08FD8D94-C398-49C1-AA51-733B384E259A} - System32\Tasks\{823F7D7D-FBED-45B8-A935-5DDD590C629B} => pcalua.exe -a F:\setup.exe -d F:\
Task: {0D8E31FB-D4D4-4446-BC6F-1BA95589E585} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated)
Task: {11E75BD7-6885-45A1-B8B2-3693436AAE53} - System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-5 => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-5.exe [2015-06-27] (BrowserV27.06) <==== ATTENTION
Task: {13463012-30B6-4247-BC02-37FE5C00DF48} - System32\Tasks\{CF902354-A649-4A7E-8190-4A65E8788D8E} => Chrome.exe hxxp://ui.skype.com/ui/0/6.18.0.105/de/go/help.faq.installer?LastError=1638
Task: {1C59BF04-615A-4B1A-87EC-51C410034FEC} - System32\Tasks\WordShark Auto Updater 1.10.0.19 Core => C:\Program Files (x86)\WordShark_1.10.0.19\Update\WordSharkAutoUpdateClient.exe [2015-06-16] (WS)
Task: {1F08BE77-D0D4-4E7C-B6B0-F740D1BCEC67} - System32\Tasks\Inst_Rep => C:\Users\Leon\AppData\Local\Installer\Install_2191\DCytdkietut_tutdk_setup.exe [2015-06-27] ()
Task: {26384295-2CE1-48AC-9D71-5D7126C8BB09} - System32\Tasks\EdxgtdGXxzVyef6a => C:\Users\Leon\AppData\Roaming\EdxgtdGXxzVyef6a.exe [2015-04-20] () <==== ATTENTION
Task: {33611046-8A30-4F36-A146-D93BDF4E2628} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3794E0FB-19ED-4750-AF95-E23EB8030445} - System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-6 => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-6.exe [2015-06-27] (BrowserV27.06) <==== ATTENTION
Task: {3991A6EA-FEFD-402B-A879-67079AA75AC9} - System32\Tasks\WeddingWiz => c:\programdata\{75b40529-ff81-e21a-75b4-40529ff814a7}\8778777218675216938b.exe [2014-06-17] () <==== ATTENTION
Task: {3C2BBD85-47BD-4854-9F5E-05FDFB4FBC3B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-12] (Microsoft Corporation)
Task: {3DC1AF42-D326-4596-818F-2BD9F98B393A} - System32\Tasks\Run_Browser => C:\Users\Leon\AppData\Local\UnicoBrowser\Application\unicobrowser.exe <==== ATTENTION
Task: {40B89F98-CC97-4BE1-A22E-FAA00CF8DA0A} - System32\Tasks\{09F2AA2A-27B0-4CBC-A144-E8CF57EAF434} => pcalua.exe -a C:\Users\Leon\AppData\Roaming\omiga-plus\UninstallManager.exe -c  -ptid=pcs <==== ATTENTION
Task: {44EC837A-94C1-4F1B-BBC7-F8B74315F267} - System32\Tasks\Periodic Synchronize Task => c:\programdata\{e7f32564-9f9f-a002-e7f3-325649f99592}\hqghumeaylnlf.exe [2014-05-27] (PC Utilities Software Limited) <==== ATTENTION
Task: {5F8F0868-CFDD-4EA9-8F50-08946A440D18} - System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-7 => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-7.exe [2015-06-27] (BrowserV27.06) <==== ATTENTION
Task: {6C9F9837-99E9-4BB1-9256-0DF14358EA34} - System32\Tasks\{41A37D8F-AC88-4B51-83E1-6EE3A1645E1F} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.0.105/de/go/help.faq.installer?LastError=1638
Task: {7DE12135-AD60-43BB-BAAA-E49610CFA484} - System32\Tasks\WordShark Auto Updater 1.10.0.19 Pending Update => C:\Program Files (x86)\WordShark_1.10.0.19\Update\WordSharkAutoUpdateClient.exe [2015-06-16] (WS)
Task: {8C46E5C6-7477-4E21-8FFC-A7A086B6B0A9} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-06-27] (globalUpdate) <==== ATTENTION
Task: {96C083C5-5F3F-4939-9E76-465A63A4A5D6} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\Leon\AppData\Local\SmartWeb\SmartWebHelper.exe [2015-02-17] (SoftBrain Technologies Ltd.) <==== ATTENTION
Task: {983C2AD4-693E-4541-B5F0-6613FD1F3B8B} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)
Task: {A0B6EBC2-ECC8-48BB-92FC-B24D4818D025} - System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-3 => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-3.exe [2015-06-27] (BrowserV27.06) <==== ATTENTION
Task: {AE1D0E88-0FF1-4A7E-9DF1-330D5961E4BA} - System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-1-6 => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-1-6.exe [2015-06-27] (BrowserV27.06) <==== ATTENTION
Task: {AF7467F0-A70A-4ABC-BAA4-5EFB878012EA} - System32\Tasks\Bidaily Synchronize Task[d492] => c:\programdata\{916c61b0-822e-8f89-916c-c61b082286c2}\pricelessinstaller.exe [2014-05-27] () <==== ATTENTION
Task: {B5EEBCAF-F049-4ED6-897D-3305D45D7362} - System32\Tasks\Installer_geforce => C:\Users\Leon\AppData\Local\Installer\Installgeforce_14157\DCytdkietut_tutdk_setup.exe [2015-06-27] ()
Task: {C4A7EE1A-3F8D-4B54-ADC1-66F8F1D69679} - System32\Tasks\Installer_shopperpro => C:\Users\Leon\AppData\Local\Installer\Installshopperpro_14157\DCytdkietut_tutdk_setup.exe [2015-06-27] () <==== ATTENTION
Task: {C65826B8-E311-49F8-BE15-12ACA0203B9A} - System32\Tasks\{2F9E877F-B4D9-4267-B25B-0CA46AD9EE8D} => pcalua.exe -a "C:\Program Files (x86)\Wajam\uninstall.exe"
Task: {C87E6801-8E41-4D2B-B0F0-B24915E2E7C4} - System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-5_user => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-5.exe [2015-06-27] (BrowserV27.06) <==== ATTENTION
Task: {CF8CA595-F4C4-488A-B1BF-21D3678AA0FC} - System32\Tasks\{385F51D0-3B19-4913-88F1-85B409FAD9D8} => Chrome.exe hxxp://ui.skype.com/ui/0/6.18.0.106/de/go/help.faq.installer?source=lightinstaller&amp;LastError=1638
Task: {D8C904F1-61F9-4CFC-95A5-4B532C443C1F} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe [2015-06-27] () <==== ATTENTION
Task: {F592366E-7B59-4CAC-9D18-9F35DF4847ED} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-zihangl@hotmail.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {F81D49E4-90E8-4AD9-AF4B-178E695A667B} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-06-27] (globalUpdate) <==== ATTENTION
Task: {FB9E6523-1996-4EF3-BBEE-D53F54B393A6} - System32\Tasks\{F659F721-3DBD-4186-AFA6-06C5F2084EEB} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.0.105/de/go/help.faq.installer?LastError=1638
Task: {FBB214C2-16EF-4B61-A9D5-ED94A382D2C6} - System32\Tasks\{0B169B13-5F71-4518-A9DE-5A3487767D32} => pcalua.exe -a C:\PROGRA~3\TARMAI~1\{889DF~1\Setup.exe -c /remove /q0
Task: {FDBDF7B0-2609-48F0-A698-C8DD913EB657} - System32\Tasks\{D07C67D3-9738-44A2-9444-502EA9E813F3} => pcalua.exe -a C:\Users\Leon\AppData\Roaming\istartsurf\UninstallManager.exe -c  -ptid=face
Task: {FE47FA48-FF13-4ED3-8D03-2B1F9A83CC13} - System32\Tasks\MaxComputerCleaner_Start => C:\Program Files (x86)\Max Computer Cleaner\MaxComputerCleaner.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-1-6.job => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-1-6.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-1-7.job => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-1-7.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-3.job => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-3.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-5.job => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-5_user.job => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-6.job => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-6.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-7.job => C:\Program Files (x86)\BrowserV27.06\0b45da08-f709-413a-ba92-171a721c41b4-7.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\ACQUPTNI.job => C:\Users\Leon\AppData\Roaming\ACQUPTNI.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Bidaily Synchronize Task[d492].job => c:\programdata\{916c61b0-822e-8f89-916c-c61b082286c2}\pricelessinstaller.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\EdxgtdGXxzVyef6a.job => C:\Users\Leon\AppData\Roaming\EdxgtdGXxzVyef6a.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Periodic Synchronize Task.job => c:\programdata\{e7f32564-9f9f-a002-e7f3-325649f99592}\hqghumeaylnlf.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\WeddingWiz.job => c:\programdata\{75b40529-ff81-e21a-75b4-40529ff814a7}\8778777218675216938b.exe <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2015-01-08 20:12 - 2015-01-08 20:12 - 02264576 _____ () C:\Program Files\BubbleSound\BubbleSound.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-25 15:36 - 2015-03-25 15:36 - 00151552 _____ () C:\Users\Leon\AppData\Roaming\00000000-1427290565-0000-0000-8C89A57CCF91\jnspAA3E.tmp
2015-06-27 17:30 - 2015-06-27 17:30 - 00473336 _____ () C:\Program Files (x86)\Product Deals\bin\utilProductDeals.exe
2015-06-27 22:41 - 2015-06-27 22:41 - 00153600 _____ () C:\Users\Leon\AppData\Roaming\00000000-1427290565-0000-0000-8C89A57CCF91\knsoB9AD.tmp
2013-11-26 20:08 - 2015-05-12 05:30 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-12-19 16:57 - 2014-12-19 16:57 - 01039008 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-06-27 20:47 - 2015-06-27 11:55 - 03298472 _____ () C:\Users\Leon\AppData\Local\gmsd_de_005010015\upgmsd_de_005010015.exe
2009-08-19 16:49 - 2009-08-19 16:49 - 00049152 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll
2009-02-25 15:18 - 2009-02-25 15:18 - 01196032 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\sqlite3.DLL
2015-06-27 20:47 - 2015-06-27 11:55 - 03984040 _____ () C:\Program Files (x86)\gmsd_de_005010015\gmsd_de_005010015.exe
2014-12-19 16:57 - 2014-12-19 16:57 - 05979808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-06-27 17:25 - 2015-06-27 17:25 - 01574400 _____ () c:\Program Files (x86)\SystemProtract\SystemProtract.dll
2013-07-01 08:20 - 2015-04-16 19:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 18:41 - 2015-04-23 04:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-05-22 18:34 - 2015-06-04 20:56 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-20 18:41 - 2015-04-23 04:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 18:41 - 2015-04-23 04:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-08-29 19:16 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 19:16 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 19:16 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 19:16 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 19:16 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-07-09 17:56 - 2015-06-04 20:56 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-07 22:27 - 2015-01-07 22:27 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2013-07-09 13:45 - 2015-05-11 21:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-06-27 20:53 - 2015-06-27 20:52 - 01215464 _____ () C:\Users\Leon\AppData\Local\Installer\Installshopperpro_14157\DCytdkietut_tutdk_setup.exe
2015-06-27 20:53 - 2015-06-27 20:52 - 01215464 _____ () C:\Users\Leon\AppData\Local\Installer\Installgeforce_14157\DCytdkietut_tutdk_setup.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\Users\Leon\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Leon\SkyDrive.old:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2382863035-827234180-2916811482-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Leon\Pictures\Von Leon Phone\Eigene Aufnahmen\star_wars_fiction_planet-wallpaper-1920x1080.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{356EF6F9-6608-420D-A211-568AA96063C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{B58B5C66-E57E-4908-A141-42FF45B64E2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{BB65198B-805A-4096-BF3D-EE38572C6859}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{95017594-A92F-49FB-9509-7861CCD4D9B2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{4F4D61EA-125A-464A-BB85-3B48D969794C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{9B684E05-06A9-494A-8A44-280BD664DF30}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{C554B0CC-2501-4975-8907-BD7A59397AEF}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Windows Migration Assistant\MigrationAssistant.exe
FirewallRules: [{789A75E4-D6A3-488C-A219-41CE9D9841BB}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Windows Migration Assistant\MigrationAssistant.exe
FirewallRules: [UDP Query User{0B900D45-43DF-409C-BBF6-62CE8D17BA7F}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{D154F55D-606F-48FF-8F32-6A834EAAEFF3}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{9491403C-B54E-41ED-9620-1CB022B98C06}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{654908AA-035F-49CB-8C76-E76EBA1AE52E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{3D7719F2-0BBC-40B1-BFC7-49E8280B604B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{0CF041A8-6160-453F-B015-2F4ACC641AB2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{1E7F5FFA-2155-4932-8B18-55F0CED88339}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{ADDCB91B-94ED-4134-85B2-1BB30F11B4BA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{CD1B061B-DC28-4EAB-B56D-7AF202A20A2C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{D2F252F7-AEF9-4A84-B86D-9B5D12055586}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{5CCFFA36-83A8-4D08-9C34-007E96EDD096}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{CE571066-974C-487C-970A-8C0C869EA8DB}] => (Allow) C:\Users\Leon\AppData\Local\Temp\7zS7066\setup\hpznui40.exe
FirewallRules: [{FA83AC9F-8188-4005-AB2C-51834BB99336}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{43D427C2-5121-49A1-BC36-FA66B8AD66F6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0A29EDE9-7F9C-4DC6-8B57-B58D31D1832D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4CFF07FA-C2DA-47F1-B17F-1B7602508324}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D9AD0DD2-2422-4768-ACD0-46DFEB004A87}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{2C5A48F5-82C5-4826-AF19-971870DE2990}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{2ACAEFB2-1119-4A74-8263-52C00AF70C71}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{826E0F0E-62B0-4E02-8620-8A8F3D65EF2B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{52D3CD5E-B195-4393-BEF2-8C9979C9D7E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{35F34E12-4D9C-44C6-B09D-D2413445097B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{C468925C-1C01-4995-9D88-38F9E82A6DE4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{EEC2226D-1367-467B-99BE-CB6EF2EEF599}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{4656F860-56FE-4716-B744-6C5873C46867}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{54607361-6B99-4EAA-8622-7909600D028A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{A849DFCB-4234-48C5-97F0-4135A71CC01A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D8C8E179-068D-4715-94CF-4867C1EB057F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{1D722400-A7B8-479D-A2CF-1E57B02D0435}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{0364D27C-D551-4DD2-A2E8-B1246D8A3854}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D83AF453-E117-4E88-A834-9A0D44411348}] => (Block) %ProgramFiles%\Adobe\Adobe Premiere Pro CC\Adobe Premiere Pro.exe
FirewallRules: [TCP Query User{3F46B805-CE45-404D-85F1-BCE22C704198}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [UDP Query User{40D039D6-057D-4801-9A66-9812B7F7F32D}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [{7B1C3D3B-2966-43E6-BB00-4576B2182095}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C5B7CD81-58BF-49D6-BBE1-2B4068DE6BBB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DD964D3E-0909-4A46-8493-85C5605C9C9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{6B86A981-F149-4C7D-AF89-D7EA8E3D2362}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{CEA183ED-4935-41A2-B5A0-FB0993158400}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{10030CAB-E70D-45C8-943E-1E24B49CCECB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{1B1D99BF-7DE2-4ADD-87A0-41A16BA29321}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{865372F5-B5D0-42BC-9765-8A14F73ACF1F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{AB9990EF-CD7A-47C4-BB9F-177EAA211D0F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{12607D76-AB00-4BF9-879C-317628AF11D9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{26C8D775-609E-4A8D-8DDF-C9300B2E8269}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{2B592EC3-471F-4DA2-BE2D-AA5444483CDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{41086246-1DFD-452D-BA89-063EB416C7FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CD29C4B2-154A-405C-9CD9-97CF49F04D6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BCE6F531-6552-4083-AC42-26D6D19DCD0D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{EC63A99F-8B77-4357-81DA-129C662EC55D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{FB74311C-976E-4DB5-90A7-E641429B33A7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{A889303E-1BEE-4FD2-9B92-7226EEB89EAF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [TCP Query User{09FB3544-9D43-49E7-9D25-7E97464B3277}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{23314F1C-F859-490A-B7BD-4BCFE770A9C2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{43C62960-AC73-40A8-89DF-1571D27E78AD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{79E39708-D1E2-45AE-9E7F-818FE1E62EF9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AB7ADEB0-9A17-497B-AB67-7BECD8ACA877}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{12AA050A-C819-447F-80A6-2050A14D9C4B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{B7BD5375-6176-4B3A-9302-E16579E14FC1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{04CEC8D5-FC26-4126-9A14-4565296BFC49}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CAA77D42-41E7-4818-85BF-C80C05B5E1B3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{115A1154-AD46-401A-B409-7B73D7ACF82F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{294D328A-1805-41B3-90B8-31D216C67DD2}C:\program files (x86)\bluej\jdk\jre\bin\java.exe] => (Allow) C:\program files (x86)\bluej\jdk\jre\bin\java.exe
FirewallRules: [UDP Query User{49F324D8-11A4-4C2C-B822-AD45BEAD9AC2}C:\program files (x86)\bluej\jdk\jre\bin\java.exe] => (Allow) C:\program files (x86)\bluej\jdk\jre\bin\java.exe
FirewallRules: [{D5FC304A-4ED9-44AA-96E8-686B4E335D83}] => (Block) C:\program files (x86)\bluej\jdk\jre\bin\java.exe
FirewallRules: [{2A71F0A9-D1BF-4DA6-9441-444137CE2069}] => (Block) C:\program files (x86)\bluej\jdk\jre\bin\java.exe
FirewallRules: [{DA3DA8C8-1211-4429-A5DF-A35783F9D6F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{F128B0D3-CC38-4DED-B0CA-F25301B66A40}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{040B521B-E004-43A9-AAE6-1047A71158B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{410843EB-B7DE-425E-AADD-2D7D2EB90FAC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{94C9606C-426F-40A7-80B2-84E4315A9684}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{B1CE8C80-5D40-4549-964D-F9241E3E5C35}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{AACB3D4E-0965-46B2-A98E-9F6C9EC23A28}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5E600DF6-2B30-4F0C-893A-7FE9B1B0FF1D}] => (Allow) C:\Program Files (x86)\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{63418954-619D-4648-A00B-85BE70E7AD4B}] => (Allow) C:\Program Files (x86)\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{FC71F779-33A7-4ACA-AE64-E7AA48180C67}] => (Allow) C:\Program Files (x86)\PhoenixRC\phoenixRC.exe
FirewallRules: [{8D294C7E-43F4-4598-BE1F-3A8521C1C1E1}] => (Allow) C:\Program Files (x86)\PhoenixRC\phoenixRC.exe
FirewallRules: [TCP Query User{C554F61C-5F2D-4296-BBBC-1466DC2829D8}C:\program files (x86)\phoenixrc\simulator.exe] => (Allow) C:\program files (x86)\phoenixrc\simulator.exe
FirewallRules: [UDP Query User{F44A46DE-4FE1-4639-A192-8698C764DE70}C:\program files (x86)\phoenixrc\simulator.exe] => (Allow) C:\program files (x86)\phoenixrc\simulator.exe
FirewallRules: [{EA168274-8B7D-4C0D-A6B9-7A0498C4E21A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{52E3EAD9-60B0-4054-B4D9-A52EF23BF039}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/30/2015 08:54:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm crossbrowse.exe, Version 39.6.2171.95 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3bc

Startzeit: 01d0b36047908544

Endzeit: 10

Anwendungspfad: C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe

Berichts-ID: 69146400-1f59-11e5-bed9-8c89a57ccf91

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/30/2015 08:50:31 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (06/30/2015 08:37:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm myoffergroup_de.tmp, Version 51.52.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1a74

Startzeit: 01d0b360b381a35e

Endzeit: 4294967295

Anwendungspfad: C:\Users\Leon\AppData\Local\Temp\is-7CM3Q.tmp\myoffergroup_de.tmp

Berichts-ID: 06f2ca34-1f57-11e5-bed9-8c89a57ccf91

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/30/2015 08:37:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm gentlemjmp_ieu.tmp, Version 51.52.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 197c

Startzeit: 01d0b360c83f261f

Endzeit: 4294967295

Anwendungspfad: C:\Users\Leon\AppData\Local\Temp\is-1NEON.tmp\gentlemjmp_ieu.tmp

Berichts-ID: 03a96d38-1f57-11e5-bed9-8c89a57ccf91

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/30/2015 08:27:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20905 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1bcc

Startzeit: 01d0b3603f4b1eb9

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20905_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: a5bb430d-1f55-11e5-bed9-8c89a57ccf91

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20905_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/27/2015 10:03:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17840, Zeitstempel: 0x555fe1bb
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x10571000
ID des fehlerhaften Prozesses: 0x8f8
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (06/27/2015 09:38:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005473b
ID des fehlerhaften Prozesses: 0x2cc
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (06/27/2015 08:59:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 43.0.2357.124, Zeitstempel: 0x5571c187
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f42c2
Ausnahmecode: 0xc0000142
Fehleroffset: 0x0009d4f2
ID des fehlerhaften Prozesses: 0xfc8
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5

Error: (06/27/2015 08:58:01 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (4292) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde.

Error: (06/27/2015 08:57:40 PM) (Source: WDSmartWareBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args)


System errors:
=============
Error: (06/27/2015 11:05:30 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (06/27/2015 11:05:29 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (06/27/2015 08:59:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/27/2015 08:55:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Diagnostics Tracking Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (06/27/2015 08:55:28 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "DiagTrack" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (06/27/2015 08:54:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Diagnostics Tracking Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/24/2015 08:02:30 PM) (Source: DCOM) (EventID: 10010) (User: LEON-PC)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (06/15/2015 08:17:26 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎15.‎06.‎2015 um 19:52:20 unerwartet heruntergefahren.

Error: (06/15/2015 07:50:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Diagnostics Tracking Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (06/15/2015 07:50:57 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "DiagTrack" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).


Microsoft Office:
=========================
Error: (06/30/2015 08:54:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: crossbrowse.exe39.6.2171.953bc01d0b3604790854410C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe69146400-1f59-11e5-bed9-8c89a57ccf91

Error: (06/30/2015 08:50:31 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: -2147024883

Error: (06/30/2015 08:37:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: myoffergroup_de.tmp51.52.0.01a7401d0b360b381a35e4294967295C:\Users\Leon\AppData\Local\Temp\is-7CM3Q.tmp\myoffergroup_de.tmp06f2ca34-1f57-11e5-bed9-8c89a57ccf91

Error: (06/30/2015 08:37:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: gentlemjmp_ieu.tmp51.52.0.0197c01d0b360c83f261f4294967295C:\Users\Leon\AppData\Local\Temp\is-1NEON.tmp\gentlemjmp_ieu.tmp03a96d38-1f57-11e5-bed9-8c89a57ccf91

Error: (06/30/2015 08:27:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.209051bcc01d0b3603f4b1eb94294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20905_x64__8wekyb3d8bbwe\LiveComm.exea5bb430d-1f55-11e5-bed9-8c89a57ccf91microsoft.windowscommunicationsapps_17.5.9600.20905_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (06/27/2015 10:03:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17840555fe1bbunknown0.0.0.000000000c0000005105710008f801d0b112decc87e6C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEunknown9db2fd51-1d07-11e5-bed9-8c89a57ccf91

Error: (06/27/2015 09:38:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.3.9600.17736550f4336c0000005000000000005473b2cc01d0b10b73f24690C:\Program Files\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\ntdll.dll09fb5b5d-1d04-11e5-bed9-8c89a57ccf91

Error: (06/27/2015 08:59:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe43.0.2357.1245571c187ntdll.dll6.3.9600.17736550f42c2c00001420009d4f2fc801d0b10b62d4837eC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\WINDOWS\SYSTEM32\ntdll.dlla1ebc215-1cfe-11e5-bed9-8c89a57ccf91

Error: (06/27/2015 08:58:01 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail4292WindowsMail0:

Error: (06/27/2015 08:57:40 PM) (Source: WDSmartWareBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args)


CodeIntegrity Errors:
===================================
  Date: 2015-06-27 20:55:23.255
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-05-13 20:24:37.808
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-13 20:24:37.589
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-08 17:08:20.445
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-02 16:45:45.286
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-26 19:55:02.509
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-02 12:33:18.521
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-30 21:17:08.175
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-30 20:23:12.813
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-18 20:44:25.696
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Percentage of memory in use: 52%
Total physical RAM: 4077.64 MB
Available physical RAM: 1934.11 MB
Total Pagefile: 5805.26 MB
Available Pagefile: 3197.05 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:1811.92 GB) (Free:1350.97 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:25.83 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1811.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End of log ============================

--- --- ---

Nein es sind keine weiteren logs Verfügbar

cosinus · 30.06.2015, 20:22

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:
BrowserV27.06

BubbleSound

Crossbrowse

GamesDesktop 014.005010015

globalupdate Helper

LinkFunc

Product Deals

SmartWeb

SystemProtract
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Leo98 · 30.06.2015, 20:42

CrossBrowse, globalupdate Helper und SystemProtract wurden nicht gefunden der Rest wurde ausgeführt!

cosinus · 01.07.2015, 07:29

Adware/Junkware/Toolbars entfernen

1. Schritt: Malwarebytes

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

(alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!)

2. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

3. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

4. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Leo98 · 01.07.2015, 20:51

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 01.07.2015
Suchlauf-Zeit: 19:48:40
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.03.09.05
Rootkit Datenbank: v2015.06.30.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Leon

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 386109
Verstrichene Zeit: 21 Min, 30 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 12
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ProtectService.exe, 1724, Löschen bei Neustart, [43368eb51b6f989eda7717f7eb17a858]
PUP.Optional.SmartWeb.A, C:\Users\Leon\AppData\Local\SmartWeb\SmartWebHelper.exe, 7556, Löschen bei Neustart, [4b2e93b0f99168cedd5f4cb00ff2e31d]
PUP.Optional.SmartWeb.A, C:\Users\Leon\AppData\Local\SmartWeb\SmartWebApp.exe, 2648, Löschen bei Neustart, [5623d96abbcfe452a6965f9d43bea45c]
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2057\jsdrv.exe, 7152, Löschen bei Neustart, [b2c7251e6c1e56e0cbb63793b94ae818]
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_de_005010018\gmsd_de_005010018.exe, 312, Löschen bei Neustart, [1168e0631872a690c9d3a21345be03fd]
PUP.Optional.WindowsMangerProtect.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 1296, Löschen bei Neustart, [f8810e3512787bbb9ff4496b9a699d63]
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe, 5452, Löschen bei Neustart, [1861d370becc7bbb660739497d86fc04]
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\d0b1e010-14a8-49b2-af39-970493ad715d-1-6.exe, 2484, Löschen bei Neustart, [3a3fe1628dfdfe38e12f9ce79073659b]
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\d0b1e010-14a8-49b2-af39-970493ad715d-10.exe, 3884, Löschen bei Neustart, [3a3fe1628dfdfe38e12f9ce79073659b]
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\d0b1e010-14a8-49b2-af39-970493ad715d-6.exe, 6212, Löschen bei Neustart, [3a3fe1628dfdfe38e12f9ce79073659b]
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbiu.exe, 7088, Löschen bei Neustart, [9cdd1b28addd112554829feb8c7728d8]
PUP.Optional.GamesDesktop.A, C:\Users\Leon\AppData\Local\gmsd_de_005010018\upgmsd_de_005010018.exe, 3032, Löschen bei Neustart, [f48566dd3357b87ef49047517c87c739]

Module: 7
PUP.Optional.SmartWeb.A, C:\Users\Leon\AppData\Local\SmartWeb\swhk.dll, Löschen bei Neustart, [6c0dca795b2f6acc3c00738950b1db25], 
PUP.Optional.SmartWeb.A, C:\Users\Leon\AppData\Local\SmartWeb\swhk.dll, Löschen bei Neustart, [6c0dca795b2f6acc3c00738950b1db25], 
PUP.Optional.Nova.A, C:\Program Files (x86)\Ge-Force\85c0ca8b-a41d-4672-8342-097042027b94.dll, Löschen bei Neustart, [55249ea5ee9c10261cf220ebc63c7987], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, Löschen bei Neustart, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, Löschen bei Neustart, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, Löschen bei Neustart, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbici32.dll, Löschen bei Neustart, [9cdd1b28addd112554829feb8c7728d8], 

Registrierungsschlüssel: 126
PUP.Optional.XTab.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IHProtect Service, In Quarantäne, [43368eb51b6f989eda7717f7eb17a858], 
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [c4b57bc8b1d9ab8b581f1b3a758eb749], 
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [c4b57bc8b1d9ab8b581f1b3a758eb749], 
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [c4b57bc8b1d9ab8b581f1b3a758eb749], 
PUP.Optional.Multiplug, HKU\S-1-5-21-2382863035-827234180-2916811482-1001_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, In Quarantäne, [582178cb4743ae88f2df59c1fd066898], 
PUP.Optional.Multiplug, HKU\S-1-5-21-2382863035-827234180-2916811482-1001_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, In Quarantäne, [582178cb4743ae88f2df59c1fd066898], 
PUP.Optional.Multiplug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{9777123F-5BF8-6C86-217E-7EB783C2E885}, In Quarantäne, [fc7d3013296174c293e5ec41b949a957], 
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, In Quarantäne, [14659fa45b2f0c2af03b87dc08f8d12f], 
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, In Quarantäne, [14659fa45b2f0c2af03b87dc08f8d12f], 
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, In Quarantäne, [14659fa45b2f0c2af03b87dc08f8d12f], 
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, In Quarantäne, [14659fa45b2f0c2af03b87dc08f8d12f], 
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, In Quarantäne, [14659fa45b2f0c2af03b87dc08f8d12f], 
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, In Quarantäne, [14659fa45b2f0c2af03b87dc08f8d12f], 
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}, In Quarantäne, [14659fa45b2f0c2af03b87dc08f8d12f], 
PUP.Optional.SmartWeb.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SmartWeb, In Quarantäne, [5d1ce65d8307cd692e0e6795b24fbb45], 
PUP.Optional.XTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ShopperPro, In Quarantäne, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.ShopperPro, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPDRIVER_1.42.1.2057, In Quarantäne, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21836, In Quarantäne, [ee8b70d3dfab76c0ff1e6e7b768d13ed], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, In Quarantäne, [c1b833103c4ece68fc21d61340c352ae], 
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\GAMESDESKTOP, In Quarantäne, [dd9c1a29c4c68babb375981dae558b75], 
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\Ge-Force, In Quarantäne, [79004300a4e68caa6367c3682adbac54], 
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\Ge-Force-nv, In Quarantäne, [2d4c9ba8e6a480b6a92d37008f76c53b], 
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\Ge-Force-nv-ie, In Quarantäne, [17629fa43258c07601d52611bc49ba46], 
PUP.Optional.IHProtect.A, HKLM\SOFTWARE\WOW6432NODE\IHProtect, In Quarantäne, [cbaef94af3971a1c4895852bf80bcd33], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, In Quarantäne, [6e0b7ec5b6d49f977bac20d6d033d32d], 
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\istartsurfSoftware, In Quarantäne, [6e0bbd861f6bef47dd72eddb43c0758b], 
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, In Quarantäne, [661340030d7d1a1ce7ee79b19a6b5ba5], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\WajIntEnhance, In Quarantäne, [c5b4d46f2763d66017af585432d1659b], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\21836, In Quarantäne, [c0b972d1cebc10260d1030b9986bba46], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\30935, In Quarantäne, [e6930241533788ae8f8e9752659e30d0], 
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\gmsd_de_005010018_is1, In Quarantäne, [d6a3d56ed2b8290daaef2590976c718f], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, In Quarantäne, [e19872d1484271c5ddad3b6ea0635ba5], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, In Quarantäne, [4831142fb9d13afcaadff2b73bc813ed], 
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, In Quarantäne, [caaf3b080e7cfc3a988f5663d23160a0], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, In Quarantäne, [b8c177ccd8b21620cdba1d8c00036b95], 
PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{23cb3056}, In Quarantäne, [1e5b56edcbbfd462e0a66d6435ced828], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, In Quarantäne, [2554e55ef199c5716430909d17eefb05], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, In Quarantäne, [5821232032580a2cc1d465c861a4fd03], 
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\WOW6432NODE\SHOPPERPRO, In Quarantäne, [a2d778cb7515999d274c813408fbda26], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, In Quarantäne, [2554380b216931051587299d06fddf21], 
PUP.Optional.Tuto4Pc.A, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS, In Quarantäne, [5a1fbd860d7d53e3bbba70c728ddb34d], 
PUP.Optional.cherimoya.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\cherimoya, In Quarantäne, [671252f178128aac6bbcbaf553b0dd23], 
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, In Quarantäne, [f8810e3512787bbb9ff4496b9a699d63], 
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, In Quarantäne, [b4c5d271a2e8e0565780e7d4e51e7789], 
PUP.Optional.GeForce.A, HKU\S-1-5-18\SOFTWARE\Ge-Force-nv, In Quarantäne, [f2873f04aedc4de9be19360155b006fa], 
PUP.Optional.GeForce.A, HKU\S-1-5-18\SOFTWARE\Ge-Force-nv-ie, In Quarantäne, [75040b387515c670d20569ce64a16a96], 
PUP.Optional.Shopperz.A, HKU\S-1-5-18\SOFTWARE\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}, In Quarantäne, [4c2d64df533768cea94aabf9dc2724dc], 
PUP.Optional.Shopperz.A, HKU\S-1-5-19\SOFTWARE\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}, In Quarantäne, [fd7c6cd77c0ef541678c12921ce76799], 
PUP.Optional.Shopperz.A, HKU\S-1-5-20\SOFTWARE\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}, In Quarantäne, [b8c1192a4545e551c52e22825ba8629e], 
PUP.Optional.CinemaPlus.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\CinemaPlus-3.2cV26.05-nv-ie, In Quarantäne, [0574152ebcce75c17a5a23940bf8b64a], 
PUP.Optional.GeForce.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\Ge-Force, In Quarantäne, [0d6c85be5139c274ad1eea419471be42], 
PUP.Optional.GeForce.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\Ge-Force-nv, In Quarantäne, [61181c27f496f640ddfaa98e0df8f10f], 
PUP.Optional.GeForce.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\Ge-Force-nv-ie, In Quarantäne, [f88199aa6a209e988b4c181ff90c3cc4], 
PUP.Optional.HomeTab.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\HomeTab, In Quarantäne, [c7b23c07a1e9e0561d23f5e4a162fc04], 
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\SearchProtectWS, In Quarantäne, [e2976ed54e3c2d094746a801c93ae21e], 
PUP.Optional.TNT.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\TNT2, In Quarantäne, [aacf390a1773082e26480c9f1de601ff], 
PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\TutoTag, In Quarantäne, [5b1e59ea64262412765050dd4eb73dc3], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\WajIntEnhance, In Quarantäne, [6118a49f800a8ea84b7ca10bb64d827e], 
PUP.Optional.Shopperz.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}, In Quarantäne, [b3c6dd66850577bf579c3d67a45f51af], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, In Quarantäne, [3f3a2e15e6a42c0ab08838e77b8a2cd4], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21836, In Quarantäne, [027761e27a1038fe5d5edae8b251fa06], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, In Quarantäne, [d9a06ed52f5b00366655e2e030d3e818], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\BrowserV27.06, In Quarantäne, [4a2f142fbdcd082e6232743520e3da26], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Webar, In Quarantäne, [dd9c46fd602ab4822c1aeac362a136ca], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, In Quarantäne, [2d4c85bebcce82b4145d8e17da29fa06], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, In Quarantäne, [ec8dc1826c1efc3af0823e67a063f010], 
PUP.Optional.Linkey.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, In Quarantäne, [b9c0ce75cdbd4ee8a6cd762ffd06e21e], 
PUP.Optional.Vosteran.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, In Quarantäne, [caafff4435557cbab5bfd7ce986bcb35], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, In Quarantäne, [bcbd5ee598f258de4c29683dc63de51b], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\SIMPLYTECH\HomeTabWajIEnhance, In Quarantäne, [aacfbd86d8b237ff1375446555aecc34], 
PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\TUTORIALS\updatetutorialeshp, In Quarantäne, [d2a7ba8982086cca21d1bbefe41fce32], 
PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\TUTORIALS\updatetutorialshp, In Quarantäne, [95e482c13a5043f38f64ecbe61a222de], 
PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\TUTORIALS\updv, In Quarantäne, [7cfd5ce76b1fed496193852506fd60a0], 
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdate, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdatem, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GLOBALUPDATE.EXE, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GLOBALUPDATE.EXE, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\globalUpdate.OneClickCtrl.10, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Update3WebControl.4, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\globalUpdate.Update3WebControl.4, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Ge-Force, In Quarantäne, [3a3fe1628dfdfe38e12f9ce79073659b], 
PUP.Optional.ShopperPro, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPBIUpd, In Quarantäne, [9cdd1b28addd112554829feb8c7728d8], 
PUP.Optional.ShopperPro, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPBIUpdd, In Quarantäne, [9cdd1b28addd112554829feb8c7728d8], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\TYPELIB\{8FB1A663-2820-468B-95C4-5060A4C5F413}, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\INTERFACE\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{8FB1A663-2820-468B-95C4-5060A4C5F413}, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{8FB1A663-2820-468B-95C4-5060A4C5F413}, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\ShopperPro.ShopperProBHO.1, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\ShopperPro.ShopperProBHO, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ShopperPro.ShopperProBHO, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\WOW6432NODE\ShopperPro.ShopperProBHO, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ShopperPro.ShopperProBHO.1, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\WOW6432NODE\ShopperPro.ShopperProBHO.1, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 
PUP.Optional.ShopperPro, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 
PUP.Optional.ShopperPro, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}\INPROCSERVER32, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 

Registrierungswerte: 10
PUP.Optional.SmartWeb.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SmartWeb, C:\Users\Leon\AppData\Local\SmartWeb\SmartWebHelper.exe, In Quarantäne, [4b2e93b0f99168cedd5f4cb00ff2e31d]
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SPDriver, C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2057\jsdrv.exe, In Quarantäne, [b2c7251e6c1e56e0cbb63793b94ae818]
PUP.Optional.ShopperPro, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SPDriver, C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2057\jsdrv.exe, In Quarantäne, [b2c7251e6c1e56e0cbb63793b94ae818]
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_de_563, In Quarantäne, [4732ad9697f383b3613bf9bca65da35d], 
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_de_005010015, In Quarantäne, [95e465de1f6b1422c0dcd7ded82b16ea], 
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_de_005010018, "C:\Program Files (x86)\gmsd_de_005010018\gmsd_de_005010018.exe", In Quarantäne, [1168e0631872a690c9d3a21345be03fd]
PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\WOW6432NODE\SHOPPERPRO|aff, tutdk, In Quarantäne, [a2d778cb7515999d274c813408fbda26]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, face, In Quarantäne, [2554380b216931051587299d06fddf21]
PUP.Optional.Tuto4Pc.A, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS|HostGUID, 6706AE23-C3BE-4575-8689-BDDF7B9D65C6, In Quarantäne, [5a1fbd860d7d53e3bbba70c728ddb34d]
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|upgmsd_de_005010018.exe, C:\Users\Leon\AppData\Local\gmsd_de_005010018\upgmsd_de_005010018.exe -runonce, In Quarantäne, [f48566dd3357b87ef49047517c87c739]

Registrierungsdaten: 10
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.istartsurf.com/?type=hppp&ts=1432722120&z=7da3618e633ee4e003706e3g4zccao5m0o6oee6teg&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hppp&ts=1432722120&z=7da3618e633ee4e003706e3g4zccao5m0o6oee6teg&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP),Ersetzt,[a3d640037218f343e92d5d78db2afa06]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.istartsurf.com/?type=hppp&ts=1432722120&z=7da3618e633ee4e003706e3g4zccao5m0o6oee6teg&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hppp&ts=1432722120&z=7da3618e633ee4e003706e3g4zccao5m0o6oee6teg&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP),Ersetzt,[87f253f0a2e878be3dd96570b2537a86]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.istartsurf.com/web/?type=ds&ts=1432722022&z=663ff635630f78f6df10e0dg6z9cdoem8oagbt8t3c&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1432722022&z=663ff635630f78f6df10e0dg6z9cdoem8oagbt8t3c&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP&q={searchTerms}),Ersetzt,[c0b9a49f6822ac8a06106c69e2232dd3]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.istartsurf.com/?type=hppp&ts=1432722120&z=7da3618e633ee4e003706e3g4zccao5m0o6oee6teg&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hppp&ts=1432722120&z=7da3618e633ee4e003706e3g4zccao5m0o6oee6teg&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP),Ersetzt,[4d2cfe45cdbdeb4bd145ad28b55046ba]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.istartsurf.com/?type=hppp&ts=1432722120&z=7da3618e633ee4e003706e3g4zccao5m0o6oee6teg&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hppp&ts=1432722120&z=7da3618e633ee4e003706e3g4zccao5m0o6oee6teg&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP),Ersetzt,[9edbb98aaedc1a1c928490457e87c63a]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.istartsurf.com/web/?type=ds&ts=1432722022&z=663ff635630f78f6df10e0dg6z9cdoem8oagbt8t3c&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1432722022&z=663ff635630f78f6df10e0dg6z9cdoem8oagbt8t3c&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP&q={searchTerms}),Ersetzt,[c2b74bf81476b4828690835211f425db]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.istartsurf.com/web/?type=ds&ts=1432722022&z=663ff635630f78f6df10e0dg6z9cdoem8oagbt8t3c&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1432722022&z=663ff635630f78f6df10e0dg6z9cdoem8oagbt8t3c&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP&q={searchTerms}),Ersetzt,[b2c79aa93f4bca6c33e1686d966f857b]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.istartsurf.com/?type=hppp&ts=1432722120&z=7da3618e633ee4e003706e3g4zccao5m0o6oee6teg&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hppp&ts=1432722120&z=7da3618e633ee4e003706e3g4zccao5m0o6oee6teg&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP),Ersetzt,[1861152e6a202610d83c18bd4cb9718f]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.istartsurf.com/?type=hppp&ts=1432722120&z=7da3618e633ee4e003706e3g4zccao5m0o6oee6teg&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hppp&ts=1432722120&z=7da3618e633ee4e003706e3g4zccao5m0o6oee6teg&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP),Ersetzt,[0a6fb98a6f1bc57183918c490df813ed]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.istartsurf.com/web/?type=ds&ts=1432722022&z=663ff635630f78f6df10e0dg6z9cdoem8oagbt8t3c&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1432722022&z=663ff635630f78f6df10e0dg6z9cdoem8oagbt8t3c&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP&q={searchTerms}),Ersetzt,[d4a599aaa2e86bcb8f8573623cc96b95]

Ordner: 54
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab, Löschen bei Neustart, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\image, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\en-US, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-419, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-ES, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-BE, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CA, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CH, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-FR, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-LU, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-CH, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-IT, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pl, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt-BR, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru-MO, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\tr-TR, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\vi-VI, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-CN, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-TW, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro, Löschen bei Neustart, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox, In Quarantäne, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox\content, In Quarantäne, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver, Löschen bei Neustart, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2057, Löschen bei Neustart, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Löschen bei Neustart, [babf1e25e8a282b4faa55a26966d2bd5], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, In Quarantäne, [babf1e25e8a282b4faa55a26966d2bd5], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, Löschen bei Neustart, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, Löschen bei Neustart, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{1062C521-2E6C-46BE-9616-F11C64053A8D}, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.288202, In Quarantäne, [7dfc380bc2c887affb8e681a33d0b54b], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.372210, In Quarantäne, [3a3f2b181872a5913f4a681a14efa25e], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.53037, In Quarantäne, [e396bc87cdbdb0867019cdb57a89d12f], 
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force, Löschen bei Neustart, [3a3fe1628dfdfe38e12f9ce79073659b], 
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro, Löschen bei Neustart, [9cdd1b28addd112554829feb8c7728d8], 
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 
PUP.Optional.GamesDesktop.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP, In Quarantäne, [0b6e7fc43f4b999d354e0f896f942fd1], 
PUP.Optional.GamesDesktop.A, C:\Users\Leon\AppData\Local\gmsd_de_005010018, Löschen bei Neustart, [f48566dd3357b87ef49047517c87c739], 
PUP.Optional.GamesDesktop.A, C:\Users\Leon\AppData\Local\gmsd_de_005010018\Download, In Quarantäne, [f48566dd3357b87ef49047517c87c739], 
PUP.Optional.GamesDesktop.A, C:\Users\Leon\AppData\Local\gmsd_de_005010018\gmsd_de_005010018, In Quarantäne, [f48566dd3357b87ef49047517c87c739], 
PUP.Optional.GamesDesktop.A, C:\Users\Leon\AppData\Local\gmsd_de_005010018\gmsd_de_005010018\1.20, In Quarantäne, [f48566dd3357b87ef49047517c87c739], 
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_de_005010018, Löschen bei Neustart, [0f6a58ebcfbba591b9cce0b8c53e5ca4], 
PUP.Optional.Shopperz.A, C:\Program Files\shopperz, In Quarantäne, [d3a6241f95f5152189dc7725f3109f61], 
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate, In Quarantäne, [3346e75ce1a987af40f6356813f0a45c], 
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update, In Quarantäne, [3346e75ce1a987af40f6356813f0a45c], 

Dateien: 246
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ProtectService.exe, Löschen bei Neustart, [43368eb51b6f989eda7717f7eb17a858], 
PUP.Optional.SmartWeb.A, C:\Users\Leon\AppData\Local\SmartWeb\SmartWebHelper.exe, Löschen bei Neustart, [4b2e93b0f99168cedd5f4cb00ff2e31d], 
PUP.Optional.SmartWeb.A, C:\Users\Leon\AppData\Local\SmartWeb\SmartWebApp.exe, Löschen bei Neustart, [5623d96abbcfe452a6965f9d43bea45c], 
PUP.Optional.SmartWeb.A, C:\Users\Leon\AppData\Local\SmartWeb\swhk.dll, Löschen bei Neustart, [6c0dca795b2f6acc3c00738950b1db25], 
PUP.Optional.Nova.A, C:\Program Files (x86)\Ge-Force\85c0ca8b-a41d-4672-8342-097042027b94.dll, Löschen bei Neustart, [55249ea5ee9c10261cf220ebc63c7987], 
PUP.Optional.Nova.A, C:\Program Files (x86)\85c3582f-9a9c-4e9f-93c7-824223714908\ca9bb31e-9489-468e-a404-fe7568cf3539.dll, In Quarantäne, [84f58db67a104de9dd311fecf909a858], 
PUP.Optional.Nova.A, C:\Program Files (x86)\Adobe\6c07a4a2-65ff-495f-8ccc-e6c34d6cbebc.dll, In Quarantäne, [8dec21225f2beb4bed21bd4eec160ef2], 
PUP.Optional.Nova.A, C:\Program Files (x86)\AnyProtectEx\6dae1021-091b-4b02-99fc-fb29da587235.dll, In Quarantäne, [5029ad962d5d24127797cf3cd82afb05], 
PUP.Optional.Nova.A, C:\Program Files (x86)\cecea3d5-3cfb-47ed-a074-c0d5128c78a1\9d67bc15-135e-4a85-935b-8b1225e082ae.dll, In Quarantäne, [83f649fa3852d6600608fc0f5ba78977], 
PUP.Optional.Multiplug.A, C:\Program Files (x86)\NewSaVeR\NewSaVeR.exe, In Quarantäne, [5e1b4102206ac76f9fd959d4a45e22de], 
PUP.Optional.Multiplug.A, C:\Program Files (x86)\FullContact for Gmail\FullContact for Gmail.exe, In Quarantäne, [fc7d3013296174c293e5ec41b949a957], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Ge-Force\utils.exe, In Quarantäne, [5524400391f9d066fa5877e25ca40ff1], 
PUP.Optional.Nova.A, C:\$Recycle.Bin\S-1-5-21-2382863035-827234180-2916811482-1001\$RM5HXMO.dll, In Quarantäne, [ceabb88b672383b36da1f7146a98d22e], 
PUP.Optional.SmartWeb.A, C:\$Recycle.Bin\S-1-5-21-2382863035-827234180-2916811482-1001\$RB9QJ2Y\__u.exe, In Quarantäne, [1f5a4df65f2bed49bc805e9e61a0659b], 
PUP.Optional.CrossRider.A, C:\Users\Leon\AppData\Local\Temp\5068.exe, In Quarantäne, [f88199aa8cfe13230f551bf933d3da26], 
PUP.Optional.MyBestOffersToday.A, C:\Users\Leon\AppData\Local\Temp\is-FJDTT.tmp\gentlemjmp_ieu.exe, In Quarantäne, [fe7b2f1428620b2be053ed0b669bc33d], 
PUP.Optional.Useful, C:\Users\Leon\Downloads\MixxxDJ (1).exe, In Quarantäne, [d3a659eaa4e6a88ef64e923f07fea060], 
PUP.Optional.Useful, C:\Users\Leon\Downloads\MixxxDJ (2).exe, In Quarantäne, [6514340fccbe69cdd66e0cc56b9a8080], 
PUP.Optional.Useful, C:\Users\Leon\Downloads\MixxxDJ (3).exe, In Quarantäne, [e297380b3852f0464bf97c55c73ecb35], 
PUP.Optional.Useful, C:\Users\Leon\Downloads\MixxxDJ.exe, In Quarantäne, [81f84ef5f59511252c18e1f0bb4a6d93], 
PUP.Optional.Amonetize.A, C:\Users\Leon\AppData\Local\30537\Updater.exe, In Quarantäne, [14659fa45b2f0c2af03b87dc08f8d12f], 
PUP.Optional.SmartWeb.A, C:\Users\Leon\AppData\Local\SmartWeb\__u.exe, In Quarantäne, [5d1ce65d8307cd692e0e6795b24fbb45], 
PUP.Optional.ShopperPro.A, C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_333132343334353538382d3755556c415a505757414a34, In Quarantäne, [23567fc4ee9ce35300697b31d72cff01], 
PUP.Optional.ABEngine.A, C:\Users\Leon\AppData\Local\Temp\abengine.log, In Quarantäne, [46334300860467cf1b24674634cf2bd5], 
PUP.Optional.ABEngine.A, C:\Windows\Temp\abengine.log, Löschen bei Neustart, [582166dd7218082edb6477369271a858], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\uninstall.exe, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\BrowerWatchCH.dll, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\BrowerWatchFF.dll, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\BrowserAction.dll, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\CmdShell.exe, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\conf, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ffsearch_toolbar!1.0.0.1031.xpi, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\HPNotify.exe, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\IeWatchDog.dll, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\install.data, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, Löschen bei Neustart, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, Löschen bei Neustart, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\searchProvider.xml, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\SupTab.dll, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\about.png, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\about_bk.png, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\btn.png, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\btn_apply.png, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\close.png, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\conf.xml, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\conf_back.png, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\input_bk.png, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\logo.png, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\main.xml, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\radio_1.png, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\radio_2.png, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\rigth_arrow.png, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\settings.png, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\data.html, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\indexIE.html, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\indexIE8.html, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\main.css, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\ver.txt, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\google_trends.png, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon128.png, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon16.png, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon48.png, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\loading.gif, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\logo32.ico, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\common.js, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\ga.js, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\jquery-1.11.0.min.js, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\jquery.autocomplete.js, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\jquery.xdomainrequest.min.js, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\js.js, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\library.js, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\xagainit-ie8.js, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\xagainit2.0.js, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\xdomain.min.js, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\en-US\messages.json, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-419\messages.json, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-ES\messages.json, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-BE\messages.json, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CA\messages.json, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CH\messages.json, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-FR\messages.json, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-LU\messages.json, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-CH\messages.json, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-IT\messages.json, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pl\messages.json, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt\messages.json, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt-BR\messages.json, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru\messages.json, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru-MO\messages.json, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\tr-TR\messages.json, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\vi-VI\messages.json, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-CN\messages.json, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-TW\messages.json, In Quarantäne, [2356ac97117954e2b42aa60a8e752ed2], 
PUP.Optional.Flowsurf.A, C:\Windows\System32\abengineOff.ini, In Quarantäne, [27523c07abdfab8b4af7238f48bbe21e], 
PUP.Optional.Flowsurf.A, C:\Windows\SysWOW64\abengineOff.ini, In Quarantäne, [5b1e83c090fa7fb71e233082fb08ad53], 
PUP.Optional.BoostSaves.A, C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage, Löschen bei Neustart, [d3a6fd46c0cafd39abdea60ebb48f709], 
PUP.Optional.BoostSaves.A, C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage-journal, Löschen bei Neustart, [afca8eb51f6b52e45831298b61a29070], 
PUP.Optional.SmartWeb.A, C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk, In Quarantäne, [6b0e43005f2b58de66e25166867d51af], 
PUP.Optional.SmartWeb.A, C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task, In Quarantäne, [3e3b4af9ddad37ff2e1d8631e51eda26], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\ShopperPro.exe, In Quarantäne, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\config.json, In Quarantäne, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\database1_0_0.ej, In Quarantäne, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\database1_0_0.json, In Quarantäne, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\manifest.json, In Quarantäne, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\ShopperPro.dll, In Quarantäne, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\ShopperPro64.dll, In Quarantäne, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\SPRemove.exe, In Quarantäne, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\Updater.exe, In Quarantäne, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox\chrome.manifest, In Quarantäne, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox\install.rdf, In Quarantäne, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox\content\overlay.js, In Quarantäne, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox\content\overlay.xul, In Quarantäne, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox\content\shopperpro_128.png, In Quarantäne, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\jsdrv.exe, In Quarantäne, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\jsdrv.sys, In Quarantäne, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2057\config.json, In Quarantäne, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2057\database1_0_0.ej, In Quarantäne, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2057\jsdrv.exe, Löschen bei Neustart, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.2057\jsdrv.sys, In Quarantäne, [b2c7251e6c1e56e0cbb63793b94ae818], 
PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\ShopperPro, In Quarantäne, [87f2c3806327b284f89058727f8455ab], 
PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\ShopperProJSUpd, In Quarantäne, [a3d666dd127824126029705a27dcd52b], 
PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\SPDriver, In Quarantäne, [f1884af92169e74fadddb51549ba2dd3], 
PUP.Optional.Boost.A, C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage, Löschen bei Neustart, [1366e75ce6a45cda321b89456d96b24e], 
PUP.Optional.Boost.A, C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage-journal, Löschen bei Neustart, [b5c4bc876c1e86b096b7ede17c875ca4], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-1-6, In Quarantäne, [8fea58ebd9b177bf82ef8d413ec538c8], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-1-7, In Quarantäne, [e396cf742f5bc4725819f9d5c83b7d83], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-3, In Quarantäne, [4f2a60e3dcaed75f1b56eee0cd36718f], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-5, In Quarantäne, [2950063d5535bc7a234ec20cd231e020], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-5_user, In Quarantäne, [85f4f0535436bb7b472a5c720201d62a], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-6, In Quarantäne, [7efb76cdeaa0072fb3bef5d9ad56629e], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-7, In Quarantäne, [bbbea59e0f7bde589fd2ae2005fe29d7], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d0b1e010-14a8-49b2-af39-970493ad715d-1-6, In Quarantäne, [6a0fd370593169cd175a23ab7b88c43c], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d0b1e010-14a8-49b2-af39-970493ad715d-1-7, In Quarantäne, [4c2dc1820e7cb086a2cfc30b16ed8b75], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d0b1e010-14a8-49b2-af39-970493ad715d-10_user, In Quarantäne, [265398abb8d20135fd74dfef63a028d8], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d0b1e010-14a8-49b2-af39-970493ad715d-5, In Quarantäne, [4e2b86bdaae043f3a2cfffcf55ae23dd], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d0b1e010-14a8-49b2-af39-970493ad715d-5_user, In Quarantäne, [0d6c7bc87a1079bde68b7757f90a46ba], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d0b1e010-14a8-49b2-af39-970493ad715d-6, In Quarantäne, [275253f0d3b739fdea87def0d42fd32d], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d0b1e010-14a8-49b2-af39-970493ad715d-7, In Quarantäne, [59208bb8741642f4630ee7e748bbf10f], 
PUP.SoftwareUpdater.A, C:\Windows\System32\Tasks\AmiUpdXp, In Quarantäne, [e59479ca1e6c1b1b7a8f765d29da35cb], 
PUP.Optional.ShoppingGate.A, C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage, Löschen bei Neustart, [86f359ea6b1f83b3fc536d706a994cb4], 
PUP.Optional.ShoppingGate.A, C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage-journal, Löschen bei Neustart, [512879cac9c19f9789c619c4d52e768a], 
PUP.Software.Updater, C:\Windows\Tasks\AmiUpdXp.job, In Quarantäne, [4a2fed561773c76f9a0d3bc1ac5723dd], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-1-6.job, In Quarantäne, [14654df67a105adc4429bf6c6e97cd33], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-1-7.job, In Quarantäne, [b6c353f0ef9bb2848ce15dce8382bc44], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-3.job, In Quarantäne, [e9905de6ccbebe78bfaee14aaf5658a8], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-5.job, In Quarantäne, [fb7e20232e5c4ceaf37a3bf02adbcb35], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-5_user.job, In Quarantäne, [c2b7f350dab0e74f5d10f833ad585da3], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-6.job, In Quarantäne, [61181d264842ce687bf240eb689dd828], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\0b45da08-f709-413a-ba92-171a721c41b4-7.job, In Quarantäne, [9edbbd861e6c64d2fb725ecd85807987], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d0b1e010-14a8-49b2-af39-970493ad715d-1-6.job, In Quarantäne, [58212a19682273c3dd9081aaa06530d0], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d0b1e010-14a8-49b2-af39-970493ad715d-1-7.job, In Quarantäne, [8eeb291aa5e5300664099794a85db44c], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d0b1e010-14a8-49b2-af39-970493ad715d-10_user.job, In Quarantäne, [fb7e48fb503a49edaebf85a6778e26da], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d0b1e010-14a8-49b2-af39-970493ad715d-5.job, In Quarantäne, [de9b58eba3e7b680bbb26cbf07fe46ba], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d0b1e010-14a8-49b2-af39-970493ad715d-5_user.job, In Quarantäne, [8dec6fd4fb8f3402313cde4db55052ae], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d0b1e010-14a8-49b2-af39-970493ad715d-6.job, In Quarantäne, [1861d46fe5a577bf115c6ebd1aeb58a8], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\d0b1e010-14a8-49b2-af39-970493ad715d-7.job, In Quarantäne, [9bdee1626f1b05312944062513f23bc5], 
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, In Quarantäne, [aacf7cc7226858ded3a96ebd699cb44c], 
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, In Quarantäne, [7cfdcd763d4d4ee86c116ac12fd68977], 
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, In Quarantäne, [9cdd1a296525023495e9b97208fdbe42], 
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, In Quarantäne, [0970cf74c7c345f16d1285a6b94cca36], 
PUP.Optional.ReMarkable.A, C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage, Löschen bei Neustart, [3643ef54c2c8a98df1b79a9532d32fd1], 
PUP.Optional.ReMarkable.A, C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal, Löschen bei Neustart, [3d3cd76c1b6f31051b8de34cb74ec43c], 
PUP.Optional.Vitruvian.A, C:\Users\Leon\AppData\Local\Temp\vitruvian-installer-hardwareprofile-v0001, In Quarantäne, [a0d975cee2a80036d31eb083d33203fd], 
PUP.Optional.Vitruvian.A, C:\Users\Leon\AppData\Local\Temp\vitruvian-installer-install-v0003, In Quarantäne, [29509ca798f2cb6b10e13df619ec718f], 
PUP.Optional.Vitruvian.A, C:\Users\Leon\AppData\Local\Temp\vitruvian-installer-processes-v0002, In Quarantäne, [6c0d90b3e5a5f640c1302310ef16c13f], 
PUP.Optional.Vitruvian.A, C:\Users\Leon\AppData\Local\Temp\vitruvian-installer-scheduledtasks-v0001, In Quarantäne, [f0894af9c2c8f64049a870c349bcad53], 
PUP.Optional.Vitruvian.A, C:\Users\Leon\AppData\Local\Temp\vitruvian-installer-softwareregkeys-v0002, In Quarantäne, [2f4a073c404aa88ed9185fd4e81d52ae], 
PUP.Optional.Vitruvian.A, C:\Users\Leon\AppData\Local\Temp\vitruvian-installer-uninstall-v0002, In Quarantäne, [4c2df74c157504321cd568cb768f32ce], 
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_de_005010018\gmsd_de_005010018.exe, Löschen bei Neustart, [1168e0631872a690c9d3a21345be03fd], 
PUP.Optional.WindowsMangerProtect.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Löschen bei Neustart, [f8810e3512787bbb9ff4496b9a699d63], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe, Löschen bei Neustart, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdate.exe, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateBroker.exe, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateCrashHandler.exe, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateHelper.msi, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateOnDemand.exe, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, Löschen bei Neustart, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, In Quarantäne, [1861d370becc7bbb660739497d86fc04], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.288202\globalupdate.exe, In Quarantäne, [7dfc380bc2c887affb8e681a33d0b54b], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.288202\globalupdateBroker.exe, In Quarantäne, [7dfc380bc2c887affb8e681a33d0b54b], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.288202\globalupdateCrashHandler.exe, In Quarantäne, [7dfc380bc2c887affb8e681a33d0b54b], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.288202\globalupdateHelper.msi, In Quarantäne, [7dfc380bc2c887affb8e681a33d0b54b], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.288202\globalupdateOnDemand.exe, In Quarantäne, [7dfc380bc2c887affb8e681a33d0b54b], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.288202\goopdate.dll, In Quarantäne, [7dfc380bc2c887affb8e681a33d0b54b], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.288202\goopdateres_en.dll, In Quarantäne, [7dfc380bc2c887affb8e681a33d0b54b], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.288202\npglobalupdateUpdate4.dll, In Quarantäne, [7dfc380bc2c887affb8e681a33d0b54b], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.288202\psmachine.dll, In Quarantäne, [7dfc380bc2c887affb8e681a33d0b54b], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.288202\psuser.dll, In Quarantäne, [7dfc380bc2c887affb8e681a33d0b54b], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.372210\globalupdate.exe, In Quarantäne, [3a3f2b181872a5913f4a681a14efa25e], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.372210\globalupdateBroker.exe, In Quarantäne, [3a3f2b181872a5913f4a681a14efa25e], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.372210\globalupdateCrashHandler.exe, In Quarantäne, [3a3f2b181872a5913f4a681a14efa25e], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.372210\globalupdateHelper.msi, In Quarantäne, [3a3f2b181872a5913f4a681a14efa25e], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.372210\globalupdateOnDemand.exe, In Quarantäne, [3a3f2b181872a5913f4a681a14efa25e], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.372210\goopdate.dll, In Quarantäne, [3a3f2b181872a5913f4a681a14efa25e], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.372210\goopdateres_en.dll, In Quarantäne, [3a3f2b181872a5913f4a681a14efa25e], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.372210\npglobalupdateUpdate4.dll, In Quarantäne, [3a3f2b181872a5913f4a681a14efa25e], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.372210\psmachine.dll, In Quarantäne, [3a3f2b181872a5913f4a681a14efa25e], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.372210\psuser.dll, In Quarantäne, [3a3f2b181872a5913f4a681a14efa25e], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.53037\globalupdate.exe, In Quarantäne, [e396bc87cdbdb0867019cdb57a89d12f], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.53037\globalupdateBroker.exe, In Quarantäne, [e396bc87cdbdb0867019cdb57a89d12f], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.53037\globalupdateCrashHandler.exe, In Quarantäne, [e396bc87cdbdb0867019cdb57a89d12f], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.53037\globalupdateHelper.msi, In Quarantäne, [e396bc87cdbdb0867019cdb57a89d12f], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.53037\globalupdateOnDemand.exe, In Quarantäne, [e396bc87cdbdb0867019cdb57a89d12f], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.53037\goopdate.dll, In Quarantäne, [e396bc87cdbdb0867019cdb57a89d12f], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.53037\goopdateres_en.dll, In Quarantäne, [e396bc87cdbdb0867019cdb57a89d12f], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.53037\npglobalupdateUpdate4.dll, In Quarantäne, [e396bc87cdbdb0867019cdb57a89d12f], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.53037\psmachine.dll, In Quarantäne, [e396bc87cdbdb0867019cdb57a89d12f], 
PUP.Optional.GlobalUpdate.A, C:\Users\Leon\AppData\Local\Temp\comh.53037\psuser.dll, In Quarantäne, [e396bc87cdbdb0867019cdb57a89d12f], 
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\bgNova.html, In Quarantäne, [3a3fe1628dfdfe38e12f9ce79073659b], 
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\d0b1e010-14a8-49b2-af39-970493ad715d-1-6.exe, Löschen bei Neustart, [3a3fe1628dfdfe38e12f9ce79073659b], 
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\d0b1e010-14a8-49b2-af39-970493ad715d-1-7.exe, In Quarantäne, [3a3fe1628dfdfe38e12f9ce79073659b], 
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\d0b1e010-14a8-49b2-af39-970493ad715d-10.exe, Löschen bei Neustart, [3a3fe1628dfdfe38e12f9ce79073659b], 
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\d0b1e010-14a8-49b2-af39-970493ad715d-5.exe, In Quarantäne, [3a3fe1628dfdfe38e12f9ce79073659b], 
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\d0b1e010-14a8-49b2-af39-970493ad715d-6.exe, Löschen bei Neustart, [3a3fe1628dfdfe38e12f9ce79073659b], 
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\d0b1e010-14a8-49b2-af39-970493ad715d-64.exe, In Quarantäne, [3a3fe1628dfdfe38e12f9ce79073659b], 
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\d0b1e010-14a8-49b2-af39-970493ad715d-7.exe, In Quarantäne, [3a3fe1628dfdfe38e12f9ce79073659b], 
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\da05127a-4b17-4c3c-acbb-e925e667ab3b.dll, In Quarantäne, [3a3fe1628dfdfe38e12f9ce79073659b], 
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\Uninstall.exe, In Quarantäne, [3a3fe1628dfdfe38e12f9ce79073659b], 
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbia.exe, In Quarantäne, [9cdd1b28addd112554829feb8c7728d8], 
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbici32.dll, Löschen bei Neustart, [9cdd1b28addd112554829feb8c7728d8], 
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbici64.dll, Löschen bei Neustart, [9cdd1b28addd112554829feb8c7728d8], 
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbii32.exe, In Quarantäne, [9cdd1b28addd112554829feb8c7728d8], 
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbii64.exe, In Quarantäne, [9cdd1b28addd112554829feb8c7728d8], 
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbiu.exe, Löschen bei Neustart, [9cdd1b28addd112554829feb8c7728d8], 
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbiw.sys, In Quarantäne, [9cdd1b28addd112554829feb8c7728d8], 
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\config.json, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\database1_0_0.ej, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\ShopperPro.dll, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\ShopperPro64.dll, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\spbihe.js, In Quarantäne, [0376b68d6426b5816fa838547c879a66], 
PUP.Optional.GamesDesktop.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP\GamesDesktop.lnk, In Quarantäne, [0b6e7fc43f4b999d354e0f896f942fd1], 
PUP.Optional.GamesDesktop.A, C:\Users\Leon\AppData\Local\gmsd_de_005010018\upgmsd_de_005010018.cyl, In Quarantäne, [f48566dd3357b87ef49047517c87c739], 
PUP.Optional.GamesDesktop.A, C:\Users\Leon\AppData\Local\gmsd_de_005010018\upgmsd_de_005010018.exe, Löschen bei Neustart, [f48566dd3357b87ef49047517c87c739], 
PUP.Optional.GamesDesktop.A, C:\Users\Leon\AppData\Local\gmsd_de_005010018\user_profil.cyp, In Quarantäne, [f48566dd3357b87ef49047517c87c739], 
PUP.Optional.GamesDesktop.A, C:\Users\Leon\AppData\Local\gmsd_de_005010018\Download\myoffergroup_de.exe, In Quarantäne, [f48566dd3357b87ef49047517c87c739], 
PUP.Optional.GamesDesktop.A, C:\Users\Leon\AppData\Local\gmsd_de_005010018\gmsd_de_005010018\1.20\cnf.cyl, In Quarantäne, [f48566dd3357b87ef49047517c87c739], 
PUP.Optional.GamesDesktop.A, C:\Users\Leon\AppData\Local\gmsd_de_005010018\gmsd_de_005010018\1.20\eorezo.cyl, In Quarantäne, [f48566dd3357b87ef49047517c87c739], 
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_de_005010018\gamesdesktop_widget.exe, In Quarantäne, [0f6a58ebcfbba591b9cce0b8c53e5ca4], 
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_de_005010018\predm.exe, In Quarantäne, [0f6a58ebcfbba591b9cce0b8c53e5ca4], 
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_de_005010018\unins000.dat, In Quarantäne, [0f6a58ebcfbba591b9cce0b8c53e5ca4], 
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_de_005010018\unins000.exe, In Quarantäne, [0f6a58ebcfbba591b9cce0b8c53e5ca4], 
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_de_005010018\unins000.msg, In Quarantäne, [0f6a58ebcfbba591b9cce0b8c53e5ca4], 
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\krios.dll, In Quarantäne, [d3a6241f95f5152189dc7725f3109f61], 

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)

Code:

ATTFilter

# AdwCleaner v4.207 - Bericht erstellt 01/07/2015 um 21:13:13
# Aktualisiert 21/06/2015 von Xplode
# Datenbank : 2015-06-29.1 [Server]
# Betriebssystem : Windows 8.1 Pro with Media Center  (x64)
# Benutzername : Leon - LEON-PC
# Gestarted von : C:\Users\Leon\Desktop\AdwCleaner_4.207.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : abengine
[#] Dienst Gelöscht : Util Product Deals
[#] Dienst Gelöscht : innfd_1_10_0_14

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\12e8f0fe0000708d
Ordner Gelöscht : C:\ProgramData\32345d43000071e4
Ordner Gelöscht : C:\ProgramData\5786049068603124795
Ordner Gelöscht : C:\ProgramData\ca292ba800002270
Ordner Gelöscht : C:\ProgramData\dcb6892700001287
Ordner Gelöscht : C:\ProgramData\{75b40529-ff81-e21a-75b4-40529ff814a7}
Ordner Gelöscht : C:\ProgramData\{916c61b0-822e-8f89-916c-c61b082286c2}
Ordner Gelöscht : C:\ProgramData\{e7f32564-9f9f-a002-e7f3-325649f99592}
Ordner Gelöscht : C:\Users\Public\Documents\ShopperPro
Ordner Gelöscht : C:\Program Files (x86)\AnyProtectEx
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\NewSaVer
Ordner Gelöscht : C:\Program Files (x86)\predm
Ordner Gelöscht : C:\Program Files (x86)\DriverFinder
Ordner Gelöscht : C:\Program Files (x86)\Crossbrowse
Ordner Gelöscht : C:\Program Files (x86)\GUPlayer
Ordner Gelöscht : C:\Program Files (x86)\Edu App
Ordner Gelöscht : C:\Program Files (x86)\Product Deals
Ordner Gelöscht : C:\Program Files (x86)\FastSearch
Ordner Gelöscht : C:\Program Files (x86)\NeweSeaVer
Ordner Gelöscht : C:\Program Files (x86)\NewSaveor
Ordner Gelöscht : C:\Program Files (x86)\WordShark_1.10.0.19
Ordner Gelöscht : C:\Users\Leon\AppData\Local\Temp\DriverFinder
Ordner Gelöscht : C:\Users\Leon\AppData\Local\Temp\Edu App
Ordner Gelöscht : C:\Users\Leon\AppData\Local\Temp\Product Deals
Ordner Gelöscht : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\abengine
Ordner Gelöscht : C:\Program Files\BubbleSound
Ordner Gelöscht : C:\Users\Leon\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Leon\AppData\Local\SmartWeb
Ordner Gelöscht : C:\Users\Leon\AppData\Local\Crossbrowse
Ordner Gelöscht : C:\Users\Leon\AppData\Local\Max_Computer_Cleaner
Ordner Gelöscht : C:\Users\Leon\AppData\Local\00000000-1427294372-0000-0000-8C89A57CCF91
Ordner Gelöscht : C:\Users\Leon\AppData\LocalLow\SmartWeb
Ordner Gelöscht : C:\Users\Leon\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
Ordner Gelöscht : C:\Users\Leon\AppData\Roaming\AnyProtectEx
Ordner Gelöscht : C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BubbleSound 1.0
Ordner Gelöscht : C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnaibnehbbinoohhjafknihmlopdhhip
Ordner Gelöscht : C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhnbdkfjeoiocmmieikoneglejjlaoff
Ordner Gelöscht : C:\ProgramData\pphfbpfageicbcohdhnlijnpcpmagbol
Datei Gelöscht : C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cnaibnehbbinoohhjafknihmlopdhhip_0.localstorage
Datei Gelöscht : C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cnaibnehbbinoohhjafknihmlopdhhip_0.localstorage-journal
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Public\Desktop\Youtube.lnk
Datei Gelöscht : C:\WINDOWS\SysWOW64\abengine.dll
Datei Gelöscht : C:\WINDOWS\System32\abengine64.dll
Datei Gelöscht : C:\Users\Leon\AppData\Roaming\EdxgtdGXxzVyef6a
Datei Gelöscht : C:\Users\Leon\AppData\Roaming\EdxgtdGXxzVyef6a.exe
Datei Gelöscht : C:\Users\Leon\Desktop\3D BubbleSound.lnk
Datei Gelöscht : C:\Users\Leon\Desktop\Continue GamesDesktop Uninstaller.lnk
Datei Gelöscht : C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
Datei Gelöscht : C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
Datei Gelöscht : C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage
Datei Gelöscht : C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal

***** [ Geplante Tasks ] *****

Task Gelöscht : Crossbrowse
Task Gelöscht : ShopperPro
Task Gelöscht : ShopperProJSUpd
Task Gelöscht : SmartWeb Upgrade Trigger Task
Task Gelöscht : SPDriver
Task Gelöscht : Run_Browser
Task Gelöscht : MaxComputerCleaner_Start
Task Gelöscht : Periodic Synchronize Task
Task Gelöscht : EdxgtdGXxzVyef6a

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ShopperPro.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataContainer
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataContainer.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataController
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataController.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataTable
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataTable.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataTableFields
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataTableFields.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataTableHolder
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataTableHolder.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.LSPLogic
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.LSPLogic.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.ReadOnlyManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.ReadOnlyManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Mediaplayer\Shiminclusionlist\crossbrowse.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\abengine.EXE
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\abengine
Schlüssel Gelöscht : HKLM\SOFTWARE\Clients\StartMenuInternet\Crossbrowse
Wert Gelöscht : HKLM\SOFTWARE\Classes\.htm\OpenWithProgids [CRSBRWSHTML]
Wert Gelöscht : HKLM\SOFTWARE\Classes\.html\OpenWithProgids [CRSBRWSHTML]
Wert Gelöscht : HKLM\SOFTWARE\RegisteredApplications [Crossbrowse]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
Schlüssel Gelöscht : HKLM\SOFTWARE\7c5abac9-1dee-d11d-1b9a-ef5c5d6789ae
Schlüssel Gelöscht : HKLM\SOFTWARE\85c0ca8b-a41d-4672-8342-097042027b94
Schlüssel Gelöscht : HKLM\SOFTWARE\959c9f94-7608-41eb-9712-81e684d866ac
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{425F4ABF-B8E4-402D-9E49-06E494EB8DBF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{028F96B8-C73A-4C60-B82F-3944A19B046E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{51F7DE65-A990-4213-BDB9-C2657FA7F3F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{879F721E-7F23-4B7F-B65B-F5A8F518864A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A5544F7B-C413-4CAC-8DB4-9A8D1986DD86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B9EE49F9-62A3-408D-858F-4ED9A23BAA24}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BF6D8439-BAC1-4E73-94FE-9910D098AE00}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4F14684-336F-44FC-8D9E-8A73DAE003EC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CF50C82-4C4B-43E9-B1B2-15CB1BD0C193}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7D8DAE88-BC05-4578-8C29-E541FFBA5757}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DD01946E-5501-4E11-B279-EFDFFD4C1487}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4AEC2270-2E5F-40C8-BE5A-E5A5264714C0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{52E8E39B-2773-448F-BC20-547CD8DA4685}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{62163814-0C94-4DC3-BA99-5E9E2420C914}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{68AEA825-D48B-4A56-87F0-6FCE988A2C48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6A0F07D3-F28E-4F45-8D4C-BBF8000F5BB8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AF435BC-80A9-466E-938B-32E4482EBD65}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{85CEBABD-A775-41E2-8B67-FE06104F06ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AE92A5AB-E575-4487-BCC0-96D333E5346C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C622315B-3049-43D4-9B41-D4B2DC2CD706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CDB85458-AE08-4106-B699-B946FF4A61CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{025EEF9C-90F5-417E-9196-09FA4AAB4C92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03F13205-38FF-4361-BECE-EE939A002FA2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1FAAF6AB-B931-4D05-BA12-B0ECCCCE2D0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1BCB34DC-BA6D-4B44-B786-4E259598A7C8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B5C4833B-847B-49CD-8EBE-CDD9B43C882F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{14EF423E-3EE8-44AE-9337-07AC3F27B744}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1F831F60-05FB-474D-93A3-42DA68E7EB8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{33B8CF8E-1B37-40DD-A652-F97EDFCA9565}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74CA59B5-0066-48C3-9D1A-84E0C0BB9AD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DD01946E-5501-4E11-B279-EFDFFD4C1487}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DD01946E-5501-4E11-B279-EFDFFD4C1487}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DD01946E-5501-4E11-B279-EFDFFD4C1487}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4AEC2270-2E5F-40C8-BE5A-E5A5264714C0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{52E8E39B-2773-448F-BC20-547CD8DA4685}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{62163814-0C94-4DC3-BA99-5E9E2420C914}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{68AEA825-D48B-4A56-87F0-6FCE988A2C48}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6A0F07D3-F28E-4F45-8D4C-BBF8000F5BB8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AF435BC-80A9-466E-938B-32E4482EBD65}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{85CEBABD-A775-41E2-8B67-FE06104F06ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AE92A5AB-E575-4487-BCC0-96D333E5346C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C622315B-3049-43D4-9B41-D4B2DC2CD706}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{CDB85458-AE08-4106-B699-B946FF4A61CD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{025EEF9C-90F5-417E-9196-09FA4AAB4C92}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03F13205-38FF-4361-BECE-EE939A002FA2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1FAAF6AB-B931-4D05-BA12-B0ECCCCE2D0F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9520242B-F0C8-45A5-B08B-87303ABE231A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Schlüssel Gelöscht : HKCU\Software\AnyProtect
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\Tutorials
Schlüssel Gelöscht : HKCU\Software\CrossBrowser
Schlüssel Gelöscht : HKCU\Software\UnicoBrowser
Schlüssel Gelöscht : HKCU\Software\Linkey
Schlüssel Gelöscht : HKCU\Software\YorkNewCin
Schlüssel Gelöscht : HKCU\Software\HighDefAction
Schlüssel Gelöscht : HKCU\Software\ArenaHD
Schlüssel Gelöscht : HKCU\Software\MaxComputerCleanerLanguage
Schlüssel Gelöscht : HKCU\Software\Kromtech
Schlüssel Gelöscht : HKCU\Software\Product Deals
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartWeb
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\AskPartnerNetwork
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp
Schlüssel Gelöscht : HKLM\SOFTWARE\Clara
Schlüssel Gelöscht : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Schlüssel Gelöscht : HKLM\SOFTWARE\SpeedBit
Schlüssel Gelöscht : HKLM\SOFTWARE\AIM Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\YorkNewCin
Schlüssel Gelöscht : HKLM\SOFTWARE\HighDefAction
Schlüssel Gelöscht : HKLM\SOFTWARE\ArenaHD
Schlüssel Gelöscht : HKLM\SOFTWARE\Product Deals
Schlüssel Gelöscht : HKLM\SOFTWARE\FastSearch
Schlüssel Gelöscht : HKLM\SOFTWARE\WordShark_1.10.0.19
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FastSearch
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WordShark_1.10.0.19
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\ShopperPro
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\BubbleSound
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\YorkNewCin
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\HighDefAction
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\ArenaHD
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BubbleSound
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Product Deals
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\istartsurf.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.istartsurf.com
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:57889;hxxps=127.0.0.1:57889
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Google Chrome v43.0.2357.124

[C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.istartsurf.com/web/?type=dspp&ts=1432722120&z=7da3618e633ee4e003706e3g4zccao5m0o6oee6teg&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP&q={searchTerms}
[C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www-searching.com/search.aspx?site=shyos&pid=s&shr=d&q={searchTerms}&s=F6Rztutdk0004,ce89c980-787c-4d87-87e6-d5f943658c5c
[C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Homepage] : hxxp://www-searching.com/?pid=s&s=F6Rztutdk0004,ce89c980-787c-4d87-87e6-d5f943658c5c&vp=ch
[C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Startup_URLs] : 78A760378F85DA2242CA64496053F5ACED4072986115DC5E7EEF4A904BC6E076"},"software_reporter":{"prompt_reason":"3D29A96EFDB9E14DD66449EECC12F1E654041155EE939FFEDB5DD6978F27306F","prompt_seed":"E5164C1EA9CEF00EA219470FECA9CDD0BA4CF65E80791B7160E7CB71FCA9824F","prompt_version":"4E73BF9C7EEAD984ED560FBFE1925E59B51FEEA88971BADB3F1D94955C9B31CA"},"sync":{"remaining_rollback_tries":"888DB4639B69BB3E04BAFD4A2E72D996192EEF7847262891C54A92D66F5CAB0E"}},"super_mac":"8818699EC71D601D32E10EC44F8715666D2CACB4600181DB5434F2AD209786BA"},"session":{"restore_on_startup":4,"startup_urls":["hxxp://www-searching.com/?pid=s&s=F6Rztutdk0004,ce89c980-787c-4d87-87e6-d5f943658c5c&vp=ch

*************************

AdwCleaner[R0].txt - [24132 Bytes] - [01/07/2015 21:11:56]
AdwCleaner[S0].txt - [22100 Bytes] - [01/07/2015 21:13:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22160  Bytes] ##########

Leo98 · 01.07.2015, 20:52

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.2.5 (07.01.2015:1)
OS: Windows 8.1 Pro with Media Center x64
Ran by Leon on 01.07.2015 at 21:41:18,35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully deleted: [Service] giwowubi
Successfully deleted: [Service] terecyne
Successfully deleted: [Service] wsfd_1_10_0_19
Successfully deleted: [Service] wssvc_1.10.0.19



~~~ Tasks

Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Bidaily Synchronize Task[d492]
Successfully deleted: [Task] C:\WINDOWS\tasks\Bidaily Synchronize Task[d492].job



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util Product Deals



~~~ Files

Successfully deleted: [File] C:\Users\Leon\appdata\local\nsg56A7.tmp
Successfully deleted: [File] C:\Users\Leon\AppData\Roaming\appdataFr25.bin
Successfully deleted: [File] C:\Users\Leon\appdata\local\google\chrome\user data\default\local storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage
Successfully deleted: [File] C:\Users\Leon\appdata\local\google\chrome\user data\default\local storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage-journal
Successfully deleted: [File] C:\Users\Leon\appdata\local\google\chrome\user data\default\local storage\hxxp_static.re-markable00.re-markable.net_0.localstorage
Successfully deleted: [File] C:\Users\Leon\appdata\local\google\chrome\user data\default\local storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal
Successfully deleted: [File] C:\Users\Leon\appdata\local\google\chrome\user data\default\local storage\hxxps_inst.shoppingate.info_0.localstorage
Successfully deleted: [File] C:\Users\Leon\appdata\local\google\chrome\user data\default\local storage\hxxps_inst.shoppingate.info_0.localstorage-journal
Successfully deleted: [File] C:\Users\Leon\appdata\local\google\chrome\user data\default\local storage\hxxps_static.boostsaves.com_0.localstorage
Successfully deleted: [File] C:\Users\Leon\appdata\local\google\chrome\user data\default\local storage\hxxps_static.boostsaves.com_0.localstorage-journal
Successfully deleted: [File] C:\WINDOWS\system32\drivers\wsfd_1_10_0_19.sys



~~~ Folders

Failed to delete: [Folder] C:\Users\Leon\AppData\Roaming\00000000-1427290565-0000-0000-8C89A57CCF91
Successfully deleted: [Folder] C:\Program Files\005
Successfully deleted: [Folder] C:\Users\Leon\appdata\local\crashrpt
Successfully deleted: [Folder] C:\Users\Leon\appdata\local\installer
Successfully deleted: [Folder] C:\Users\Leon\appdata\locallow\company
Successfully deleted: [Folder] C:\Users\Leon\appdata\local\30537



~~~ Chrome


[C:\Users\Leon\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Leon\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Leon\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Leon\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.07.2015 at 21:43:09,48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
Ran by Leon (administrator) on LEON-PC on 01-07-2015 21:44:45
Running from C:\Users\Leon\Desktop
Loaded Profiles: Leon (Available Profiles: Leon)
Platform: Windows 8.1 Pro with Media Center (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Users\Leon\AppData\Roaming\00000000-1427290565-0000-0000-8C89A57CCF91\knslB78C.tmp
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Users\Leon\AppData\Roaming\00000000-1427290565-0000-0000-8C89A57CCF91\jnspAA3E.tmp
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [3D BubbleSound] => "C:\Program Files\BubbleSound\3D BubbleSound.exe"
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-01-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-06-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [976832 2010-06-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28787840 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-11-21] (Apple Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-11-04]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk [2012-11-04]
ShortcutTarget: phase-6 Reminder.lnk -> C:\Program Files (x86)\phase-6\phase-6\reminder\reminder.exe (phase-6)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk [2012-11-04]
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk [2012-11-04]
ShortcutTarget: WDSmartWare.lnk -> C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:57889;https=127.0.0.1:57889
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{52A50DEE-C720-435A-A07A-9DBB2C6A6C02}: [DhcpNameServer] 192.168.178.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-24] ()
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-01-07] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-24] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-01-07] (Adobe Systems)
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlusV1\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha582\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta576\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta10961\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha666\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1068\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3481\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5512\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home8091\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6792\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release1053\ff [not found]

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Search Module Plus v2) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlcgehabolcakkjhgmgpkagpolbjlhfa [2015-06-27]
CHR HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlcgehabolcakkjhgmgpkagpolbjlhfa] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cgfjmjikpifldhhealodkfifokhbagcm] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta576\ch\VideoPlayerV3beta576.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [cploeijpnfbpcdomjmfgchlfgbennncn] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5512\ch\MediaViewV1alpha5512.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [fgkebcoamghomfiajpbllppihcjgjkbb] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3481\ch\MediaViewV1alpha3481.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [jjalkigbjoajjokfnmepdiknfmpbdpjo] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1068\ch\MediaViewerV1alpha1068.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [leldcecnejhenamkemkecblolkahkbei] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta10961\ch\VideoPlayerV3beta10961.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ngcmhddamaepplokdinlhhhflhnakhbe] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home8091\ch\MediaWatchV1home8091.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [129536 2009-11-13] (WDC) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S2 WDSmartWareBackgroundService; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 SolidWorks Licensing Service; "C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation)
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-01-25] (Emsisoft GmbH)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S1 lmimirr; \SystemRoot\system32\DRIVERS\lmimirr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-01 21:44 - 2015-07-01 21:44 - 00000024 _____ C:\Users\Leon\AppData\Roaming\appdataFr25.bin
2015-07-01 21:43 - 2015-07-01 21:43 - 00003615 _____ C:\Users\Leon\Desktop\JRT.txt
2015-07-01 21:41 - 2015-07-01 21:41 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-LEON-PC-Windows-8.1-Pro-with-Media-Center-(64-bit).dat
2015-07-01 21:41 - 2015-07-01 21:41 - 00000000 ____D C:\RegBackup
2015-07-01 21:29 - 2015-07-01 21:31 - 02950444 _____ (Malwarebytes Corporation) C:\Users\Leon\Desktop\JRT.exe
2015-07-01 21:11 - 2015-07-01 21:19 - 00000000 ____D C:\AdwCleaner
2015-07-01 21:10 - 2015-07-01 21:10 - 02244096 _____ C:\Users\Leon\Desktop\AdwCleaner_4.207.exe
2015-07-01 21:09 - 2015-07-01 21:09 - 00071427 _____ C:\Users\Leon\Desktop\mbam.txt
2015-07-01 19:48 - 2015-07-01 21:07 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-07-01 19:48 - 2015-07-01 19:48 - 00001118 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-01 19:48 - 2015-07-01 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-07-01 19:47 - 2015-07-01 19:47 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-07-01 19:47 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-07-01 19:47 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-07-01 19:47 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-07-01 19:46 - 2015-07-01 19:47 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Leon\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-30 22:19 - 2015-06-30 22:19 - 00003086 _____ C:\WINDOWS\System32\Tasks\tet3008
2015-06-30 21:54 - 2015-07-01 20:52 - 00000000 ____D C:\Program Files (x86)\cecea3d5-3cfb-47ed-a074-c0d5128c78a1
2015-06-30 21:30 - 2015-06-30 21:30 - 00001284 _____ C:\Users\Leon\Desktop\Revo Uninstaller.lnk
2015-06-30 21:30 - 2015-06-30 21:30 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-06-30 21:27 - 2015-06-30 21:27 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Leon\Downloads\revosetup95.exe
2015-06-30 20:59 - 2015-06-30 21:00 - 00057234 _____ C:\Users\Leon\Desktop\Addition.txt
2015-06-30 20:57 - 2015-07-01 21:44 - 00016539 _____ C:\Users\Leon\Desktop\FRST.txt
2015-06-30 20:57 - 2015-07-01 21:44 - 00000000 ____D C:\FRST
2015-06-30 20:56 - 2015-06-30 20:56 - 02112512 _____ (Farbar) C:\Users\Leon\Desktop\FRST64.exe
2015-06-30 20:54 - 2015-06-30 20:54 - 02112512 _____ (Farbar) C:\Users\Leon\Downloads\EAE5.tmp
2015-06-27 21:03 - 2015-07-01 20:52 - 00000000 ____D C:\Program Files (x86)\85c3582f-9a9c-4e9f-93c7-824223714908
2015-06-27 20:52 - 2015-06-27 20:52 - 00004174 _____ C:\WINDOWS\System32\Tasks\WordShark Auto Updater 1.10.0.19 Pending Update
2015-06-27 20:52 - 2015-06-27 20:52 - 00004164 _____ C:\WINDOWS\System32\Tasks\WordShark Auto Updater 1.10.0.19 Core
2015-06-17 18:30 - 2015-07-01 20:52 - 00000000 ____D C:\Program Files (x86)\FullContact for Gmail
2015-06-17 18:29 - 2015-06-27 18:29 - 00000368 _____ C:\WINDOWS\Tasks\WeddingWiz.job
2015-06-17 18:29 - 2015-06-17 18:29 - 00003252 _____ C:\WINDOWS\System32\Tasks\WeddingWiz
2015-06-17 16:13 - 2015-06-17 16:13 - 00001177 _____ C:\Users\Leon\Desktop\Run all Night - Verknüpfung.lnk
2015-06-12 21:03 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-12 21:03 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-12 21:03 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-12 21:03 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-12 21:03 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-12 21:03 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-12 21:03 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-12 21:03 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-12 21:03 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-12 21:03 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-12 21:03 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-12 21:03 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-12 21:03 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-12 21:03 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-12 21:03 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-12 21:03 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-12 21:03 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-12 21:03 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-12 21:03 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-12 21:03 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-12 21:03 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-12 21:03 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-12 21:03 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-12 21:03 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-12 21:03 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-12 21:03 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-12 21:03 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-12 21:03 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-12 21:03 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-12 21:03 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-12 21:03 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-12 21:03 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-12 21:03 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-12 21:03 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-12 21:03 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-12 21:03 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-12 21:03 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-12 21:03 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-12 21:03 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-12 21:03 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-12 20:33 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-12 20:32 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-12 20:32 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-12 20:32 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-12 20:32 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-12 20:32 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-12 20:32 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-12 20:32 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-12 20:32 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-12 20:31 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-12 20:31 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-12 20:31 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-12 20:31 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-12 20:28 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-12 20:28 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-12 20:22 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-12 20:22 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-12 20:19 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-12 20:19 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-12 20:19 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-12 20:13 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-12 20:13 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-12 20:13 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-12 20:13 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-12 20:13 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-12 20:13 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-12 20:13 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-12 20:13 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-12 20:13 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-12 20:13 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-12 20:13 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-12 20:13 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-12 20:13 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-12 20:13 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-12 20:13 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-12 20:13 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-12 20:13 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-12 20:13 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-12 20:13 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-12 20:13 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-12 20:09 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-12 19:42 - 2015-06-17 18:30 - 00000000 ____D C:\Program Files (x86)\IndepthSystem
2015-06-11 19:50 - 2015-06-24 14:47 - 18174128 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-01 21:43 - 2013-10-01 16:10 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-07-01 21:42 - 2015-03-25 15:36 - 00000000 ____D C:\Users\Leon\AppData\Roaming\00000000-1427290565-0000-0000-8C89A57CCF91
2015-07-01 21:41 - 2014-11-19 00:16 - 00000000 ____D C:\Users\Leon\AppData\Local\LogMeIn Hamachi
2015-07-01 21:35 - 2012-11-04 12:45 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2382863035-827234180-2916811482-1001
2015-07-01 21:26 - 2013-12-18 17:13 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Skype
2015-07-01 21:25 - 2015-03-01 14:04 - 00000000 ___RD C:\Users\Leon\iCloudDrive
2015-07-01 21:25 - 2015-02-10 18:01 - 00001698 _____ C:\WINDOWS\Tasks\ACQUPTNI.job
2015-07-01 21:25 - 2014-03-10 16:40 - 00000000 ___DO C:\Users\Leon\SkyDrive
2015-07-01 21:25 - 2013-11-26 20:08 - 01363359 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-01 21:25 - 2013-07-15 16:51 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-01 21:24 - 2013-11-26 20:08 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-01 21:24 - 2013-08-22 16:46 - 00357124 _____ C:\WINDOWS\setupact.log
2015-07-01 21:24 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-01 21:23 - 2013-09-29 21:05 - 00216716 _____ C:\WINDOWS\PFRO.log
2015-07-01 21:23 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-07-01 21:04 - 2013-11-26 21:18 - 00003922 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A6EF7ABD-A2A8-4971-A471-E9D91CE51F45}
2015-07-01 21:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-01 20:52 - 2013-10-09 16:42 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-01 19:41 - 2013-10-01 16:09 - 00000000 ____D C:\Users\Leon\AppData\Local\Adobe
2015-07-01 19:39 - 2015-05-27 12:25 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-06-27 21:38 - 2014-12-29 22:28 - 00000000 __SHD C:\Users\Leon\AppData\Local\EmieBrowserModeList
2015-06-27 21:38 - 2014-08-17 15:47 - 00000000 ____D C:\Users\Leon\AppData\Roaming\vlc
2015-06-27 21:38 - 2014-05-28 15:18 - 00000000 __SHD C:\Users\Leon\AppData\Local\EmieUserList
2015-06-27 21:38 - 2014-05-28 15:18 - 00000000 __SHD C:\Users\Leon\AppData\Local\EmieSiteList
2015-06-27 21:01 - 2014-04-12 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-27 17:55 - 2014-05-13 15:41 - 00000000 ____D C:\Users\Leon\AppData\Roaming\UseNeXT
2015-06-27 17:54 - 2014-05-13 15:41 - 00000000 ____D C:\Users\Leon\Documents\UseNeXT
2015-06-27 17:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-24 15:48 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-24 14:47 - 2013-10-01 16:10 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-21 17:36 - 2013-12-19 19:29 - 00385536 ___SH C:\Users\Leon\Desktop\Thumbs.db
2015-06-20 05:02 - 2015-05-06 20:11 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-20 05:02 - 2015-05-06 20:11 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-17 15:56 - 2014-07-28 17:33 - 00000000 ____D C:\Users\Leon\AppData\Roaming\dvdcss
2015-06-15 22:15 - 2013-11-26 20:12 - 00000000 ____D C:\Users\Leon
2015-06-15 19:49 - 2014-12-11 18:42 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-15 19:49 - 2014-07-13 12:48 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-15 19:49 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-13 16:40 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-13 15:10 - 2013-08-22 16:44 - 05162592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-12 22:47 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-12 22:46 - 2013-08-28 18:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-12 22:41 - 2012-12-13 18:30 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-12 19:44 - 2013-12-18 17:13 - 00000000 ____D C:\ProgramData\Skype
2015-06-11 19:51 - 2013-09-30 06:14 - 01785582 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-11 19:51 - 2013-09-30 05:58 - 00767850 _____ C:\WINDOWS\system32\perfh007.dat
2015-06-11 19:51 - 2013-09-30 05:58 - 00160170 _____ C:\WINDOWS\system32\perfc007.dat

==================== Files in the root of some directories =======

2015-07-01 21:44 - 2015-07-01 21:44 - 0000024 _____ () C:\Users\Leon\AppData\Roaming\appdataFr25.bin
2014-08-25 17:32 - 2015-01-25 16:32 - 0000189 _____ () C:\Users\Leon\AppData\Roaming\WB.CFG
2013-04-23 16:37 - 2013-04-25 15:25 - 0004608 _____ () C:\Users\Leon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-04 17:32 - 2014-12-18 21:32 - 0000010 _____ () C:\Users\Leon\AppData\Local\DSI.DAT
2014-12-04 17:32 - 2014-12-04 17:32 - 0022528 _____ () C:\Users\Leon\AppData\Local\dsisetup2482016872.exe
2014-12-18 21:32 - 2014-12-18 21:32 - 0022528 _____ () C:\Users\Leon\AppData\Local\dsisetup6149092032.exe
2015-05-27 12:45 - 2015-05-27 12:45 - 0000000 _____ () C:\Users\Leon\AppData\Local\Temp.dat
2012-11-04 18:17 - 2012-11-04 19:32 - 0001511 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Leon\AppData\Local\Temp\1171.exe
C:\Users\Leon\AppData\Local\Temp\5650.exe
C:\Users\Leon\AppData\Local\Temp\8958.exe
C:\Users\Leon\AppData\Local\Temp\9413.exe
C:\Users\Leon\AppData\Local\Temp\fsd50AE.exe
C:\Users\Leon\AppData\Local\Temp\fsd9666.exe
C:\Users\Leon\AppData\Local\Temp\jue5F6.exe
C:\Users\Leon\AppData\Local\Temp\optprosetup.exe
C:\Users\Leon\AppData\Local\Temp\Quarantine.exe
C:\Users\Leon\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Leon\AppData\Local\Temp\sqlite3.dll
C:\Users\Leon\AppData\Local\Temp\Uninstall.exe
C:\Users\Leon\AppData\Local\Temp\UninstallModule.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-01 21:35

==================== End of log ============================

cosinus · 01.07.2015, 23:07

Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Scan klicken.

Leo98 · 12.07.2015, 11:39

[CODE]Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version:11-07-2015
Ran by Leon at 2015-07-12 12:38:55
Running from C:\Users\Leon\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2382863035-827234180-2916811482-500 - Administrator - Disabled)
Gast (S-1-5-21-2382863035-827234180-2916811482-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2382863035-827234180-2916811482-1006 - Limited - Enabled)
Leon (S-1-5-21-2382863035-827234180-2916811482-1001 - Administrator - Enabled) => C:\Users\Leon

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.2.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.0.465 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.2.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.2 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.2.0 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.4 - BlueJ Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Farming Simulator 2013 (HKLM-x32\...\Steam App 220260) (Version:  - Giants Software)
Free MP4 Video Converter version 5.0.45.716 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.45.716 - DVDVideoSoft Ltd.)
FreeCAD 0.15 - A free open source CAD system (HKLM-x32\...\FreeCAD 0.15) (Version: 0.15.4671 - Juergen Riegel)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 6000 E609 Series (HKLM\...\{B16A196A-B3C9-4C19-A968-59365071A39F}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Infonaut 1.10.0.14 (HKLM-x32\...\Infonaut_1.10.0.14) (Version: 1.10.0.14 - Infonaut) <==== ATTENTION
istartsurf uninstall (HKLM-x32\...\istartsurf uninstall) (Version:  - istartsurf) <==== ATTENTION
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Landwirtschafts Simulator 2013 Hagensted Modified 2013 MoreRealistic (HKLM-x32\...\{F09E06EB-D878-4E4E-9190-84E3C4C1DC27}_is1) (Version: Landwirtschafts Simulator 2013 Hagensted Modified 4.1.5 MoreRealistic - Black Panther Group)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710F4C1C-CC18-4C49-8CBF-51240C89A1A2}) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version:  - )
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 352.86 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
phase-6 2.3.4 (HKLM-x32\...\phase-6) (Version: 2.3.4 - phase-6)
Phoenix R/C® (HKLM-x32\...\PhoenixRC) (Version: 5.0.w - Runtime Games Ltd)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
Python 3.3.0 (HKLM-x32\...\{526b1417-92c1-3737-8247-4abc49ccc8e4}) (Version: 3.3.150 - Python Software Foundation)
Python 3.4.0 (HKLM-x32\...\{a37f2d73-72d1-364d-ba5d-cea430bcc040}) (Version: 3.4.150 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
SmartWeb (HKLM-x32\...\SmartWeb) (Version: 8.0.9 - SoftBrain Technologies Ltd.) <==== ATTENTION
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WD SmartWare (HKLM\...\{604CB4FC-3D32-405F-A109-165F170529B6}) (Version: 1.2.0.8 - Western Digital)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2382863035-827234180-2916811482-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Leon\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File

==================== Restore Points =========================

12-06-2015 20:26:20 Windows Update
21-06-2015 18:33:42 Geplanter Prüfpunkt
30-06-2015 21:11:12 Geplanter Prüfpunkt
12-07-2015 12:33:40 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-01-26 20:28 - 00000035 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01C299DB-AFC2-46DF-BB3F-A2B525A64596} - System32\Tasks\ACQUPTNI => C:\Users\Leon\AppData\Roaming\ACQUPTNI.exe <==== ATTENTION
Task: {08FD8D94-C398-49C1-AA51-733B384E259A} - System32\Tasks\{823F7D7D-FBED-45B8-A935-5DDD590C629B} => pcalua.exe -a F:\setup.exe -d F:\
Task: {0D8E31FB-D4D4-4446-BC6F-1BA95589E585} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated)
Task: {13463012-30B6-4247-BC02-37FE5C00DF48} - System32\Tasks\{CF902354-A649-4A7E-8190-4A65E8788D8E} => Chrome.exe hxxp://ui.skype.com/ui/0/6.18.0.105/de/go/help.faq.installer?LastError=1638
Task: {18FB32AA-E380-4F1A-A58B-18F6251C99DF} - System32\Tasks\tet3008 => C:\PROGRA~2\FASTSE~1\tet3008.exe
Task: {1C59BF04-615A-4B1A-87EC-51C410034FEC} - System32\Tasks\WordShark Auto Updater 1.10.0.19 Core => C:\Program Files (x86)\WordShark_1.10.0.19\Update\WordSharkAutoUpdateClient.exe <==== ATTENTION
Task: {33611046-8A30-4F36-A146-D93BDF4E2628} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3991A6EA-FEFD-402B-A879-67079AA75AC9} - System32\Tasks\WeddingWiz => c:\programdata\{75b40529-ff81-e21a-75b4-40529ff814a7}\8778777218675216938b.exe <==== ATTENTION
Task: {3C2BBD85-47BD-4854-9F5E-05FDFB4FBC3B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-12] (Microsoft Corporation)
Task: {40B89F98-CC97-4BE1-A22E-FAA00CF8DA0A} - System32\Tasks\{09F2AA2A-27B0-4CBC-A144-E8CF57EAF434} => pcalua.exe -a C:\Users\Leon\AppData\Roaming\omiga-plus\UninstallManager.exe -c  -ptid=pcs <==== ATTENTION
Task: {6C9F9837-99E9-4BB1-9256-0DF14358EA34} - System32\Tasks\{41A37D8F-AC88-4B51-83E1-6EE3A1645E1F} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.0.105/de/go/help.faq.installer?LastError=1638
Task: {7DE12135-AD60-43BB-BAAA-E49610CFA484} - System32\Tasks\WordShark Auto Updater 1.10.0.19 Pending Update => C:\Program Files (x86)\WordShark_1.10.0.19\Update\WordSharkAutoUpdateClient.exe <==== ATTENTION
Task: {8BF9C88E-B3B1-4B31-A4BF-C113BFFADF55} - \SPBIW_UpdateTask_Time_333132343334353538382d3755556c415a505757414a34 No Task File <==== ATTENTION
Task: {983C2AD4-693E-4541-B5F0-6613FD1F3B8B} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)
Task: {C65826B8-E311-49F8-BE15-12ACA0203B9A} - System32\Tasks\{2F9E877F-B4D9-4267-B25B-0CA46AD9EE8D} => pcalua.exe -a "C:\Program Files (x86)\Wajam\uninstall.exe"
Task: {CF8CA595-F4C4-488A-B1BF-21D3678AA0FC} - System32\Tasks\{385F51D0-3B19-4913-88F1-85B409FAD9D8} => Chrome.exe hxxp://ui.skype.com/ui/0/6.18.0.106/de/go/help.faq.installer?source=lightinstaller&amp;LastError=1638
Task: {F592366E-7B59-4CAC-9D18-9F35DF4847ED} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-zihangl@hotmail.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {FB9E6523-1996-4EF3-BBEE-D53F54B393A6} - System32\Tasks\{F659F721-3DBD-4186-AFA6-06C5F2084EEB} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.0.105/de/go/help.faq.installer?LastError=1638
Task: {FBB214C2-16EF-4B61-A9D5-ED94A382D2C6} - System32\Tasks\{0B169B13-5F71-4518-A9DE-5A3487767D32} => pcalua.exe -a C:\PROGRA~3\TARMAI~1\{889DF~1\Setup.exe -c /remove /q0
Task: {FDBDF7B0-2609-48F0-A698-C8DD913EB657} - System32\Tasks\{D07C67D3-9738-44A2-9444-502EA9E813F3} => pcalua.exe -a C:\Users\Leon\AppData\Roaming\istartsurf\UninstallManager.exe -c  -ptid=face
Task: C:\WINDOWS\Tasks\ACQUPTNI.job => C:\Users\Leon\AppData\Roaming\ACQUPTNI.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\WeddingWiz.job => c:\programdata\{75b40529-ff81-e21a-75b4-40529ff814a7}\8778777218675216938b.exe <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2015-07-01 19:11 - 2015-07-01 19:11 - 00215552 _____ () C:\Users\Leon\AppData\Roaming\00000000-1427290565-0000-0000-8C89A57CCF91\knslB78C.tmp
2015-03-25 15:36 - 2015-03-25 15:36 - 00151552 _____ () C:\Users\Leon\AppData\Roaming\00000000-1427290565-0000-0000-8C89A57CCF91\jnspAA3E.tmp
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-19 16:57 - 2014-12-19 16:57 - 01039008 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-12-19 16:57 - 2014-12-19 16:57 - 05979808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-07 22:27 - 2015-01-07 22:27 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2015-06-11 19:51 - 2015-06-05 20:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-11 19:51 - 2015-06-05 20:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
2015-06-11 19:51 - 2015-06-05 20:22 - 15003464 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\Users\Leon\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Leon\SkyDrive.old:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2382863035-827234180-2916811482-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Leon\Pictures\Von Leon Phone\Eigene Aufnahmen\star_wars_fiction_planet-wallpaper-1920x1080.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{356EF6F9-6608-420D-A211-568AA96063C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{B58B5C66-E57E-4908-A141-42FF45B64E2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{BB65198B-805A-4096-BF3D-EE38572C6859}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{95017594-A92F-49FB-9509-7861CCD4D9B2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{4F4D61EA-125A-464A-BB85-3B48D969794C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{9B684E05-06A9-494A-8A44-280BD664DF30}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{C554B0CC-2501-4975-8907-BD7A59397AEF}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Windows Migration Assistant\MigrationAssistant.exe
FirewallRules: [{789A75E4-D6A3-488C-A219-41CE9D9841BB}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Windows Migration Assistant\MigrationAssistant.exe
FirewallRules: [UDP Query User{0B900D45-43DF-409C-BBF6-62CE8D17BA7F}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{D154F55D-606F-48FF-8F32-6A834EAAEFF3}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{9491403C-B54E-41ED-9620-1CB022B98C06}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{654908AA-035F-49CB-8C76-E76EBA1AE52E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{3D7719F2-0BBC-40B1-BFC7-49E8280B604B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{0CF041A8-6160-453F-B015-2F4ACC641AB2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{1E7F5FFA-2155-4932-8B18-55F0CED88339}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{ADDCB91B-94ED-4134-85B2-1BB30F11B4BA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{CD1B061B-DC28-4EAB-B56D-7AF202A20A2C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{D2F252F7-AEF9-4A84-B86D-9B5D12055586}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{5CCFFA36-83A8-4D08-9C34-007E96EDD096}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{CE571066-974C-487C-970A-8C0C869EA8DB}] => (Allow) C:\Users\Leon\AppData\Local\Temp\7zS7066\setup\hpznui40.exe
FirewallRules: [{FA83AC9F-8188-4005-AB2C-51834BB99336}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{43D427C2-5121-49A1-BC36-FA66B8AD66F6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0A29EDE9-7F9C-4DC6-8B57-B58D31D1832D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4CFF07FA-C2DA-47F1-B17F-1B7602508324}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D9AD0DD2-2422-4768-ACD0-46DFEB004A87}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{2C5A48F5-82C5-4826-AF19-971870DE2990}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{2ACAEFB2-1119-4A74-8263-52C00AF70C71}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{826E0F0E-62B0-4E02-8620-8A8F3D65EF2B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{52D3CD5E-B195-4393-BEF2-8C9979C9D7E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{35F34E12-4D9C-44C6-B09D-D2413445097B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{C468925C-1C01-4995-9D88-38F9E82A6DE4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{EEC2226D-1367-467B-99BE-CB6EF2EEF599}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{4656F860-56FE-4716-B744-6C5873C46867}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{54607361-6B99-4EAA-8622-7909600D028A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{A849DFCB-4234-48C5-97F0-4135A71CC01A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D8C8E179-068D-4715-94CF-4867C1EB057F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{1D722400-A7B8-479D-A2CF-1E57B02D0435}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{0364D27C-D551-4DD2-A2E8-B1246D8A3854}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D83AF453-E117-4E88-A834-9A0D44411348}] => (Block) %ProgramFiles%\Adobe\Adobe Premiere Pro CC\Adobe Premiere Pro.exe
FirewallRules: [TCP Query User{3F46B805-CE45-404D-85F1-BCE22C704198}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [UDP Query User{40D039D6-057D-4801-9A66-9812B7F7F32D}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [{7B1C3D3B-2966-43E6-BB00-4576B2182095}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C5B7CD81-58BF-49D6-BBE1-2B4068DE6BBB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DD964D3E-0909-4A46-8493-85C5605C9C9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{6B86A981-F149-4C7D-AF89-D7EA8E3D2362}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{CEA183ED-4935-41A2-B5A0-FB0993158400}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{10030CAB-E70D-45C8-943E-1E24B49CCECB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{1B1D99BF-7DE2-4ADD-87A0-41A16BA29321}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{865372F5-B5D0-42BC-9765-8A14F73ACF1F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{AB9990EF-CD7A-47C4-BB9F-177EAA211D0F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{12607D76-AB00-4BF9-879C-317628AF11D9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{26C8D775-609E-4A8D-8DDF-C9300B2E8269}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{2B592EC3-471F-4DA2-BE2D-AA5444483CDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{41086246-1DFD-452D-BA89-063EB416C7FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CD29C4B2-154A-405C-9CD9-97CF49F04D6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BCE6F531-6552-4083-AC42-26D6D19DCD0D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{EC63A99F-8B77-4357-81DA-129C662EC55D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{FB74311C-976E-4DB5-90A7-E641429B33A7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{A889303E-1BEE-4FD2-9B92-7226EEB89EAF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [TCP Query User{09FB3544-9D43-49E7-9D25-7E97464B3277}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{23314F1C-F859-490A-B7BD-4BCFE770A9C2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{43C62960-AC73-40A8-89DF-1571D27E78AD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{79E39708-D1E2-45AE-9E7F-818FE1E62EF9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AB7ADEB0-9A17-497B-AB67-7BECD8ACA877}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{12AA050A-C819-447F-80A6-2050A14D9C4B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{B7BD5375-6176-4B3A-9302-E16579E14FC1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{04CEC8D5-FC26-4126-9A14-4565296BFC49}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CAA77D42-41E7-4818-85BF-C80C05B5E1B3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{115A1154-AD46-401A-B409-7B73D7ACF82F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{294D328A-1805-41B3-90B8-31D216C67DD2}C:\program files (x86)\bluej\jdk\jre\bin\java.exe] => (Allow) C:\program files (x86)\bluej\jdk\jre\bin\java.exe
FirewallRules: [UDP Query User{49F324D8-11A4-4C2C-B822-AD45BEAD9AC2}C:\program files (x86)\bluej\jdk\jre\bin\java.exe] => (Allow) C:\program files (x86)\bluej\jdk\jre\bin\java.exe
FirewallRules: [{D5FC304A-4ED9-44AA-96E8-686B4E335D83}] => (Block) C:\program files (x86)\bluej\jdk\jre\bin\java.exe
FirewallRules: [{2A71F0A9-D1BF-4DA6-9441-444137CE2069}] => (Block) C:\program files (x86)\bluej\jdk\jre\bin\java.exe
FirewallRules: [{DA3DA8C8-1211-4429-A5DF-A35783F9D6F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{F128B0D3-CC38-4DED-B0CA-F25301B66A40}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{040B521B-E004-43A9-AAE6-1047A71158B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{410843EB-B7DE-425E-AADD-2D7D2EB90FAC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{94C9606C-426F-40A7-80B2-84E4315A9684}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{B1CE8C80-5D40-4549-964D-F9241E3E5C35}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{AACB3D4E-0965-46B2-A98E-9F6C9EC23A28}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5E600DF6-2B30-4F0C-893A-7FE9B1B0FF1D}] => (Allow) C:\Program Files (x86)\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{63418954-619D-4648-A00B-85BE70E7AD4B}] => (Allow) C:\Program Files (x86)\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{FC71F779-33A7-4ACA-AE64-E7AA48180C67}] => (Allow) C:\Program Files (x86)\PhoenixRC\phoenixRC.exe
FirewallRules: [{8D294C7E-43F4-4598-BE1F-3A8521C1C1E1}] => (Allow) C:\Program Files (x86)\PhoenixRC\phoenixRC.exe
FirewallRules: [TCP Query User{C554F61C-5F2D-4296-BBBC-1466DC2829D8}C:\program files (x86)\phoenixrc\simulator.exe] => (Allow) C:\program files (x86)\phoenixrc\simulator.exe
FirewallRules: [UDP Query User{F44A46DE-4FE1-4639-A192-8698C764DE70}C:\program files (x86)\phoenixrc\simulator.exe] => (Allow) C:\program files (x86)\phoenixrc\simulator.exe
FirewallRules: [{EA168274-8B7D-4C0D-A6B9-7A0498C4E21A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/12/2015 12:34:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service WS 1.10.0.19 Client Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/12/2015 12:34:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Boot Up Match since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/12/2015 12:34:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Router Restricted Access since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/12/2015 12:34:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary wsfd_1_10_0_19.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/01/2015 09:40:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 19a0

Startzeit: 01d0b435057fce67

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe

Berichts-ID: f95c92f1-2028-11e5-bedc-8c89a57ccf91

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (07/01/2015 09:24:37 PM) (Source: WDSmartWareBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args)

Error: (07/01/2015 09:19:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DsmSvc, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000006ae246b400
ID des fehlerhaften Prozesses: 0x138
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DsmSvc0
Pfad der fehlerhaften Anwendung: svchost.exe_DsmSvc1
Pfad des fehlerhaften Moduls: svchost.exe_DsmSvc2
Berichtskennung: svchost.exe_DsmSvc3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_DsmSvc4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_DsmSvc5

Error: (07/01/2015 08:55:48 PM) (Source: WDSmartWareBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args)

Error: (07/01/2015 08:53:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DiagTrack, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc000000d
Fehleroffset: 0x0000000000101e60
ID des fehlerhaften Prozesses: 0x680
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DiagTrack0
Pfad der fehlerhaften Anwendung: svchost.exe_DiagTrack1
Pfad des fehlerhaften Moduls: svchost.exe_DiagTrack2
Berichtskennung: svchost.exe_DiagTrack3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_DiagTrack4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_DiagTrack5

Error: (07/01/2015 07:52:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20905 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: fb0

Startzeit: 01d0b424eee5b813

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20905_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: f0167bf4-2019-11e5-beda-8c89a57ccf91

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20905_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1


System errors:
=============
Error: (07/01/2015 09:41:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/01/2015 09:41:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/01/2015 09:41:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/01/2015 09:41:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/01/2015 09:41:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LogMeIn Hamachi Tunneling Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/01/2015 09:41:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WD SmartWare Background Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/01/2015 09:41:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WD SmartWare Drive Manager Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/01/2015 09:41:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/01/2015 09:41:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/01/2015 09:41:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (07/12/2015 12:34:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service WS 1.10.0.19 Client Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (07/12/2015 12:34:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service Boot Up Match since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (07/12/2015 12:34:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service Router Restricted Access since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (07/12/2015 12:34:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary wsfd_1_10_0_19.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (07/01/2015 09:40:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.1741519a001d0b435057fce674294967295C:\WINDOWS\syswow64\wwahost.exef95c92f1-2028-11e5-bedc-8c89a57ccf91Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5cApp

Error: (07/01/2015 09:24:37 PM) (Source: WDSmartWareBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args)

Error: (07/01/2015 09:19:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DsmSvc6.3.9600.1741554504177unknown0.0.0.000000000c00000050000006ae246b40013801d0b42f80ee1790C:\WINDOWS\system32\svchost.exeunknown1f83bc45-2026-11e5-bedb-8c89a57ccf91

Error: (07/01/2015 08:55:48 PM) (Source: WDSmartWareBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args)

Error: (07/01/2015 08:53:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c000000d0000000000101e6068001d0b36da9f1d0d4C:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dll7a0b05c2-2022-11e5-beda-8c89a57ccf91

Error: (07/01/2015 07:52:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20905fb001d0b424eee5b8134294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20905_x64__8wekyb3d8bbwe\LiveComm.exef0167bf4-2019-11e5-beda-8c89a57ccf91microsoft.windowscommunicationsapps_17.5.9600.20905_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1


CodeIntegrity Errors:
===================================
  Date: 2015-07-12 12:23:49.986
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-12 12:23:49.829
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-01 21:43:05.754
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-01 21:43:05.613
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-01 21:42:03.023
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-01 21:42:02.851
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-01 21:12:49.638
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\abengine64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-01 21:12:49.498
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\abengine64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-06-30 21:00:38.477
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-06-30 21:00:38.321
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Percentage of memory in use: 64%
Total physical RAM: 4077.64 MB
Available physical RAM: 1460.52 MB
Total Virtual: 5677.64 MB
Available Virtual: 2933.02 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:1811.92 GB) (Free:1349.05 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:25.83 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1811.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End of log ============================

--- --- ---

cosinus · 12.07.2015, 16:39

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

globalupdate Helper

Infonaut 1.10.0.14

istartsurf uninstall

SmartWeb
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Leo98 · 13.07.2015, 14:42

globalupdate Helper wurde vom Programm nicht gefunden der Rest wurde erfolgreich entfernt!

cosinus · 13.07.2015, 15:06

Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken

Leo98 · 13.07.2015, 15:10

[CODE]Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version:12-07-2015
Ran by Leon at 2015-07-13 16:09:05
Running from C:\Users\Leon\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2382863035-827234180-2916811482-500 - Administrator - Disabled)
Gast (S-1-5-21-2382863035-827234180-2916811482-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2382863035-827234180-2916811482-1006 - Limited - Enabled)
Leon (S-1-5-21-2382863035-827234180-2916811482-1001 - Administrator - Enabled) => C:\Users\Leon

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.2.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.0.465 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.191 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.2.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.2 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.2.0 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.4 - BlueJ Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Farming Simulator 2013 (HKLM-x32\...\Steam App 220260) (Version:  - Giants Software)
Free MP4 Video Converter version 5.0.45.716 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.45.716 - DVDVideoSoft Ltd.)
FreeCAD 0.15 - A free open source CAD system (HKLM-x32\...\FreeCAD 0.15) (Version: 0.15.4671 - Juergen Riegel)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 6000 E609 Series (HKLM\...\{B16A196A-B3C9-4C19-A968-59365071A39F}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Landwirtschafts Simulator 2013 Hagensted Modified 2013 MoreRealistic (HKLM-x32\...\{F09E06EB-D878-4E4E-9190-84E3C4C1DC27}_is1) (Version: Landwirtschafts Simulator 2013 Hagensted Modified 4.1.5 MoreRealistic - Black Panther Group)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710F4C1C-CC18-4C49-8CBF-51240C89A1A2}) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version:  - )
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 352.86 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
phase-6 2.3.4 (HKLM-x32\...\phase-6) (Version: 2.3.4 - phase-6)
Phoenix R/C® (HKLM-x32\...\PhoenixRC) (Version: 5.0.w - Runtime Games Ltd)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
Python 3.3.0 (HKLM-x32\...\{526b1417-92c1-3737-8247-4abc49ccc8e4}) (Version: 3.3.150 - Python Software Foundation)
Python 3.4.0 (HKLM-x32\...\{a37f2d73-72d1-364d-ba5d-cea430bcc040}) (Version: 3.4.150 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WD SmartWare (HKLM\...\{604CB4FC-3D32-405F-A109-165F170529B6}) (Version: 1.2.0.8 - Western Digital)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2382863035-827234180-2916811482-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Leon\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File

==================== Restore Points =========================

21-06-2015 18:33:42 Geplanter Prüfpunkt
30-06-2015 21:11:12 Geplanter Prüfpunkt
12-07-2015 12:33:40 Windows Update
13-07-2015 15:36:42 Revo Uninstaller's restore point - Infonaut 1.10.0.14

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-01-26 20:28 - 00000035 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01C299DB-AFC2-46DF-BB3F-A2B525A64596} - System32\Tasks\ACQUPTNI => C:\Users\Leon\AppData\Roaming\ACQUPTNI.exe <==== ATTENTION
Task: {08FD8D94-C398-49C1-AA51-733B384E259A} - System32\Tasks\{823F7D7D-FBED-45B8-A935-5DDD590C629B} => pcalua.exe -a F:\setup.exe -d F:\
Task: {0D8E31FB-D4D4-4446-BC6F-1BA95589E585} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-12] (Adobe Systems Incorporated)
Task: {13463012-30B6-4247-BC02-37FE5C00DF48} - System32\Tasks\{CF902354-A649-4A7E-8190-4A65E8788D8E} => Chrome.exe hxxp://ui.skype.com/ui/0/6.18.0.105/de/go/help.faq.installer?LastError=1638
Task: {18FB32AA-E380-4F1A-A58B-18F6251C99DF} - System32\Tasks\tet3008 => C:\PROGRA~2\FASTSE~1\tet3008.exe
Task: {1C59BF04-615A-4B1A-87EC-51C410034FEC} - System32\Tasks\WordShark Auto Updater 1.10.0.19 Core => C:\Program Files (x86)\WordShark_1.10.0.19\Update\WordSharkAutoUpdateClient.exe <==== ATTENTION
Task: {33611046-8A30-4F36-A146-D93BDF4E2628} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3991A6EA-FEFD-402B-A879-67079AA75AC9} - System32\Tasks\WeddingWiz => c:\programdata\{75b40529-ff81-e21a-75b4-40529ff814a7}\8778777218675216938b.exe <==== ATTENTION
Task: {40B89F98-CC97-4BE1-A22E-FAA00CF8DA0A} - System32\Tasks\{09F2AA2A-27B0-4CBC-A144-E8CF57EAF434} => pcalua.exe -a C:\Users\Leon\AppData\Roaming\omiga-plus\UninstallManager.exe -c  -ptid=pcs <==== ATTENTION
Task: {6C9F9837-99E9-4BB1-9256-0DF14358EA34} - System32\Tasks\{41A37D8F-AC88-4B51-83E1-6EE3A1645E1F} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.0.105/de/go/help.faq.installer?LastError=1638
Task: {7DE12135-AD60-43BB-BAAA-E49610CFA484} - System32\Tasks\WordShark Auto Updater 1.10.0.19 Pending Update => C:\Program Files (x86)\WordShark_1.10.0.19\Update\WordSharkAutoUpdateClient.exe <==== ATTENTION
Task: {8BF9C88E-B3B1-4B31-A4BF-C113BFFADF55} - \SPBIW_UpdateTask_Time_333132343334353538382d3755556c415a505757414a34 No Task File <==== ATTENTION
Task: {917511A2-9EB5-4C7A-8BF6-0C32F3CCD1D0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-12] (Microsoft Corporation)
Task: {983C2AD4-693E-4541-B5F0-6613FD1F3B8B} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)
Task: {C65826B8-E311-49F8-BE15-12ACA0203B9A} - System32\Tasks\{2F9E877F-B4D9-4267-B25B-0CA46AD9EE8D} => pcalua.exe -a "C:\Program Files (x86)\Wajam\uninstall.exe"
Task: {CF8CA595-F4C4-488A-B1BF-21D3678AA0FC} - System32\Tasks\{385F51D0-3B19-4913-88F1-85B409FAD9D8} => Chrome.exe hxxp://ui.skype.com/ui/0/6.18.0.106/de/go/help.faq.installer?source=lightinstaller&amp;LastError=1638
Task: {F592366E-7B59-4CAC-9D18-9F35DF4847ED} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-zihangl@hotmail.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {FB9E6523-1996-4EF3-BBEE-D53F54B393A6} - System32\Tasks\{F659F721-3DBD-4186-AFA6-06C5F2084EEB} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.0.105/de/go/help.faq.installer?LastError=1638
Task: {FBB214C2-16EF-4B61-A9D5-ED94A382D2C6} - System32\Tasks\{0B169B13-5F71-4518-A9DE-5A3487767D32} => pcalua.exe -a C:\PROGRA~3\TARMAI~1\{889DF~1\Setup.exe -c /remove /q0
Task: {FDBDF7B0-2609-48F0-A698-C8DD913EB657} - System32\Tasks\{D07C67D3-9738-44A2-9444-502EA9E813F3} => pcalua.exe -a C:\Users\Leon\AppData\Roaming\istartsurf\UninstallManager.exe -c  -ptid=face

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\ACQUPTNI.job => C:\Users\Leon\AppData\Roaming\ACQUPTNI.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\WeddingWiz.job => c:\programdata\{75b40529-ff81-e21a-75b4-40529ff814a7}\8778777218675216938b.exe <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2015-07-01 19:11 - 2015-07-01 19:11 - 00215552 _____ () C:\Users\Leon\AppData\Roaming\00000000-1427290565-0000-0000-8C89A57CCF91\knslB78C.tmp
2015-03-25 15:36 - 2015-03-25 15:36 - 00151552 _____ () C:\Users\Leon\AppData\Roaming\00000000-1427290565-0000-0000-8C89A57CCF91\jnspAA3E.tmp
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-19 16:57 - 2014-12-19 16:57 - 01039008 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-12-19 16:57 - 2014-12-19 16:57 - 05979808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-07-30 11:38 - 2014-07-30 11:38 - 00121363 _____ () C:\Program Files\VideoLAN\VLC\libvlc.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 02524691 _____ () C:\Program Files\VideoLAN\VLC\libvlccore.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00713235 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00031251 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00034323 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00070163 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 02376211 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00106515 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00263699 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00080915 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00051219 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00063507 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00608275 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 01022995 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00125459 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00043539 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017427 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00140307 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 02218003 _____ () C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00318995 _____ () C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 01470995 _____ () C:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00058387 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00043027 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00190995 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00091667 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00071187 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libasf_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00081939 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00028179 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libes_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 12501523 _____ () C:\Program Files\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00085523 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00018963 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libtta_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00025619 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00024595 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libwav_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 01261075 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libsid_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00126483 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00152595 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libogg_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 01739283 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00039955 _____ () C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017427 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_cdg_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00079891 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libvobsub_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00019987 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_stl_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00091155 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libsubtitle_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00341011 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00021523 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 01505811 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00023059 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00330771 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00417811 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00230931 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00029715 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00019475 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 01745427 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00192019 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00025619 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00833555 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00022035 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00031763 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00218643 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00023059 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00023059 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 11244051 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 01673235 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libzvbi_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00035859 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libscte27_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00122899 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libkate_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00051731 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libsubsdec_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00857107 _____ () C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00040467 _____ () C:\Program Files\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00028179 _____ () C:\Program Files\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00701459 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00121875 _____ () C:\Program Files\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00032787 _____ () C:\Program Files\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00024083 _____ () C:\Program Files\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00057363 _____ () C:\Program Files\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00023059 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00019475 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00038419 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00024083 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00027667 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00023059 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00018451 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00018451 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017427 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00072211 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017427 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00023059 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00139795 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00186387 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00081939 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 01506835 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00025619 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00016915 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017939 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017939 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00017427 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00018963 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2014-07-30 11:38 - 2014-07-30 11:38 - 00029715 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
2013-07-01 08:20 - 2015-04-16 19:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 18:41 - 2015-04-23 04:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-05-22 18:34 - 2015-06-04 20:56 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-20 18:41 - 2015-04-23 04:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 18:41 - 2015-04-23 04:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-08-29 19:16 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 19:16 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 19:16 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 19:16 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 19:16 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-07-09 17:56 - 2015-06-04 20:56 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-07 22:27 - 2015-01-07 22:27 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2013-07-09 13:45 - 2015-05-11 21:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-06-11 19:51 - 2015-06-05 20:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-11 19:51 - 2015-06-05 20:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
2015-06-11 19:51 - 2015-06-05 20:22 - 15003464 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\Users\Leon\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Leon\SkyDrive.old:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2382863035-827234180-2916811482-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Leon\Pictures\Von Leon Phone\Eigene Aufnahmen\star_wars_fiction_planet-wallpaper-1920x1080.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{356EF6F9-6608-420D-A211-568AA96063C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{B58B5C66-E57E-4908-A141-42FF45B64E2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{BB65198B-805A-4096-BF3D-EE38572C6859}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{95017594-A92F-49FB-9509-7861CCD4D9B2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{4F4D61EA-125A-464A-BB85-3B48D969794C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{9B684E05-06A9-494A-8A44-280BD664DF30}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{C554B0CC-2501-4975-8907-BD7A59397AEF}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Windows Migration Assistant\MigrationAssistant.exe
FirewallRules: [{789A75E4-D6A3-488C-A219-41CE9D9841BB}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Windows Migration Assistant\MigrationAssistant.exe
FirewallRules: [UDP Query User{0B900D45-43DF-409C-BBF6-62CE8D17BA7F}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{D154F55D-606F-48FF-8F32-6A834EAAEFF3}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{9491403C-B54E-41ED-9620-1CB022B98C06}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{654908AA-035F-49CB-8C76-E76EBA1AE52E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{3D7719F2-0BBC-40B1-BFC7-49E8280B604B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{0CF041A8-6160-453F-B015-2F4ACC641AB2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{1E7F5FFA-2155-4932-8B18-55F0CED88339}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{ADDCB91B-94ED-4134-85B2-1BB30F11B4BA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{CD1B061B-DC28-4EAB-B56D-7AF202A20A2C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{D2F252F7-AEF9-4A84-B86D-9B5D12055586}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{5CCFFA36-83A8-4D08-9C34-007E96EDD096}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{CE571066-974C-487C-970A-8C0C869EA8DB}] => (Allow) C:\Users\Leon\AppData\Local\Temp\7zS7066\setup\hpznui40.exe
FirewallRules: [{FA83AC9F-8188-4005-AB2C-51834BB99336}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{43D427C2-5121-49A1-BC36-FA66B8AD66F6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0A29EDE9-7F9C-4DC6-8B57-B58D31D1832D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4CFF07FA-C2DA-47F1-B17F-1B7602508324}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D9AD0DD2-2422-4768-ACD0-46DFEB004A87}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{2C5A48F5-82C5-4826-AF19-971870DE2990}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{2ACAEFB2-1119-4A74-8263-52C00AF70C71}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{826E0F0E-62B0-4E02-8620-8A8F3D65EF2B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{52D3CD5E-B195-4393-BEF2-8C9979C9D7E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{35F34E12-4D9C-44C6-B09D-D2413445097B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{C468925C-1C01-4995-9D88-38F9E82A6DE4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{EEC2226D-1367-467B-99BE-CB6EF2EEF599}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{4656F860-56FE-4716-B744-6C5873C46867}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{54607361-6B99-4EAA-8622-7909600D028A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{A849DFCB-4234-48C5-97F0-4135A71CC01A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D8C8E179-068D-4715-94CF-4867C1EB057F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{1D722400-A7B8-479D-A2CF-1E57B02D0435}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{0364D27C-D551-4DD2-A2E8-B1246D8A3854}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D83AF453-E117-4E88-A834-9A0D44411348}] => (Block) %ProgramFiles%\Adobe\Adobe Premiere Pro CC\Adobe Premiere Pro.exe
FirewallRules: [TCP Query User{3F46B805-CE45-404D-85F1-BCE22C704198}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [UDP Query User{40D039D6-057D-4801-9A66-9812B7F7F32D}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [{7B1C3D3B-2966-43E6-BB00-4576B2182095}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C5B7CD81-58BF-49D6-BBE1-2B4068DE6BBB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DD964D3E-0909-4A46-8493-85C5605C9C9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{6B86A981-F149-4C7D-AF89-D7EA8E3D2362}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{CEA183ED-4935-41A2-B5A0-FB0993158400}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{10030CAB-E70D-45C8-943E-1E24B49CCECB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{1B1D99BF-7DE2-4ADD-87A0-41A16BA29321}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{865372F5-B5D0-42BC-9765-8A14F73ACF1F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{AB9990EF-CD7A-47C4-BB9F-177EAA211D0F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{12607D76-AB00-4BF9-879C-317628AF11D9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{26C8D775-609E-4A8D-8DDF-C9300B2E8269}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{2B592EC3-471F-4DA2-BE2D-AA5444483CDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{41086246-1DFD-452D-BA89-063EB416C7FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CD29C4B2-154A-405C-9CD9-97CF49F04D6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BCE6F531-6552-4083-AC42-26D6D19DCD0D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{EC63A99F-8B77-4357-81DA-129C662EC55D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{FB74311C-976E-4DB5-90A7-E641429B33A7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{A889303E-1BEE-4FD2-9B92-7226EEB89EAF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [TCP Query User{09FB3544-9D43-49E7-9D25-7E97464B3277}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{23314F1C-F859-490A-B7BD-4BCFE770A9C2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{43C62960-AC73-40A8-89DF-1571D27E78AD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{79E39708-D1E2-45AE-9E7F-818FE1E62EF9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AB7ADEB0-9A17-497B-AB67-7BECD8ACA877}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{12AA050A-C819-447F-80A6-2050A14D9C4B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{B7BD5375-6176-4B3A-9302-E16579E14FC1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{04CEC8D5-FC26-4126-9A14-4565296BFC49}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CAA77D42-41E7-4818-85BF-C80C05B5E1B3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{115A1154-AD46-401A-B409-7B73D7ACF82F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{294D328A-1805-41B3-90B8-31D216C67DD2}C:\program files (x86)\bluej\jdk\jre\bin\java.exe] => (Allow) C:\program files (x86)\bluej\jdk\jre\bin\java.exe
FirewallRules: [UDP Query User{49F324D8-11A4-4C2C-B822-AD45BEAD9AC2}C:\program files (x86)\bluej\jdk\jre\bin\java.exe] => (Allow) C:\program files (x86)\bluej\jdk\jre\bin\java.exe
FirewallRules: [{D5FC304A-4ED9-44AA-96E8-686B4E335D83}] => (Block) C:\program files (x86)\bluej\jdk\jre\bin\java.exe
FirewallRules: [{2A71F0A9-D1BF-4DA6-9441-444137CE2069}] => (Block) C:\program files (x86)\bluej\jdk\jre\bin\java.exe
FirewallRules: [{DA3DA8C8-1211-4429-A5DF-A35783F9D6F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{F128B0D3-CC38-4DED-B0CA-F25301B66A40}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{040B521B-E004-43A9-AAE6-1047A71158B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{410843EB-B7DE-425E-AADD-2D7D2EB90FAC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{94C9606C-426F-40A7-80B2-84E4315A9684}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{B1CE8C80-5D40-4549-964D-F9241E3E5C35}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{AACB3D4E-0965-46B2-A98E-9F6C9EC23A28}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5E600DF6-2B30-4F0C-893A-7FE9B1B0FF1D}] => (Allow) C:\Program Files (x86)\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{63418954-619D-4648-A00B-85BE70E7AD4B}] => (Allow) C:\Program Files (x86)\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{FC71F779-33A7-4ACA-AE64-E7AA48180C67}] => (Allow) C:\Program Files (x86)\PhoenixRC\phoenixRC.exe
FirewallRules: [{8D294C7E-43F4-4598-BE1F-3A8521C1C1E1}] => (Allow) C:\Program Files (x86)\PhoenixRC\phoenixRC.exe
FirewallRules: [TCP Query User{C554F61C-5F2D-4296-BBBC-1466DC2829D8}C:\program files (x86)\phoenixrc\simulator.exe] => (Allow) C:\program files (x86)\phoenixrc\simulator.exe
FirewallRules: [UDP Query User{F44A46DE-4FE1-4639-A192-8698C764DE70}C:\program files (x86)\phoenixrc\simulator.exe] => (Allow) C:\program files (x86)\phoenixrc\simulator.exe
FirewallRules: [{EA168274-8B7D-4C0D-A6B9-7A0498C4E21A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/13/2015 03:45:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005473b
ID des fehlerhaften Prozesses: 0x11d8
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (07/13/2015 03:39:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1688

Startzeit: 01d0bd6ff0cc13ba

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 9df602fe-2964-11e5-bedc-8c89a57ccf91

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (07/13/2015 03:37:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service WS 1.10.0.19 Client Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/13/2015 03:37:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Boot Up Match since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/13/2015 03:37:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Router Restricted Access since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/13/2015 03:37:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary wsfd_1_10_0_19.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/12/2015 04:37:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: c94

Startzeit: 01d0bcaee4d337cb

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 8b595bb4-28a3-11e5-bedc-8c89a57ccf91

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (07/12/2015 01:45:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005473b
ID des fehlerhaften Prozesses: 0xd0c
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (07/12/2015 12:40:19 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (07/12/2015 12:34:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service WS 1.10.0.19 Client Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.


System errors:
=============
Error: (07/01/2015 09:41:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/01/2015 09:41:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/01/2015 09:41:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/01/2015 09:41:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/01/2015 09:41:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LogMeIn Hamachi Tunneling Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/01/2015 09:41:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WD SmartWare Background Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/01/2015 09:41:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WD SmartWare Drive Manager Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/01/2015 09:41:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/01/2015 09:41:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/01/2015 09:41:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (07/13/2015 03:45:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.3.9600.17736550f4336c0000005000000000005473b11d801d0bd721b015d43C:\Program Files\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\ntdll.dll6a5b27b4-2965-11e5-bedc-8c89a57ccf91

Error: (07/13/2015 03:39:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20911168801d0bd6ff0cc13ba4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe9df602fe-2964-11e5-bedc-8c89a57ccf91microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (07/13/2015 03:37:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service WS 1.10.0.19 Client Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (07/13/2015 03:37:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service Boot Up Match since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (07/13/2015 03:37:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service Router Restricted Access since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (07/13/2015 03:37:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary wsfd_1_10_0_19.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (07/12/2015 04:37:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20911c9401d0bcaee4d337cb4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe8b595bb4-28a3-11e5-bedc-8c89a57ccf91microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (07/12/2015 01:45:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.3.9600.17736550f4336c0000005000000000005473bd0c01d0bc9810a1b551C:\Program Files\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\ntdll.dll7058cc51-288b-11e5-bedc-8c89a57ccf91

Error: (07/12/2015 12:40:19 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: -2147024883

Error: (07/12/2015 12:34:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service WS 1.10.0.19 Client Service since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.


CodeIntegrity Errors:
===================================
  Date: 2015-07-13 15:45:09.108
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-13 15:45:08.922
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-12 12:23:49.986
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-12 12:23:49.829
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-01 21:43:05.754
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-01 21:43:05.613
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-01 21:42:03.023
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-01 21:42:02.851
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-01 21:12:49.638
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\abengine64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-01 21:12:49.498
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\abengine64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Percentage of memory in use: 66%
Total physical RAM: 4077.64 MB
Available physical RAM: 1357.26 MB
Total Virtual: 5677.64 MB
Available Virtual: 2649.58 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:1811.92 GB) (Free:1341.72 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:25.83 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1811.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End of log ============================

--- --- ---

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-07-2015
Ran by Leon (administrator) on LEON-PC on 13-07-2015 16:07:58
Running from C:\Users\Leon\Desktop
Loaded Profiles: Leon (Available Profiles: Leon)
Platform: Windows 8.1 Pro with Media Center (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Users\Leon\AppData\Roaming\00000000-1427290565-0000-0000-8C89A57CCF91\knslB78C.tmp
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Users\Leon\AppData\Roaming\00000000-1427290565-0000-0000-8C89A57CCF91\jnspAA3E.tmp
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [3D BubbleSound] => "C:\Program Files\BubbleSound\3D BubbleSound.exe"
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-01-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-06-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [976832 2010-06-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53288576 2015-06-30] (Skype Technologies S.A.)
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-11-21] (Apple Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-11-04]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk [2012-11-04]
ShortcutTarget: phase-6 Reminder.lnk -> C:\Program Files (x86)\phase-6\phase-6\reminder\reminder.exe (phase-6)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk [2012-11-04]
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk [2012-11-04]
ShortcutTarget: WDSmartWare.lnk -> C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:57889;https=127.0.0.1:57889
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1435780586&z=c4a8762be2fc823c1a7646fgbz5c2wbm0b5e1w8b1c&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1435780586&z=c4a8762be2fc823c1a7646fgbz5c2wbm0b5e1w8b1c&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1435780586&z=c4a8762be2fc823c1a7646fgbz5c2wbm0b5e1w8b1c&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1435780586&z=c4a8762be2fc823c1a7646fgbz5c2wbm0b5e1w8b1c&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1435780586&z=c4a8762be2fc823c1a7646fgbz5c2wbm0b5e1w8b1c&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1435780586&z=c4a8762be2fc823c1a7646fgbz5c2wbm0b5e1w8b1c&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP&q={searchTerms}
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1435780586&z=c4a8762be2fc823c1a7646fgbz5c2wbm0b5e1w8b1c&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP&q={searchTerms}
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1435780586&z=c4a8762be2fc823c1a7646fgbz5c2wbm0b5e1w8b1c&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1435780586&z=c4a8762be2fc823c1a7646fgbz5c2wbm0b5e1w8b1c&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP
HKU\S-1-5-21-2382863035-827234180-2916811482-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1435780586&z=c4a8762be2fc823c1a7646fgbz5c2wbm0b5e1w8b1c&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{52A50DEE-C720-435A-A07A-9DBB2C6A6C02}: [DhcpNameServer] 192.168.178.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_191.dll [2015-07-12] ()
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-01-07] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_191.dll [2015-07-12] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-01-07] (Adobe Systems)
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlusV1\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha582\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta576\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta10961\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha666\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1068\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3481\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5512\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home8091\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6792\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release1053\ff [not found]

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Search Module Plus v2) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlcgehabolcakkjhgmgpkagpolbjlhfa [2015-06-27]
CHR HKU\S-1-5-21-2382863035-827234180-2916811482-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlcgehabolcakkjhgmgpkagpolbjlhfa] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cgfjmjikpifldhhealodkfifokhbagcm] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta576\ch\VideoPlayerV3beta576.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [cploeijpnfbpcdomjmfgchlfgbennncn] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5512\ch\MediaViewV1alpha5512.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [fgkebcoamghomfiajpbllppihcjgjkbb] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3481\ch\MediaViewV1alpha3481.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [jjalkigbjoajjokfnmepdiknfmpbdpjo] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1068\ch\MediaViewerV1alpha1068.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [leldcecnejhenamkemkecblolkahkbei] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta10961\ch\VideoPlayerV3beta10961.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ngcmhddamaepplokdinlhhhflhnakhbe] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home8091\ch\MediaWatchV1home8091.crx [Not Found]
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1435780586&z=c4a8762be2fc823c1a7646fgbz5c2wbm0b5e1w8b1c&from=face&uid=ST2000DL003-9VT166_5YD61RRPXXXX5YD61RRP

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [129536 2009-11-13] (WDC) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S2 WDSmartWareBackgroundService; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 SolidWorks Licensing Service; "C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation)
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-01-25] (Emsisoft GmbH)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R1 innfd_1_10_0_14; system32\drivers\innfd_1_10_0_14.sys [X]
S1 lmimirr; \SystemRoot\system32\DRIVERS\lmimirr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-12 12:37 - 2015-07-13 16:07 - 00000000 ____D C:\Users\Leon\Desktop\FRST-OlderVersion
2015-07-01 21:56 - 2015-07-01 21:56 - 00000000 ____D C:\ProgramData\smdmf
2015-07-01 21:56 - 2015-07-01 21:56 - 00000000 ____D C:\Program Files (x86)\Assets Manager
2015-07-01 21:56 - 2015-07-01 21:56 - 00000000 _____ C:\WINDOWS\prleth.sys
2015-07-01 21:56 - 2015-07-01 21:56 - 00000000 _____ C:\WINDOWS\hgfs.sys
2015-07-01 21:44 - 2015-07-12 12:34 - 00000024 _____ C:\Users\Leon\AppData\Roaming\appdataFr25.bin
2015-07-01 21:43 - 2015-07-01 21:43 - 00003615 _____ C:\Users\Leon\Desktop\JRT.txt
2015-07-01 21:41 - 2015-07-01 21:41 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-LEON-PC-Windows-8.1-Pro-with-Media-Center-(64-bit).dat
2015-07-01 21:41 - 2015-07-01 21:41 - 00000000 ____D C:\RegBackup
2015-07-01 21:29 - 2015-07-01 21:31 - 02950444 _____ (Malwarebytes Corporation) C:\Users\Leon\Desktop\JRT.exe
2015-07-01 21:11 - 2015-07-01 21:19 - 00000000 ____D C:\AdwCleaner
2015-07-01 21:10 - 2015-07-01 21:10 - 02244096 _____ C:\Users\Leon\Desktop\AdwCleaner_4.207.exe
2015-07-01 21:09 - 2015-07-01 21:09 - 00071427 _____ C:\Users\Leon\Desktop\mbam.txt
2015-07-01 19:48 - 2015-07-01 21:07 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-07-01 19:48 - 2015-07-01 19:48 - 00001118 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-01 19:48 - 2015-07-01 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-07-01 19:47 - 2015-07-01 19:47 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-07-01 19:47 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-07-01 19:47 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-07-01 19:47 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-07-01 19:46 - 2015-07-01 19:47 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Leon\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-30 22:19 - 2015-06-30 22:19 - 00003086 _____ C:\WINDOWS\System32\Tasks\tet3008
2015-06-30 21:54 - 2015-07-01 20:52 - 00000000 ____D C:\Program Files (x86)\cecea3d5-3cfb-47ed-a074-c0d5128c78a1
2015-06-30 21:30 - 2015-06-30 21:30 - 00001284 _____ C:\Users\Leon\Desktop\Revo Uninstaller.lnk
2015-06-30 21:30 - 2015-06-30 21:30 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-06-30 21:27 - 2015-06-30 21:27 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Leon\Downloads\revosetup95.exe
2015-06-30 20:59 - 2015-07-12 12:39 - 00052122 _____ C:\Users\Leon\Desktop\Addition.txt
2015-06-30 20:57 - 2015-07-13 16:08 - 00019967 _____ C:\Users\Leon\Desktop\FRST.txt
2015-06-30 20:57 - 2015-07-13 16:08 - 00000000 ____D C:\FRST
2015-06-30 20:56 - 2015-07-13 16:07 - 02133504 _____ (Farbar) C:\Users\Leon\Desktop\FRST64.exe
2015-06-30 20:54 - 2015-06-30 20:54 - 02112512 _____ (Farbar) C:\Users\Leon\Downloads\EAE5.tmp
2015-06-27 21:03 - 2015-07-01 20:52 - 00000000 ____D C:\Program Files (x86)\85c3582f-9a9c-4e9f-93c7-824223714908
2015-06-27 20:52 - 2015-06-27 20:52 - 00004174 _____ C:\WINDOWS\System32\Tasks\WordShark Auto Updater 1.10.0.19 Pending Update
2015-06-27 20:52 - 2015-06-27 20:52 - 00004164 _____ C:\WINDOWS\System32\Tasks\WordShark Auto Updater 1.10.0.19 Core
2015-06-17 18:30 - 2015-07-01 20:52 - 00000000 ____D C:\Program Files (x86)\FullContact for Gmail
2015-06-17 18:29 - 2015-07-12 18:29 - 00000368 _____ C:\WINDOWS\Tasks\WeddingWiz.job
2015-06-17 18:29 - 2015-06-17 18:29 - 00003252 _____ C:\WINDOWS\System32\Tasks\WeddingWiz
2015-06-17 16:13 - 2015-06-17 16:13 - 00001177 _____ C:\Users\Leon\Desktop\Run all Night - Verknüpfung.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-13 16:03 - 2013-11-26 21:18 - 00003922 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A6EF7ABD-A2A8-4971-A471-E9D91CE51F45}
2015-07-13 16:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-13 15:55 - 2013-11-26 20:08 - 01931148 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-13 15:53 - 2013-12-18 17:13 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Skype
2015-07-13 15:45 - 2014-08-17 15:47 - 00000000 ____D C:\Users\Leon\AppData\Roaming\vlc
2015-07-13 15:43 - 2013-10-01 16:10 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-07-13 15:32 - 2014-11-19 00:16 - 00000000 ____D C:\Users\Leon\AppData\Local\LogMeIn Hamachi
2015-07-13 15:32 - 2013-10-01 16:09 - 00000000 ____D C:\Users\Leon\AppData\Local\Adobe
2015-07-13 15:31 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-07-13 15:29 - 2015-03-01 14:04 - 00000000 ___RD C:\Users\Leon\iCloudDrive
2015-07-13 15:29 - 2015-02-10 18:01 - 00001698 _____ C:\WINDOWS\Tasks\ACQUPTNI.job
2015-07-13 15:29 - 2014-03-10 16:40 - 00000000 __RDO C:\Users\Leon\SkyDrive
2015-07-13 15:29 - 2013-07-15 16:51 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-12 19:40 - 2014-05-13 15:41 - 00000000 ____D C:\Users\Leon\AppData\Roaming\UseNeXT
2015-07-12 19:38 - 2014-05-13 15:41 - 00000000 ____D C:\Users\Leon\Documents\UseNeXT
2015-07-12 16:08 - 2012-11-04 12:45 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2382863035-827234180-2916811482-1001
2015-07-12 15:54 - 2014-03-19 16:42 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-12 15:54 - 2013-12-18 17:13 - 00000000 ____D C:\ProgramData\Skype
2015-07-12 12:43 - 2013-10-01 16:10 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-07-12 12:37 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-07-06 23:24 - 2015-05-06 20:11 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-07-06 23:24 - 2015-05-06 20:11 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-05 12:08 - 2012-11-04 13:43 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-07-01 21:56 - 2015-05-28 10:02 - 00001762 _____ C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-01 21:42 - 2015-03-25 15:36 - 00000000 ____D C:\Users\Leon\AppData\Roaming\00000000-1427290565-0000-0000-8C89A57CCF91
2015-07-01 21:24 - 2013-11-26 20:08 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-01 21:24 - 2013-08-22 16:46 - 00357124 _____ C:\WINDOWS\setupact.log
2015-07-01 21:24 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-01 21:23 - 2013-09-29 21:05 - 00216716 _____ C:\WINDOWS\PFRO.log
2015-07-01 21:23 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-07-01 20:52 - 2013-10-09 16:42 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-01 19:39 - 2015-05-27 12:25 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-06-27 21:38 - 2014-12-29 22:28 - 00000000 __SHD C:\Users\Leon\AppData\Local\EmieBrowserModeList
2015-06-27 21:38 - 2014-05-28 15:18 - 00000000 __SHD C:\Users\Leon\AppData\Local\EmieUserList
2015-06-27 21:38 - 2014-05-28 15:18 - 00000000 __SHD C:\Users\Leon\AppData\Local\EmieSiteList
2015-06-27 21:01 - 2014-04-12 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-21 17:36 - 2013-12-19 19:29 - 00385536 ___SH C:\Users\Leon\Desktop\Thumbs.db
2015-06-17 18:30 - 2015-06-12 19:42 - 00000000 ____D C:\Program Files (x86)\IndepthSystem
2015-06-17 15:56 - 2014-07-28 17:33 - 00000000 ____D C:\Users\Leon\AppData\Roaming\dvdcss
2015-06-15 22:15 - 2013-11-26 20:12 - 00000000 ____D C:\Users\Leon
2015-06-15 19:49 - 2014-12-11 18:42 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-15 19:49 - 2014-07-13 12:48 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-15 19:49 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-13 16:40 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-13 15:10 - 2013-08-22 16:44 - 05162592 _____ C:\WINDOWS\system32\FNTCACHE.DAT

==================== Files in the root of some directories =======

2015-07-01 21:44 - 2015-07-12 12:34 - 0000024 _____ () C:\Users\Leon\AppData\Roaming\appdataFr25.bin
2014-08-25 17:32 - 2015-01-25 16:32 - 0000189 _____ () C:\Users\Leon\AppData\Roaming\WB.CFG
2013-04-23 16:37 - 2013-04-25 15:25 - 0004608 _____ () C:\Users\Leon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-04 17:32 - 2014-12-18 21:32 - 0000010 _____ () C:\Users\Leon\AppData\Local\DSI.DAT
2014-12-04 17:32 - 2014-12-04 17:32 - 0022528 _____ () C:\Users\Leon\AppData\Local\dsisetup2482016872.exe
2014-12-18 21:32 - 2014-12-18 21:32 - 0022528 _____ () C:\Users\Leon\AppData\Local\dsisetup6149092032.exe
2015-05-27 12:45 - 2015-05-27 12:45 - 0000000 _____ () C:\Users\Leon\AppData\Local\Temp.dat
2012-11-04 18:17 - 2012-11-04 19:32 - 0001511 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Leon\AppData\Local\Temp\1171.exe
C:\Users\Leon\AppData\Local\Temp\5650.exe
C:\Users\Leon\AppData\Local\Temp\8958.exe
C:\Users\Leon\AppData\Local\Temp\9413.exe
C:\Users\Leon\AppData\Local\Temp\DSManagerSetup.exe
C:\Users\Leon\AppData\Local\Temp\fsd50AE.exe
C:\Users\Leon\AppData\Local\Temp\fsd9666.exe
C:\Users\Leon\AppData\Local\Temp\jue5F6.exe
C:\Users\Leon\AppData\Local\Temp\optprosetup.exe
C:\Users\Leon\AppData\Local\Temp\Quarantine.exe
C:\Users\Leon\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Leon\AppData\Local\Temp\sqlite3.dll
C:\Users\Leon\AppData\Local\Temp\Uninstall.exe
C:\Users\Leon\AppData\Local\Temp\UninstallModule.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-01 21:35

==================== End of log ============================

--- --- ---

01.07.2015, 23:07	#10
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Windows 8 komplett Virenfrei machen! Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Scan klicken. __________________ Logfiles bitte immer in CODE-Tags posten

13.07.2015, 15:06	#14
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Windows 8 komplett Virenfrei machen! Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken __________________ Logfiles bitte immer in CODE-Tags posten

Windows 8 komplett Virenfrei machen!

Plagegeister aller Art und deren Bekämpfung: Windows 8 komplett Virenfrei machen!