| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Falsche Seite besucht, nun Trojaner-Problem Trojan.Agent.MSIL etcWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
26.08.2015, 17:06
| #1 |
 |  Falsche Seite besucht, nun Trojaner-Problem Trojan.Agent.MSIL etc Hallo liebes Forum! Bisher hab ich gedacht mir selbst passiert sowas nicht mehr. Jedoch hats mich gestern eiskalt erwischt. Es wurden Plötzlich wahnsinnig viele Programme installiert, ja selbst der Proxyserver, den ich sonst immer aus habe wurde aktiviert und ich konnte nicht mehr aufs internet zugreifen. Ich bitte daher um hilfe, da mir das ausmaß dieses bzw. der Trojaner echt Angst macht. Ich habe schon mal mit Malewarebytes gescannt und das brachte mir ein Ergebnis von sage und schreibe 686 Einträgen! Danke schonmal für eure Hilfe! MBAM-Log Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 26.08.2015 Suchlaufzeit: 17:45 Protokolldatei: MBAMlog.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.08.26.06 Rootkit-Datenbank: v2015.08.16.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: Enno Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 307282 Abgelaufene Zeit: 9 Min., 58 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 15 Trojan.Agent.MSIL, C:\Users\Enno\AppData\Local\Damfase.exe, 1972, , [541aa16c7f0cd56149372ba78a77956b] PUP.Optional.ObjectBrowser.A, C:\Program Files\Object Browser\398b2968-0633-406f-80f8-df8ed6acae59-6.exe, 3696, , [c1ade627573459dd6d2cca9851b0fa06] PUP.Optional.iWebar.A, C:\Program Files\iWebar\8b5117f2-af65-4def-9102-5938876ca8a4-1-6.exe, 3760, , [a4cab15c810a181e7e5bb5cb15ecb54b] PUP.Optional.iWebar.A, C:\Program Files\iWebar\8b5117f2-af65-4def-9102-5938876ca8a4-6.exe, 3792, , [561862ab9eed69cdc7122c5438c901ff] PUP.Optional.ObjectBrowser.A, C:\Program Files\Object Browser\398b2968-0633-406f-80f8-df8ed6acae59-1-6.exe, 3808, , [afbfa6677d0ec4729207c89a3ac7a35d] PUP.Optional.EoRezo, C:\Users\Enno\AppData\Local\DailyPcClean Support\updpcc_en_009010071.exe, 3860, , [c2acce3f4c3f68ce8f4bbfd146bf47b9] PUP.Optional.Amonetize, C:\Program Files\NixSrv\packages\66a80299-e89e-44a4-91cd-06b4636bea66\NixHost.exe, 2044, , [561847c6cebd9e98ba1d7e4d05fc7987] PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\wajam.exe, 5312, , [b8b655b8bad19e98ea9aef358b7816ea] PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\wajam.exe, 1008, , [b8b655b8bad19e98ea9aef358b7816ea] PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe, 7888, , [fc724ac3048745f1c32d7b35f50f17e9] PUP.Optional.MultiPlug.A, C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\hnsg962D.tmp, 384, , [8fdfa16c83086acceb2ca40d0afa49b7] PUP.Optional.MultiPlug.A, C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\jnsg7D2F.tmp, 1352, , [8fdfa16c83086acceb2ca40d0afa49b7] PUP.Optional.MultiPlug.A, C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\knsg62F5.tmpfs, 2860, , [8fdfa16c83086acceb2ca40d0afa49b7] PUP.Optional.ShopperPro, C:\Program Files\ShopperPro\JSDriver\1.42.1.2367\jsdrv.exe, 8084, , [a3cbdf2e088349edf9d01733ee1525db] PUP.Optional.IHProtect.A, C:\Program Files\MiniLite\ProtectService.exe, 1040, , [6c022edfb5d64ee899585bd960a36898] Module: 5 PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\WajaInternetEnlibs\daawu.psu, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSoundPro\SpaceSoundPro.dll, , [fc724ac3048745f1c32d7b35f50f17e9], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSoundPro\SpaceSoundPro.dll, , [fc724ac3048745f1c32d7b35f50f17e9], PUP.Optional.MiniLite.A, C:\Program Files\MiniLite\msvcp110.dll, , [006e58b52c5f0f27386aba62867d02fe], PUP.Optional.MiniLite.A, C:\Program Files\MiniLite\msvcr110.dll, , [006e58b52c5f0f27386aba62867d02fe], Registrierungsschlüssel: 163 Trojan.Agent.MSIL, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\downloacyi, , [541aa16c7f0cd56149372ba78a77956b], PUP.Optional.ShopperPro, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPDRIVER_1.42.1.2367, , [3737e528a2e91323ffd6ddb32dd88e72], PUP.Optional.WordSurfer.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\wsafd_1_10_0_19, , [600e97768ffcb482cba3325e010417e9], PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, , [b2bcbd5033589a9c182771ee25dbc739], PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\TYPELIB\{8FB1A663-2820-468B-95C4-5060A4C5F413}, , [b2bcbd5033589a9c182771ee25dbc739], PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\INTERFACE\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}, , [b2bcbd5033589a9c182771ee25dbc739], PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\ShopperPro.ShopperProBHO.1, , [b2bcbd5033589a9c182771ee25dbc739], PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\ShopperPro.ShopperProBHO, , [b2bcbd5033589a9c182771ee25dbc739], PUP.Optional.ShopperPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, , [b2bcbd5033589a9c182771ee25dbc739], PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}\INPROCSERVER32, , [b2bcbd5033589a9c182771ee25dbc739], PUP.Optional.WordSurfer.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WordSurfer_1.10.0.19, , [b4bab15c8308cd69b6b8a7e9d3328c74], PUP.Optional.RocketTab.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\RocketTab, , [c9a5c34a8605f046eb05e47044bcef11], PUP.Optional.ShopperPro.F, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ShopperPro, , [9cd2f4193e4d78be9377528254ad738d], PUP.Optional.FastSearch.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\FastSearch, , [9ed044c907845cda97f89c2547bafb05], PUP.Optional.EoRezo, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\gmsd_de_005010071_is1, , [ef7ff518c7c438fe10caccc4c540a25e], PUP.Optional.ModGoog, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GLOBALUPDATE.EXE, , [e28c8588543760d676d07815e819fc04], PUP.Optional.SmartWeb.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SmartWeb, , [74fa60ade9a21323ba3493bce31e7987], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\iWebar, , [086627e6a7e485b1a8cc988c27dc758b], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Object Browser, , [d896be4f1a71171fcca8e93b35ce827e], PUP.Optional.Wajam.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WajaInternetEn Monitor, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajaInternetEn, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.SpaceSoundPro.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\zz.1700.ssp, , [5b134cc18dfeae8829c6248c7b899967], PUP.Optional.SpaceSoundPro.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SpaceSoundPro, , [fc724ac3048745f1c32d7b35f50f17e9], PUP.Optional.SpaceSoundPro.A, HKLM\SOFTWARE\CLASSES\CLSID\{5013A5D0-34A9-489F-BF9A-3A0E34D8902B}, , [fc724ac3048745f1c32d7b35f50f17e9], PUP.Optional.SpaceSoundPro.A, HKLM\SOFTWARE\CLASSES\CLSID\{B43F10EC-BD1C-48D5-A123-3DCA3321C187}, , [fc724ac3048745f1c32d7b35f50f17e9], PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\fimevebo, , [8fdfa16c83086acceb2ca40d0afa49b7], PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\jimocoso, , [8fdfa16c83086acceb2ca40d0afa49b7], PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\toxovyne, , [8fdfa16c83086acceb2ca40d0afa49b7], PUP.Optional.DailyPCClean.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\DailyPCClean_is1, , [046ac8453f4cee484a38357e38cc1be5], PUP.Optional.DailyPCClean.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\dpcc_en_009010071_is1, , [046ac8453f4cee484a38357e38cc1be5], PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\GAMESDESKTOP, , [5c12ab628efd41f59efe41f7c340916f], PUP.Optional.HighDefAction.A, HKLM\SOFTWARE\HighDefAction, , [a9c58d804a41e0564abe05a5de268f71], PUP.Optional.IHProtect.A, HKLM\SOFTWARE\IHProtect, , [4727e72633583cfade14cf6514ef0ff1], PUP.Optional.iWebar.A, HKLM\SOFTWARE\iWebar, , [115d51bc6c1ff93d6bbdb87acc370ef2], PUP.Optional.iWebar.A, HKLM\SOFTWARE\iWebar-nv, , [35398f7e7a111e188e9afd35cb389f61], PUP.Optional.iWebar.A, HKLM\SOFTWARE\iWebar-nv-ie, , [cda1e825eaa159ddaa7ee84ac73cf20e], PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\mystartsearchSoftware, , [a8c65eaf8dfe3df9864c4fec8c77eb15], PUP.Optional.ObjectBrowser.A, HKLM\SOFTWARE\Object Browser, , [c4aac14cb2d98aacb96c364caf551ce4], PUP.Optional.ObjectBrowser.A, HKLM\SOFTWARE\Object Browser-nv, , [bbb315f8602bc76fc785df4e1ee56c94], PUP.Optional.ObjectBrowser.A, HKLM\SOFTWARE\Object Browser-nv-ie, , [e48a13fa8ffc67cfcb81b77652b11ce4], PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\oursurfingSoftware, , [660833dabad1ef47ab263aea27dc0cf4], PUP.Optional.RocketTab.PrxySvrRST, HKLM\SOFTWARE\RocketTab, , [ff6f8e7f385352e4b0eba69f59aab24e], PUP.Optional.SpaceSoundPro.A, HKLM\SOFTWARE\SpaceSondPro, , [600e4ebfa9e226102ec5dcd4778d1ee2], PUP.Optional.SpaceSoundPro.A, HKLM\SOFTWARE\SpaceSoundPro, , [1856030a3457f3433bb9456b12f2a759], PUP.Optional.WPM.A, HKLM\SOFTWARE\supWindowsMangerProtect, , [9fcf6aa38605df57569c286cfa0a867a], PUP.Optional.Yahoo.A, HKLM\SOFTWARE\WajaInternetEn, , [5d1111fc99f277bfb9007b3c48bc0af6], PUP.Optional.WordSurfer.A, HKLM\SOFTWARE\WordSurfer_1.10.0.19, , [88e63ecfdcaf43f300c9a40de2227090], PUP.Optional.YorkNewCin.A, HKLM\SOFTWARE\YorkNewCin, , [8ae4d23b7219fe384cc7c0ea4fb5fa06], PUP.Optional.Zoom.A, HKLM\SOFTWARE\ZoomWebLists, , [80eee5282a61aa8c2d8e29fbb05322de], PUP.Optional.CrossRider.C, HKLM\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [e6880ffe0f7ceb4b0467eb3a7093669a], PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\ARENAHD, , [0d612edf1d6e2016dd32079f778dd42c], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, , [b1bd05083b50e94d98e0fba8f50f768a], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickProcessLauncherMachine, , [afbf6ba2fe8d8da981f7fba8f014a35d], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickProcessLauncherMachine.1.0, , [b1bd2ae33e4d092db7c1495aac58c63a], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoCreateAsync, , [acc232db8a01c67093e6dfc433d18e72], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoCreateAsync.1.0, , [6806cb425b3050e6cfaa7033b64ec739], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreClass, , [105e8c8134570234db9e465d05ff4db3], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreClass.1, , [115d1feee5a682b42e4b5053b4504ab6], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreMachineClass, , [383686877714f83ed4a570339c680bf5], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreMachineClass.1, , [4826cd406526340235440d9649bb43bd], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CredentialDialogMachine, , [9dd114f9d0bb96a02c4d00a39b690bf5], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CredentialDialogMachine.1.0, , [660834d978137abc50296b38ac584db3], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine, , [7df1b756464569cd8dec1b885ca8da26], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine.1.0, , [96d8a469ccbf2c0a106900a3cc389f61], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback, , [71fda06d1d6eb482f9805f445ba95da3], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0, , [a1cddd308b0055e187f28a19c73de51b], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc, , [f6786e9f8605ab8bb4c55b489470fa06], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc.1.0, , [333ba06dcbc0ba7c5d1c1093af5526da], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.ProcessLauncher, , [9bd3a5686f1ca6909cdd03a0c63e2dd3], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.ProcessLauncher.1.0, , [7df1b7562d5e75c1da9f495acb39eb15], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3COMClassService, , [224cd63742497fb738415d469a6aa759], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3COMClassService.1.0, , [cea08687fc8f56e07bfe7b283fc55fa1], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachine, , [a1cdf9147e0dc472a1d89c07c63e8c74], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachine.1.0, , [3737ff0ecdbe7bbbb7c2ced5ab5915eb], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback, , [a2cc4ac32e5d5adc78019e0547bd03fd], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback.1.0, , [4f1fcb420883092d2950b8eb36ce639d], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebSvc, , [de906f9e2566999df8818023a2626799], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebSvc.1.0, , [c6a8e726296263d31c5dfea515ef3fc1], PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\CLASSES\APPID\GLOBALUPDATE.EXE, , [422cca433d4e2a0c95ef7532dc289070], PUP.Optional.DailyPCClean.A, HKLM\SOFTWARE\DAILYPCCLEAN\dpcc_en_009010071, , [f37b30dd6d1e0a2c6620f8bbc63edb25], PUP.Optional.FastSearch.A, HKLM\SOFTWARE\FASTSEARCH, , [1955d03d1b704de9549ca20b0bf944bc], PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\GLOBALUPDATE\UPDATE\Clients, , [80ee45c8d8b3a096f561466372929a66], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\20891, , [eb83d835f79475c19148c898da293dc3], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21836, , [b6b8cc41b3d8ba7c4792bda3000336ca], PUP.Optional.WombatUpdater.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\SERVICE8119.EXE, , [036b2fde7a11db5b8e929c826c97f50b], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\398b2968-0633-406f-80f8-df8ed6acae59-1-6, , [dd919578d6b51b1bbceff52b7f8425db], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\398b2968-0633-406f-80f8-df8ed6acae59-1-7, , [3836ea23305bd46214970f11f40fdc24], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\398b2968-0633-406f-80f8-df8ed6acae59-5, , [650940cddcaffe38416a27f950b344bc], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\398b2968-0633-406f-80f8-df8ed6acae59-5_user, , [58162ce1a1ea0b2b5c4fc060699a5ea2], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\398b2968-0633-406f-80f8-df8ed6acae59-6, , [006e3ecf8ffc8da92883f32d73905ba5], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\398b2968-0633-406f-80f8-df8ed6acae59-7, , [a2cc5ab3c9c21d19fab14fd1d52ea45c], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\8b5117f2-af65-4def-9102-5938876ca8a4-1-6, , [1e506f9eaedd2a0ce4c7160a0003eb15], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\8b5117f2-af65-4def-9102-5938876ca8a4-1-7, , [600ed23b593253e3efbcc75961a243bd], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\8b5117f2-af65-4def-9102-5938876ca8a4-5, , [284617f66a21ad89ecbf62bef211db25], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\8b5117f2-af65-4def-9102-5938876ca8a4-5_user, , [acc22be20f7cf0461497f22ed82b7c84], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\8b5117f2-af65-4def-9102-5938876ca8a4-6, , [3f2f808d92f9132304a7948c42c1a25e], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\8b5117f2-af65-4def-9102-5938876ca8a4-7, , [83eb2fdecdbecd694368ee329b68a15f], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\globalUpdateUpdateTaskMachineCore, , [49250b02e7a4d75fb05e75ac6f940ef2], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\globalUpdateUpdateTaskMachineUA, , [aec02ae3d6b5ab8bed2211107b886f91], PUP.Optional.KikBlaster.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\KWTWFO1, , [a4cae825b2d9b77fc5b63de0a1627888], PUP.Optional.RocketTab.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\RocketTab, , [d995cd4079122c0a028582359371f50b], PUP.Optional.RocketTab.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\RocketTab Update Task, , [5816a568503bb87ef394615682824ab6], PUP.Optional.ShopperPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ShopperPro, , [5c12a16c5c2f23132a5b33ec3bc8738d], PUP.Optional.ShopperPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ShopperProJSUpd, , [d896da331f6c2115bfc71d0250b34eb2], PUP.Optional.Goobzo.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SMupdate1, , [e08e8a83fb9067cff1242cf53fc407f9], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SPBIW_UpdateTask_Time_343037313738353638382d2355786c325a5b5734412d34, , [bcb213fa5d2eb086107a110e51b27d83], PUP.Optional.ShopperPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SPDriver, , [1955a8651a7190a67c0bed328380ba46], PUP.Optional.TempoRunner.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Tempo Runner gigo6maw, , [d19d60ad8ffce74f0bcc4dd25ea5c53b], PUP.Optional.WordSurfer.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WordSurfer Auto Updater 1.10.0.19 Core, , [6806ce3f7b1091a5ec25fd2321e2a45c], PUP.Optional.WordSurfer.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WordSurfer Auto Updater 1.10.0.19 Pending Update, , [5d11cc416d1ebe78e32eae721fe4c838], PUP.Optional.ShopperPro.C, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\ShopperPro.exe, , [8ee0ed204e3d3cfa9deb6abd62a1a759], PUP.Optional.VoPackage.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPackage, , [383646c76a21fc3a9a60257c659f22de], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, , [2d419a7317742a0c171924737391728e], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, , [0b63d9342f5cf244042d1b7c5da7b44c], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\SHOPPERPRO, , [0e6030dd028959ddc122d95f44bf936d], PUP.Optional.Tuto4PC.A, HKLM\SOFTWARE\TUTORIALS, , [6fff10fded9e3ff7e6d68f27758fcb35], PUP.Optional.IHProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IHProtect Service, , [6c022edfb5d64ee899585bd960a36898], PUP.Optional.PCSpeedUp.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, , [f37b69a49dee60d6e326129aaa5a7c84], PUP.Optional.Vitruvian.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WSASVC_1.10.0.19, , [70fe759838535dd9872a485f8a7a7987], PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, , [1d51709dccbf2f073d3986b8927160a0], PUP.Optional.ExtTag.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EXTTAG, , [b6b841cc7318112588d796889b68a957], PUP.Optional.ShopperPro.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPBIUPD, , [c7a742cb8ffc979f89ede53c54af2cd4], PUP.Optional.ShopperPro.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPBIUPDD, , [bdb158b52b609e98fe78e73a58ab3ac6], PUP.Optional.iWebar.A, HKU\S-1-5-18\SOFTWARE\iWebar-nv, , [abc3d8355b30e155101963cfc14202fe], PUP.Optional.iWebar.A, HKU\S-1-5-18\SOFTWARE\iWebar-nv-ie, , [c0ae13fa840782b482a74ae8699a03fd], PUP.Optional.ObjectBrowser.A, HKU\S-1-5-18\SOFTWARE\Object Browser-nv, , [9ad450bd77140e28a7a67faeeb1825db], PUP.Optional.ObjectBrowser.A, HKU\S-1-5-18\SOFTWARE\Object Browser-nv-ie, , [95d934d9b6d556e0e8653af38e75d42c], PUP.Optional.CrossRider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, , [5f0fe726fd8e4aec781de0dbf60e34cc], PUP.Optional.CinemaPlus.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\Cinema_Plus-6.1cV25.08-nv-ie, , [99d54fbe36551b1be468202ee71c03fd], PUP.Optional.HighDefAction.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\HighDefAction, , [70fe64a9fd8e57df977017934db7af51], PUP.Optional.iWebar.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\iWebar-nv, , [c7a7be4fe8a387af78b13002d330817f], PUP.Optional.iWebar.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\iWebar-nv-ie, , [0f5f858890fb2412200942f019ea0df3], PUP.Optional.ObjectBrowser.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\Object Browser-nv, , [e78723eaa4e792a448050825659ebc44], PUP.Optional.ObjectBrowser.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\Object Browser-nv-ie, , [72fca86537540e28f65770bd45be14ec], PUP.Optional.RocketTab.PrxySvrRST, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\RocketTabInstalled, , [4b23ce3f29620b2bf6a61f26a55ef60a], PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\TutoTag, , [82ecf716f794db5b143abdda5ea69070], PUP.Optional.Wajam.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\WajIEnhance, , [ea84f4196e1dc86eadcbd75ff50e41bf], PUP.Optional.YorkNewCin.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\YorkNewCin, , [3e307598eba02412a86a1b8f4bb936ca], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [1757a9646526300639a79eef32d215eb], PUP.Optional.CinemaPlus.C, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\ARENAHD, , [571719f4e6a563d39d71a2040afa06fa], PUP.Optional.DailyPCClean.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\DAILYPCCLEAN, , [ef7fb8557b10d56194f1feb5ff059769], PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY, , [353958b58cffa98dd2b09a8d649f16ea], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\20891, , [c1ad9a7369221224a2d9420248bbc13f], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21836, , [56182ce1b3d81f17d5a6d074a0635ba5], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\ObjectB, , [92dc010cef9cac8a57ae5ad9e023a45c], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Webby, , [cda1fe0f7a11fa3cd5598ca6b64de818], PUP.Optional.Conduit.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [9bd30d00f69523132966535fac5841bf], PUP.Optional.OutBrowse.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB, , [3f2f3ad3dab1a78f40f4a4127e8624dc], PUP.Optional.RocketTab.PrxySvrRST, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\SEARCH EXTENSIONS, , [98d65ab3cac179bde5a5702a986c6b95], PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\TUTORIALS\updatetutorialeshp, , [6509808d4e3d76c0c32c16073cc7748c], PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\TUTORIALS\updatetutorialeshp1, , [d09ec04d454686b0a54af22b9b68a65a], PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\TUTORIALS\updatetutorialshp, , [c7a735d8e8a385b1b87bb27e30d311ef], PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\TUTORIALS\updv, , [9ed039d4008b241254e01b15838024dc], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [b7b7ac610388ad8948282bd114ee6e92], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [b7b7ac610388ad8948282bd114ee6e92], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [b7b7ac610388ad8948282bd114ee6e92], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [b7b7ac610388ad8948282bd114ee6e92], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, , [b7b7ac610388ad8948282bd114ee6e92], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [b7b7ac610388ad8948282bd114ee6e92], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [b7b7ac610388ad8948282bd114ee6e92], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, , [b7b7ac610388ad8948282bd114ee6e92], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, , [b7b7ac610388ad8948282bd114ee6e92], PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\mystartsearch uninstall, , [94da7b9212790e2895c04ecde3208e72], Registrierungswerte: 44 PUP.Optional.EoRezo, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|updpcc_en_009010071.exe, C:\Users\Enno\AppData\Local\DailyPcClean Support\updpcc_en_009010071.exe -runonce, , [c2acce3f4c3f68ce8f4bbfd146bf47b9] PUP.Optional.EoRezo, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|upgmsd_de_005010071.exe, C:\Users\Enno\AppData\Local\gmsd_de_005010071\upgmsd_de_005010071.exe -runonce, , [6a04d03d0c7f79bd47931a7629dc3ec2] PUP.Optional.SpaceSoundPro.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SpaceSoundPro, "C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe", , [fc724ac3048745f1c32d7b35f50f17e9] PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\ARENAHD|value, 1, , [0d612edf1d6e2016dd32079f778dd42c] PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\CLASSES\APPID\GLOBALUPDATE.EXE|AppID, {3278F5CF-48F3-4253-A6BB-004CE84AF492}, , [422cca433d4e2a0c95ef7532dc289070] PUP.Optional.FastSearch.A, HKLM\SOFTWARE\FASTSEARCH|affid, 4435, , [1955d03d1b704de9549ca20b0bf944bc] PUP.Optional.PCTuner.C, HKLM\SOFTWARE\HIGHDEFACTION|value, 1, , [343a6e9fbdce4aeca178990de02416ea] PUP.Optional.WombatUpdater.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\Service8119.exe|{a53dd3e5-0283-4ab3-b77c-7bd1bc7550c6}.sdb, 130850136640306087, , [036b2fde7a11db5b8e929c826c97f50b] PUP.Optional.SmartWeb.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SmartWeb, C:\Users\Enno\AppData\Local\SmartWeb\SmartWebHelper.exe, , [6707ae5ff596f73f0c6eda60e51eda26] PUP.Optional.ShopperPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SPDriver, C:\Program Files\ShopperPro\JSDriver\1.42.1.2367\jsdrv.exe, , [a3cbdf2e088349edf9d01733ee1525db] PUP.Optional.ShopperPro, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SPDriver, C:\Program Files\ShopperPro\JSDriver\1.42.1.2367\jsdrv.exe, , [a3cbdf2e088349edf9d01733ee1525db] PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_de_005010071, "C:\Program Files\gmsd_de_005010071\gmsd_de_005010071.exe", , [0f5f26e75d2e3df99476a198fc0729d7] PUP.Optional.DailyPCClean.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\DAILYPCCLEAN_IS1|Publisher, Tuto4PC.Com, , [a7c763aa404b280ea5e3a90ac2420df3] PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\SHOPPERPRO|aff, amodcI, , [0e6030dd028959ddc122d95f44bf936d] PUP.Optional.ShopperPro.F, HKLM\SOFTWARE\SHOPPERPRO|DBLOCATION, C:\ProgramData\ShopperPro, , [f777e22bf09bc1755c9acbeadb292ed2] PUP.Optional.Tuto4PC.A, HKLM\SOFTWARE\TUTORIALS|HostGUID, A406FD55-42B3-4BBD-B0DE-011A8D448E69, , [6fff10fded9e3ff7e6d68f27758fcb35] PUP.Optional.Vitruvian.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\wsasvc_1.10.0.19|ImagePath, "C:\Program Files\WordSurfer_1.10.0.19\Service\wsasvc.exe", , [70fe759838535dd9872a485f8a7a7987] PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\fimevebo|ImagePath, C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\hnsg962D.tmp, , [84eaa46988031e186a1b039e46be1be5] PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\jimocoso|ImagePath, C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\jnsg7D2F.tmp, , [2846b15c3e4d58deaadb8021cd37e11f] PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\toxovyne|ImagePath, C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\knsg62F5.tmpfs, , [9fcf22eb19722214e1a4d6cba95bb54b] PUP.Optional.ExtTag.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EXTTAG|ImagePath, C:\ProgramData\ExtTag\ExtTag.exe, , [b6b841cc7318112588d796889b68a957] PUP.Optional.ShopperPro.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPBIUpd|ImagePath, C:\Program Files\Common Files\ShopperPro\spbiu.exe /service, , [c7a742cb8ffc979f89ede53c54af2cd4] PUP.Optional.ShopperPro.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPBIUpdd|ImagePath, \??\C:\Program Files\Common Files\ShopperPro\spbiw.sys, , [bdb158b52b609e98fe78e73a58ab3ac6] PUP.Optional.ShopperPro.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPDRIVER_1.42.1.2367|ImagePath, \??\C:\Program Files\ShopperPro\JSDriver\1.42.1.2367\jsdrv.sys, , [fe7036d7315a7eb85b3dcf53000302fe] PUP.Optional.CinemaPlus.C, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\ARENAHD|value, 1, , [571719f4e6a563d39d71a2040afa06fa] PUP.Optional.DailyPCClean.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\DAILYPCCLEAN|UndoDir, C:\Users\Enno\AppData\Roaming\DailyPCClean\Undo, , [ef7fb8557b10d56194f1feb5ff059769] PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY|source, auto, , [353958b58cffa98dd2b09a8d649f16ea] PUP.Optional.PCTuner.C, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\HIGHDEFACTION|value, 1, , [fd7136d7b3d8d06649ce4e58e91b8a76] PUP.Optional.Conduit.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://www.bing.com/search?pc=COSP&ptag=D082515-AAF1615ED1F&form=CONBDF&conlogo=CT3334471&q={searchTerms}, , [9bd30d00f69523132966535fac5841bf] PUP.Optional.OutBrowse.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype20, 8/26/15 0:1:1, , [3f2f3ad3dab1a78f40f4a4127e8624dc] PUP.Optional.OutBrowse.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype24, 8/26/15 0:1:1, , [0e6026e754370432b0846353fd07bf41] PUP.Optional.OutBrowse.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype27, 8/26/15 0:1:1, , [115d1df0c1caf343b381dadc24e0f30d] PUP.Optional.OutBrowse.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype41, 8/26/15 0:1:1, , [6a04729b1f6c8babb381fabc0afa46ba] PUP.Optional.OutBrowse.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype42, 8/26/15 0:1:1, , [adc1ac61642742f43103c7ef689c7789] PUP.Optional.OutBrowse.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype26, 8/26/15 0:1:5, , [f975cb42d7b4fb3b3cf8189e2bd97987] PUP.Optional.OutBrowse.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype43, 8/26/15 0:1:5, , [f37b2fdec6c50432dc58f8be659fea16] PUP.Optional.OutBrowse.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype15, 8/26/15 0:1:13, , [dd919f6e4e3df343ff35cee8ab59bf41] PUP.Optional.OutBrowse.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype4, 8/26/15 0:1:35, , [006ef81573183df92a0a36800202867a] PUP.Optional.OutBrowse.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype34, 8/26/15 0:1:35, , [a0cee32a7b108fa766ce10a66b99857b] PUP.Optional.OutBrowse.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype35, 8/26/15 0:1:35, , [c0aef01d771482b4a490cee8679d47b9] PUP.Optional.OutBrowse.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype14, 8/26/15 0:2:2, , [135bb35a305bc96db87cdbdb84808c74] PUP.Optional.OutBrowse.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype25, 8/26/15 0:3:2, , [432b8c811a7153e321136155d52f44bc] PUP.Optional.OutBrowse.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype6, 8/26/15 0:3:7, , [105e9b7279122214969e585e3acaab55] PUP.Optional.RocketTab.PrxySvrRST, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\SEARCH EXTENSIONS|RocketTab, 1, , [98d65ab3cac179bde5a5702a986c6b95] Registrierungsdaten: 3 PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files\Google\Chrome\Application\chrome.exe" hxxp://www.mystartsearch.com/?type=sc&ts=1440542810&z=8730ae1ddcc7422eba20b2fg5zcz1e8w8zbofqct0z&from=cmi&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1025257452574, Gut: (Chrome.exe), Schlecht: ("C:\Program Files\Google\Chrome\Application\chrome.exe" hxxp://www.mystartsearch.com/?type=sc&ts=1440542810&z=8730ae1ddcc7422eba20b2fg5zcz1e8w8zbofqct0z&from=cmi&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1025257452574),,[9dd13bd2ddae73c3045c173918ed9a66] PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.oursurfing.com/?type=sc&ts=1440540046&z=e53700e706dde49439f6735g1z3z6e1wcz6e4ebz2g&from=2sq&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1025257452574, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.oursurfing.com/?type=sc&ts=1440540046&z=e53700e706dde49439f6735g1z3z6e1wcz6e4ebz2g&from=2sq&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1025257452574),,[026c7f8ef4977db9efb49bc101048c74] PUP.Optional.Conduit.A, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.bing.com/?pc=COSP&ptag=D082515-AAF1615ED1F&form=CONMHP&conlogo=CT3334471, Gut: (www.google.com), Schlecht: (hxxp://www.bing.com/?pc=COSP&ptag=D082515-AAF1615ED1F&form=CONMHP&conlogo=CT3334471),,[bfafa964c2c977bf964597c5f90c7090] Ordner: 62 PUP.Optional.CrossRider.A, C:\Program Files\iWebar, , [086627e6a7e485b1a8cc988c27dc758b], PUP.Optional.CrossRider.A, C:\Program Files\Object Browser, , [d896be4f1a71171fcca8e93b35ce827e], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\WajaInternetEnlibs, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Search, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Uninstall Wajam, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.BrowserHelper.A, C:\Users\Enno\AppData\Local\BrowserHelper, , [d5992edfc8c39b9b3fa5d25431d246ba], PUP.Optional.SearchExtensions.A, C:\Program Files\Search Extensions, , [f27cec21f6950234dc3931f7aa590000], PUP.Optional.SearchExtensions.A, C:\Program Files\Search Extensions\Resources, , [f27cec21f6950234dc3931f7aa590000], PUP.Optional.SmartWeb.A, C:\Users\Enno\AppData\Local\SmartWeb, , [d9955cb10784ed4955ed9b8dc83b52ae], PUP.Optional.MultiPlug.A, C:\Users\Enno\AppData\Local\C56FE3C0-1440547317-11DC-85B8-001E8CAAE9F4, , [85e917f66d1ee84e4ba0c9d95ca859a7], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSondPro, , [5b134cc18dfeae8829c6248c7b899967], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSoundPro, , [fc724ac3048745f1c32d7b35f50f17e9], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSoundPro\config, , [fc724ac3048745f1c32d7b35f50f17e9], PUP.Optional.MultiPlug.A, C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4, , [8fdfa16c83086acceb2ca40d0afa49b7], PUP.Optional.WombatService.A, C:\ProgramData\Service8119, , [6806b35ab8d3fd39d75619989c68639d], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.DailyPCClean.A, C:\Users\Enno\AppData\Local\DailyPcClean Support, , [6b03dc311a712115314fa50eb153d32d], PUP.Optional.DailyPCClean.A, C:\Users\Enno\Documents\DailyPCClean, , [06682de01a71db5b265bad061ee6857b], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPcClean Support, , [046ac8453f4cee484a38357e38cc1be5], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Users\Enno\AppData\Roaming\DailyPCClean\Log, , [e48a838abbd07eb84f5b8037f80c837d], PUP.Optional.DailyPCClean.A, C:\Users\Enno\AppData\Roaming\DailyPCClean, , [e48a838abbd07eb84f5b8037f80c837d], PUP.Optional.DailyPCClean.A, C:\Users\Enno\AppData\Roaming\DailyPCClean\Backup, , [e48a838abbd07eb84f5b8037f80c837d], PUP.Optional.DailyPCClean.A, C:\Users\Enno\AppData\Roaming\DailyPCClean\Undo, , [e48a838abbd07eb84f5b8037f80c837d], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update, , [b7b7ac610388ad8948282bd114ee6e92], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0, , [b7b7ac610388ad8948282bd114ee6e92], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Download, , [b7b7ac610388ad8948282bd114ee6e92], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Install, , [b7b7ac610388ad8948282bd114ee6e92], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Offline, , [b7b7ac610388ad8948282bd114ee6e92], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Offline\{00956091-F76A-41FB-AD01-6537977921EA}, , [b7b7ac610388ad8948282bd114ee6e92], PUP.Optional.GlobalUpdate.A, C:\Users\Enno\AppData\Local\Temp\comh.204480, , [bcb26f9ecbc030065d2824d8798944bc], PUP.Optional.GlobalUpdate.A, C:\Users\Enno\AppData\Local\Temp\comh.289025, , [086656b75b30fb3b2164fdff6a98817f], PUP.Optional.GlobalUpdate.A, C:\Users\Enno\AppData\Local\Temp\comh.54441, , [5717a06d1477072fc3c26894ae5457a9], PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro, , [2a4497768209231336e8cc35f60de61a], PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro, , [5e10bf4e721981b54eb4976b0300e21e], PUP.Optional.GamesDesktop.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP, , [6fff19f4bad15adca16e65a64cb74db3], PUP.Optional.GamesDesktop.A, C:\Users\Enno\AppData\Local\gmsd_de_005010071, , [2d41a26b4e3d59dd838db655d2317d83], PUP.Optional.GamesDesktop.A, C:\Users\Enno\AppData\Local\gmsd_de_005010071\gmsd_de_005010071, , [2d41a26b4e3d59dd838db655d2317d83], PUP.Optional.GamesDesktop.A, C:\Users\Enno\AppData\Local\gmsd_de_005010071\gmsd_de_005010071\1.20, , [2d41a26b4e3d59dd838db655d2317d83], PUP.Optional.GamesDesktop.A, C:\Program Files\gmsd_de_005010071, , [b0beb558721939fd64ad0ffc55aede22], PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro, , [412d8885791277bfb04a110319ea619f], PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro\JsDriver, , [412d8885791277bfb04a110319ea619f], PUP.Optional.OurSurfing.ShrtCln, C:\Users\Enno\AppData\Roaming\oursurfing, , [adc1739a8803c1752b1c3cdbc3409f61], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSondPro_v53.1700, , [ef7f17f60a8190a6c2628e8cb05337c9], PUP.Optional.SpaceSoundPro.A, C:\Users\Enno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpaceSoundPro 1.0, , [d698cb42107bf343dd9b52c89e659769], PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag, , [caa47c91f992cf67d8e8e43622e1ae52], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Enno\AppData\Roaming\mystartsearch, , [94da7b9212790e2895c04ecde3208e72], PUP.Optional.ProtectWindowsManager.F, C:\ProgramData\BWinManProB, , [ef7f18f50c7f3ff72b3e57c4c340b24e], PUP.Optional.ProtectWindowsManager.F, C:\ProgramData\pWinManProp, , [323c0d006922270f9acf24f7d330f808], PUP.Optional.ProtectWindowsManager.F, C:\ProgramData\pWinManProp\update, , [323c0d006922270f9acf24f7d330f808], PUP.Optional.MiniLite.A, C:\Program Files\MiniLite, , [006e58b52c5f0f27386aba62867d02fe], PUP.Optional.PennyBee.A, C:\ProgramData\IcyCarje, , [c7a738d56823280ec534d04c8d766b95], PUP.Optional.Vitruvian.A, C:\Program Files\WordSurfer_1.10.0.19, , [80ee58b5f19af046a16e444ed035b947], PUP.Optional.Vitruvian.A, C:\Program Files\WordSurfer_1.10.0.19\3rd Party Licenses, , [80ee58b5f19af046a16e444ed035b947], PUP.Optional.Vitruvian.A, C:\Program Files\WordSurfer_1.10.0.19\Service, , [80ee58b5f19af046a16e444ed035b947], PUP.Optional.Vitruvian.A, C:\Program Files\WordSurfer_1.10.0.19\Update, , [80ee58b5f19af046a16e444ed035b947], Dateien: 394 Trojan.Agent.MSIL, C:\Users\Enno\AppData\Local\Damfase.exe, , [541aa16c7f0cd56149372ba78a77956b], PUP.Optional.ObjectBrowser.A, C:\Program Files\Object Browser\398b2968-0633-406f-80f8-df8ed6acae59-6.exe, , [c1ade627573459dd6d2cca9851b0fa06], PUP.Optional.iWebar.A, C:\Program Files\iWebar\8b5117f2-af65-4def-9102-5938876ca8a4-1-6.exe, , [a4cab15c810a181e7e5bb5cb15ecb54b], PUP.Optional.iWebar.A, C:\Program Files\iWebar\8b5117f2-af65-4def-9102-5938876ca8a4-6.exe, , [561862ab9eed69cdc7122c5438c901ff], PUP.Optional.ObjectBrowser.A, C:\Program Files\Object Browser\398b2968-0633-406f-80f8-df8ed6acae59-1-6.exe, , [afbfa6677d0ec4729207c89a3ac7a35d], PUP.Optional.EoRezo, C:\Users\Enno\AppData\Local\DailyPcClean Support\updpcc_en_009010071.exe, , [c2acce3f4c3f68ce8f4bbfd146bf47b9], PUP.Optional.Amonetize, C:\Program Files\NixSrv\packages\66a80299-e89e-44a4-91cd-06b4636bea66\NixHost.exe, , [561847c6cebd9e98ba1d7e4d05fc7987], PUP.Optional.EoRezo, C:\Users\Enno\AppData\Local\gmsd_de_005010071\upgmsd_de_005010071.exe, , [6a04d03d0c7f79bd47931a7629dc3ec2], PUP.Optional.ShopperPro, C:\Program Files\ShopperPro\JSDriver\1.42.1.2367\jsdrv.sys, , [3737e528a2e91323ffd6ddb32dd88e72], PUP.Optional.WordSurfer.A, C:\Windows\System32\drivers\wsafd_1_10_0_19.sys, , [600e97768ffcb482cba3325e010417e9], PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\ShopperPro.dll, , [b2bcbd5033589a9c182771ee25dbc739], Adware.PennyBee, C:\ProgramData\IcyCarje\gigo3maw.dll, , [48265bb2216a12240a2cb80d5aa7837d], PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\ShopperPro64.dll, , [17579e6fc0cb46f0f6497be49070eb15], PUP.Optional.CrossRider.A, C:\Users\Enno\AppData\Roaming\y51qdxgtcP8Lm2WD9B3HcgjE.exe, , [a3cbc548781304320123514004fd55ab], PUP.Optional.Nova.A, C:\Program Files\AGEIA Technologies\1faacb5a-23c1-4a96-8251-45bdad4a2db8.dll, , [f87649c47615aa8cdf200a4df30e50b0], PUP.Optional.Nova.A, C:\Program Files\AGEIA Technologies\6c638346-4888-490b-b921-1e8d4d3f907f.dll, , [6509de2ff69584b2d52ae671c140bb45], PUP.Optional.Nova.A, C:\Program Files\d79cd7cf-41ed-4e57-a8f2-a6d8595d9a6a\9a9acfd4-4a9e-4020-8620-ea2359c08c0f.dll, , [e787cf3e89027abc46b93f1811f053ad], PUP.Optional.Tuto4PC, C:\Program Files\DailyPCClean\DailyPCClean.exe, , [82eced203c4f00364b4d9fd3c54035cb], PUP.Optional.Tuto4PC, C:\Program Files\DailyPCClean\DPCCSchedule.exe, , [323c68a529629d990395d49efe07e020], PUP.Optional.Tuto4PC, C:\Program Files\DailyPcClean Support\DailyPCClean.exe, , [1d51ba537a114aec0d8b75fd33d2e020], PUP.Optional.Tuto4PC.A, C:\Program Files\DailyPcClean Support\predm.exe, , [3737838a1972ba7c03e74e40f80d2cd4], PUP.Optional.WordSurfer.A, C:\Program Files\WordSurfer_1.10.0.19\Uninstall.exe, , [b4bab15c8308cd69b6b8a7e9d3328c74], PUP.Optional.ObjectBrowser.A, C:\Program Files\Object Browser\398b2968-0633-406f-80f8-df8ed6acae59-1-7.exe, , [72fcf518a3e80d291e7b9ac8d32ea35d], PUP.Optional.ObjectBrowser.A, C:\Program Files\Object Browser\398b2968-0633-406f-80f8-df8ed6acae59-5.exe, , [026ce4297615b3832772afb331d010f0], PUP.Optional.ObjectBrowser.A, C:\Program Files\Object Browser\398b2968-0633-406f-80f8-df8ed6acae59-7.exe, , [91dd828ba5e6d462a9f0e37f36cbc53b], PUP.Optional.Nova.A, C:\Program Files\Object Browser\799834a4-f6a0-4246-ab53-b1db3a41fea9.dll, , [bbb3cb421f6c2e0855aad4833ec3738d], PUP.Optional.ObjectBrowser.A, C:\Program Files\Object Browser\utils.exe, , [6905c7463952c47222773c26c839728e], PUP.Optional.RocketTab.PrxySvrRST, C:\Program Files\Search Extensions\uninstall.exe, , [c9a5c34a8605f046eb05e47044bcef11], PUP.Optional.ShopperPro, C:\Program Files\ShopperPro\ShopperPro.dll, , [84ea7b92ec9f76c0da65fa652dd3f50b], PUP.Optional.ShopperPro, C:\Program Files\ShopperPro\ShopperPro64.dll, , [a7c7dc31f29959dd76c9c09f12ee0cf4], PUP.Optional.ShopperPro.F, C:\Program Files\ShopperPro\SPRemove.exe, , [9cd2f4193e4d78be9377528254ad738d], PUP.Optional.ShopperPro, C:\Program Files\ShopperPro\Updater.exe, , [f17d9479820961d58e47137d937221df], PUP.Optional.Nova.A, C:\Program Files\e6c775f4-fd06-4422-a78c-a41a05a8bbb8\cc528976-7d00-4ee9-afeb-ca3b10f1b053.dll, , [b9b50d008b00a88ec8374d0afd049b65], PUP.Optional.FastSearch.A, C:\Program Files\FastSearch\uninstall.exe, , [9ed044c907845cda97f89c2547bafb05], PUP.Optional.EoRezo, C:\Program Files\gmsd_de_005010071\gamesdesktop_widget.exe, , [036b42cb3f4c95a182585d3349bc2dd3], PUP.Optional.Tuto4PC.A, C:\Program Files\gmsd_de_005010071\predm.exe, , [89e56ba2ddaeb3838d5d6529c144857b], PUP.Optional.EoRezo, C:\Program Files\gmsd_de_005010071\unins000.exe, , [ef7ff518c7c438fe10caccc4c540a25e], PUP.Optional.Nova.A, C:\Program Files\iWebar\6da216fc-edff-4983-beca-fa5ee5c763f6.dll, , [aec08e7fe3a8af87619ebb9ced1453ad], PUP.Optional.iWebar.A, C:\Program Files\iWebar\8b5117f2-af65-4def-9102-5938876ca8a4-1-7.exe, , [4e20a667a1eafd399049710fd62b1fe1], PUP.Optional.iWebar.A, C:\Program Files\iWebar\8b5117f2-af65-4def-9102-5938876ca8a4-5.exe, , [214d26e7ddae181e82575030758c748c], PUP.Optional.iWebar.A, C:\Program Files\iWebar\8b5117f2-af65-4def-9102-5938876ca8a4-7.exe, , [234b54b9414acf672daccbb5946dc739], PUP.Optional.iWebar.A, C:\Program Files\iWebar\utils.exe, , [d49ab6575a3167cfbf1af7890ef3867a], PUP.Optional.Amonentize.A, C:\Users\Enno\AppData\Local\Temp\nsh673C.tmp, , [432b1af3c5c6ec4a4d29a5fcbf42ff01], PUP.Optional.Amonentize.A, C:\Users\Enno\AppData\Local\Temp\nshE5AE.tmp, , [df8f8786afdcc76f9adcb3ee3ec3fe02], PUP.Optional.Somoto.C, C:\Users\Enno\AppData\Local\Temp\nsn4D58.tmp, , [dc923ecf1576c4725b82048b0ef72ad6], PUP.Optional.Amonetize, C:\Users\Enno\AppData\Local\Temp\nsqC8B1.exe, , [294578953754171f7c5a11baea177090], PUP.Optional.Somoto, C:\Users\Enno\AppData\Local\Temp\bitool.dll, , [fa7425e85536989eb14d3da839c8966a], PUP.Optional.CinemaPlus.A, C:\Users\Enno\AppData\Local\Temp\5651.exe, , [600e0508d5b69b9b5ef5f0970ff60df3], Trojan.Agent.MSIL, C:\Users\Enno\AppData\Local\Temp\5XSZn.tmp, , [9dd1ad60ccbfa591166a5a78a75ad927], PUP.Optional.Bundle, C:\Users\Enno\AppData\Local\Temp\setup.exe, , [a5c99e6feba0d66004b58e4530d1ee12], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Enno\AppData\Local\Temp\nsr53FD.tmp, , [2b43d8357c0fe65084442963c243a45c], PUP.Optional.ObjectBrowser.A, C:\Users\Enno\AppData\Local\Temp\nsm4AF5.tmp\Jtngoedh.exe, , [630b46c7355654e26b2e0a58976a06fa], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.204480\globalupdate.exe, , [e28c8588543760d676d07815e819fc04], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.204480\globalupdateBroker.exe, , [e68852bb99f257df77cf404dd82919e7], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.204480\globalupdateCrashHandler.exe, , [1c52cc41f794f93d1630aae3ed14cb35], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.204480\globalupdateOnDemand.exe, , [a9c5a865abe0ad89143259340af754ac], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.204480\goopdate.dll, , [de9022eb92f9b284db6b3657e02144bc], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.204480\goopdateres_en.dll, , [fa74cf3e96f5be782a1c018c03fe28d8], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.204480\npglobalupdateUpdate4.dll, , [80ee9578bbd058ded076ccc198691de3], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.204480\psmachine.dll, , [fb732ce1cdbede589aac325b18e949b7], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.204480\psuser.dll, , [2d415db08308c57167dfcfbe38c938c8], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.289025\globalupdate.exe, , [ec82fe0fe9a216204501315c9c655ca4], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.289025\globalupdateBroker.exe, , [c2ac8a83fd8ee4520442f39ad32eac54], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.289025\globalupdateCrashHandler.exe, , [3e30ce3ff39869cd3b0b711c24dde31d], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.289025\globalupdateOnDemand.exe, , [97d7818c7e0d8da9d4720d80d130c53b], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.289025\goopdate.dll, , [b0bed637800b8da91531bdd048b902fe], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.289025\goopdateres_en.dll, , [c9a55ab397f448ee5fe7aae35ba6db25], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.289025\npglobalupdateUpdate4.dll, , [0d616f9e0f7ca393e5610e7fd72aca36], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.289025\psmachine.dll, , [dd91010cfc8f66d05aec731ad62bbf41], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.289025\psuser.dll, , [6905927bc9c21c1aef577f0e37ca22de], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.54441\globalupdate.exe, , [e08e9677d3b8b77fd96da4e961a0738d], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.54441\globalupdateBroker.exe, , [ea84808d47440432370f0b82be4317e9], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.54441\globalupdateCrashHandler.exe, , [caa4b756dead3bfbcc7abcd181804eb2], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.54441\globalupdateOnDemand.exe, , [f07e0805dab167cfb98d1e6fc33e2cd4], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.54441\goopdate.dll, , [b6b82ae3a3e8ee48fb4bc7c62dd4b848], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.54441\goopdateres_en.dll, , [bbb361ac9dee191d42046528966b41bf], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.54441\npglobalupdateUpdate4.dll, , [422c838a068574c282c44845b05103fd], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.54441\psmachine.dll, , [d5995ab3afdc6cca7dc9335a09f8aa56], PUP.Optional.ModGoog, C:\Users\Enno\AppData\Local\Temp\comh.54441\psuser.dll, , [91dd0706c8c30f277fc79eef20e1e917], Trojan.Agent.MSIL, C:\Users\Enno\AppData\Local\Temp\5XSZn\xrc.exe, , [c4aaf617cbc0fc3a8af65b7755ac7789], Trojan.Dropper, C:\Users\Enno\AppData\Local\Temp\Install_25765\ins_cr.exe, , [6c027796414a53e3e20d730a976a9769], Trojan.Dropper, C:\Users\Enno\AppData\Local\Temp\Install_25765\ins_iwebar.exe, , [541a9c71c1ca77bfcb24fc817c8550b0], PUP.Optional.ShopperPro.F, C:\Users\Enno\AppData\Local\Temp\Install_25765\ins_shopperpro.exe, , [df8f55b8b5d679bd34d615bfc63b7789], Trojan.Downloader, C:\Windows\Temp\tmp3AEE.tmp, , [aac4c746eaa178beee1f38943cc51ee2], PUP.Optional.Amonetize, C:\Windows\Temp\tmp675A.tmp, , [c9a5ad603a51fa3c01d6d7f4f908ba46], PUP.Optional.Amonetize, C:\Windows\Temp\tmpBAA7.tmp, , [9bd3e6272f5c80b6e4f36d5eec15827e], Trojan.Agent, C:\Users\Enno\AppData\Local\C56FE3C0-1440547317-11DC-85B8-001E8CAAE9F4\snsr36EF.tmp, , [9ad4838a7219d5618a8cf8cdce33eb15], PUP.Optional.SmartWeb.A, C:\Users\Enno\AppData\Local\SmartWeb\SmartWebApp.exe, , [82ecc14c3d4e072f19d5f45b19e859a7], PUP.Optional.SmartWeb.A, C:\Users\Enno\AppData\Local\SmartWeb\swhk.dll, , [4727e02dfe8d7abcfbf3ed62d130aa56], PUP.Optional.SmartWeb.A, C:\Users\Enno\AppData\Local\SmartWeb\__u.exe, , [74fa60ade9a21323ba3493bce31e7987], PUP.Optional.KikBlaster.A, C:\Windows\System32\Tasks\KWTWFO1, , [cca2be4fc8c356e0cbaedb421fe48c74], PUP.Optional.KikBlaster.A, C:\Windows\Tasks\KWTWFO1.job, , [cba3a865810a152187f3fc21ef1426da], PUP.Optional.WombatUpdater.A, C:\Windows\AppPatch\Custom\{a53dd3e5-0283-4ab3-b77c-7bd1bc7550c6}.sdb, , [600e45c857344beb7ca321fd4fb4857b], PUP.Optional.CrossRider.A, C:\Program Files\iWebar\bgNova.html, , [086627e6a7e485b1a8cc988c27dc758b], PUP.Optional.CrossRider.A, C:\Program Files\iWebar\Uninstall.exe, , [086627e6a7e485b1a8cc988c27dc758b], PUP.Optional.CrossRider.A, C:\Program Files\Object Browser\bgNova.html, , [d896be4f1a71171fcca8e93b35ce827e], PUP.Optional.CrossRider.A, C:\Program Files\Object Browser\Uninstall.exe, , [d896be4f1a71171fcca8e93b35ce827e], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\wajam.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\snotlings, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\waaaghs, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\wajam.exe, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\wajam_goblin.dll, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\WWE_uninstall.exe, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\amazon.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\argos.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\ask.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\bestbuy.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\ebay.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\etsy.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\facebook.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\favicon.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\google.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\homedepot.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\ikea.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\imdb.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\lowes.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\mercado.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\mysearchweb.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\myshopping.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\searchresult.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\sears.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\setting.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\settings.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\shopping.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\target.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\tesco.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\tripadvisor.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\twitter.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\wajam.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\walmart.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\wiki.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\yahoo.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\logos\zalando.ico, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\Program Files\WajaInternetEn\WajaInternetEnlibs\daawu.psu, , [b8b655b8bad19e98ea9aef358b7816ea], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Wajam Website.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Settings.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\SignIn with Facebook.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\SignIn with Twitter.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Search\Ask.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Search\Google.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Search\IMDb.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Search\Shopping.com.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Search\TripAdvisor.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Search\Wikipedia.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Search\Yahoo!.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\Amazon.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\Argos.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\Ebay.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\Etsy.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\HomeDepot.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\Ikea.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\Lowe's.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\Mercadolivre.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\MyShopping.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\Sears.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\Target.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\Tesco.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\Walmart.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\Zalando.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Uninstall Wajam\uninstall.lnk, , [f678fa13414a54e2325363c16f94718f], PUP.Optional.BrowserHelper.A, C:\Users\Enno\AppData\Local\BrowserHelper\BrowserHelperBk.txt, , [d5992edfc8c39b9b3fa5d25431d246ba], PUP.Optional.BrowserHelper.A, C:\Users\Enno\AppData\Local\BrowserHelper\BrowserHelper.txt, , [d5992edfc8c39b9b3fa5d25431d246ba], PUP.Optional.SearchExtensions.A, C:\Program Files\Search Extensions\config.dat, , [f27cec21f6950234dc3931f7aa590000], PUP.Optional.SearchExtensions.A, C:\Program Files\Search Extensions\certmanager.exe, , [f27cec21f6950234dc3931f7aa590000], PUP.Optional.SearchExtensions.A, C:\Program Files\Search Extensions\makecert.exe, , [f27cec21f6950234dc3931f7aa590000], PUP.Optional.SearchExtensions.A, C:\Program Files\Search Extensions\Resources\certutil.exe, , [f27cec21f6950234dc3931f7aa590000], PUP.Optional.SearchExtensions.A, C:\Program Files\Search Extensions\Resources\libnspr4.dll, , [f27cec21f6950234dc3931f7aa590000], PUP.Optional.SearchExtensions.A, C:\Program Files\Search Extensions\Resources\libplc4.dll, , [f27cec21f6950234dc3931f7aa590000], PUP.Optional.SearchExtensions.A, C:\Program Files\Search Extensions\Resources\libplds4.dll, , [f27cec21f6950234dc3931f7aa590000], PUP.Optional.SearchExtensions.A, C:\Program Files\Search Extensions\Resources\nss3.dll, , [f27cec21f6950234dc3931f7aa590000], PUP.Optional.SearchExtensions.A, C:\Program Files\Search Extensions\Resources\smime3.dll, , [f27cec21f6950234dc3931f7aa590000], PUP.Optional.SearchExtensions.A, C:\Program Files\Search Extensions\Resources\softokn3.dll, , [f27cec21f6950234dc3931f7aa590000], PUP.Optional.SmartWeb.A, C:\Users\Enno\AppData\Local\SmartWeb\uninst.lnk, , [d9955cb10784ed4955ed9b8dc83b52ae], PUP.Optional.ShopperPro.A, C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_343037313738353638382d2355786c325a5b5734412d34, , [1856d13c9bf0ca6c10660e23b74c1ae6], PUP.Optional.SmartWeb.A, C:\Users\Enno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk, , [1d513bd2eaa1340287f27fbb30d37c84], PUP.Optional.RocketTab.PrxySvrRST, C:\Windows\System32\Tasks\RocketTab, , [afbf10fd95f60432fda19ca957ac40c0], PUP.Optional.RocketTab.PrxySvrRST, C:\Windows\System32\Tasks\RocketTab Update Task, , [c6a88d80f6955fd7445a88bda65db64a], PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\ShopperPro, , [383629e48605f541aa23b892c24142be], PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\ShopperProJSUpd, , [bfaf13fab8d341f5ac22df6b9271c33d], PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\SPDriver, , [db9325e85239e94dc9065ded1ee59d63], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-1-6, , [88e6b855404ba88ee307143938cbaf51], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-1-7, , [2a44d5384b40fb3b21c94eff59aa8b75], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-5, , [e985a6673556aa8c37b3331a3fc4827e], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-5_user, , [9bd353ba4348b87e23c7e7663dc6ae52], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-6, , [7df138d5c8c32a0ca149d875e12250b0], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-7, , [dc92a76690fb2f073fab311ca65dae52], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-1-6, , [c1ada766048763d3bc2e222b62a113ed], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-1-7, , [fa7475986d1e01357b6ffd50f70c59a7], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-5, , [2d41cf3e3a5164d20edc9ab3ca3945bb], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-5_user, , [313d48c5751685b11dcd4b020201e917], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-6, , [3836fb12d7b4211540aad974f11253ad], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-7, , [b9b5bc512d5ea98d7575c6871be8b34d], PUP.Optional.CrossRider.T, C:\Windows\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-1-6.job, , [b6b80a030a81ef47c3a5aee7d232fc04], PUP.Optional.CrossRider.T, C:\Windows\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-1-7.job, , [06680ffe0e7d86b06008365fd430cf31], PUP.Optional.CrossRider.T, C:\Windows\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-5.job, , [4d21ba53fe8df93d2a3ee1b48b79669a], PUP.Optional.CrossRider.T, C:\Windows\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-5_user.job, , [402ebd50c5c62e08ce9a8114ca3a5ea2], PUP.Optional.CrossRider.T, C:\Windows\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-6.job, , [4c22e726dab10c2a3533672e838117e9], PUP.Optional.CrossRider.T, C:\Windows\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-7.job, , [4529977629620333095f247155aff20e], PUP.Optional.CrossRider.T, C:\Windows\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-1-6.job, , [bab40706810af2441553365fb252b14f], PUP.Optional.CrossRider.T, C:\Windows\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-1-7.job, , [afbf7b92d7b446f01e4a187dc242fe02], PUP.Optional.CrossRider.T, C:\Windows\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-5.job, , [2648868718732016d593e1b4f311827e], PUP.Optional.CrossRider.T, C:\Windows\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-5_user.job, , [90de917c711a70c6680011849c689769], PUP.Optional.CrossRider.T, C:\Windows\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-6.job, , [a5c91eefccbff1458cdc3f56ae564ab6], PUP.Optional.CrossRider.T, C:\Windows\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-7.job, , [3b33a7663e4da6908ddb791c0afae917], PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, , [4628fa131b7000367ff65b3a3cc8c838], PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, , [f17d2ae33655eb4b41352f6664a0ef11], PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, , [0c62e528c4c70036a0d72c69d430ff01], PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, , [2d418f7e8605bc7a3f39f69f9e660ef2], PUP.Optional.Vitruvian.A, C:\Users\Enno\AppData\Local\Temp\vitruvian-installer-hardwareprofile-v0001, , [adc1ce3f2d5ebe78fb3d9507f60e05fb], PUP.Optional.Vitruvian.A, C:\Users\Enno\AppData\Local\Temp\vitruvian-installer-install-v0003, , [70fed835fc8ff046da5eff9d5ca8817f], PUP.Optional.Vitruvian.A, C:\Users\Enno\AppData\Local\Temp\vitruvian-installer-processes-v0002, , [c9a532dbb5d66dc9e2562478a55fe51b], PUP.Optional.Vitruvian.A, C:\Users\Enno\AppData\Local\Temp\vitruvian-installer-scheduledtasks-v0001, , [86e811fc4d3e50e6f840c4d88381ed13], PUP.Optional.Vitruvian.A, C:\Users\Enno\AppData\Local\Temp\vitruvian-installer-softwareregkeys-v0002, , [204e11fcc8c32a0c88b0d8c4ea1a2cd4], PUP.Optional.MultiPlug.A, C:\Users\Enno\AppData\Local\C56FE3C0-1440547317-11DC-85B8-001E8CAAE9F4\onsb377D.tmp, , [85e917f66d1ee84e4ba0c9d95ca859a7], PUP.Optional.MultiPlug.A, C:\Users\Enno\AppData\Local\C56FE3C0-1440547317-11DC-85B8-001E8CAAE9F4\EEA7.tmp, , [85e917f66d1ee84e4ba0c9d95ca859a7], PUP.Optional.MultiPlug.A, C:\Users\Enno\AppData\Local\C56FE3C0-1440547317-11DC-85B8-001E8CAAE9F4\pnsb377E.exe, , [85e917f66d1ee84e4ba0c9d95ca859a7], PUP.Optional.MultiPlug.A, C:\Users\Enno\AppData\Local\C56FE3C0-1440547317-11DC-85B8-001E8CAAE9F4\rnsb377C.exe, , [85e917f66d1ee84e4ba0c9d95ca859a7], PUP.Optional.MultiPlug.A, C:\Users\Enno\AppData\Local\C56FE3C0-1440547317-11DC-85B8-001E8CAAE9F4\snsr36EF.tmp, , [85e917f66d1ee84e4ba0c9d95ca859a7], PUP.Optional.MultiPlug.A, C:\Users\Enno\AppData\Local\C56FE3C0-1440547317-11DC-85B8-001E8CAAE9F4\Uninstall.exe, , [85e917f66d1ee84e4ba0c9d95ca859a7], PUP.Optional.TempoRunner.A, C:\Windows\System32\Tasks\Tempo Runner gigo6maw, , [dc92f7168902fe384ee76b3ada2a0df3], PUP.Optional.TempoRunner.A, C:\Windows\Tasks\Tempo Runner gigo6maw.job, , [e7873fce8605b6800234bee78a7a1de3], PUP.Optional.Goobzo.A, C:\Windows\System32\Tasks\SMupdate1, , [0c62b05dabe0cd69ccd94a5c47bd8c74], PUP.Optional.Winsock.HijackBoot, C:\Users\Enno\AppData\Local\Temp\adblocker_installer__1440540026.txt, , [d39b24e9aae1c57151a7c7e64eb67e82], PUP.Optional.WordSurfer.A, C:\Windows\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core, , [bab49e6f791277bfb628fcb406fe2ad6], PUP.Optional.WordSurfer.A, C:\Windows\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update, , [6c02937a2c5f68ce617d6c442ada58a8], PUP.Optional.SpaceSoundPro.A, C:\Users\Enno\Desktop\SpaceSoundPro.lnk, , [27477895acdf15218668e8c8ad57c53b], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSondPro\uninstall.exe, , [5b134cc18dfeae8829c6248c7b899967], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSondPro\Spacesoundpro.exe, , [5b134cc18dfeae8829c6248c7b899967], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSoundPro\Uninstall.exe, , [fc724ac3048745f1c32d7b35f50f17e9], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSoundPro\backup_High Definition Audio-Gerät_Digitalaudio (S_PDIF).reg, , [fc724ac3048745f1c32d7b35f50f17e9], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSoundPro\backup_High Definition Audio-Gerät_Kopfhörer.reg, , [fc724ac3048745f1c32d7b35f50f17e9], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSoundPro\backup_High Definition Audio-Gerät_Lautsprecher.reg, , [fc724ac3048745f1c32d7b35f50f17e9], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSoundPro\backup_Logitech USB Headset H340_Lautsprecher.reg, , [fc724ac3048745f1c32d7b35f50f17e9], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSoundPro\silentconfigurator.exe, , [fc724ac3048745f1c32d7b35f50f17e9], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSoundPro\silentunconfigurator.exe, , [fc724ac3048745f1c32d7b35f50f17e9], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSoundPro\SpaceSoundPro.dll, , [fc724ac3048745f1c32d7b35f50f17e9], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe, , [fc724ac3048745f1c32d7b35f50f17e9], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSoundPro\config\SpaceSoundPro.conf, , [fc724ac3048745f1c32d7b35f50f17e9], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSoundPro\config\SpaceSoundPro.err, , [fc724ac3048745f1c32d7b35f50f17e9], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSoundPro\config\SpaceSoundProLinks.conf, , [fc724ac3048745f1c32d7b35f50f17e9], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSoundPro\config\SpaceSoundProUser.conf, , [fc724ac3048745f1c32d7b35f50f17e9], PUP.Optional.MultiPlug.A, C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\hnsg962D.tmp, , [8fdfa16c83086acceb2ca40d0afa49b7], PUP.Optional.MultiPlug.A, C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\jnsg7D2F.tmp, , [8fdfa16c83086acceb2ca40d0afa49b7], PUP.Optional.MultiPlug.A, C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\knsg62F5.tmpfs, , [8fdfa16c83086acceb2ca40d0afa49b7], PUP.Optional.MultiPlug.A, C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\rnsb7742.exe, , [8fdfa16c83086acceb2ca40d0afa49b7], PUP.Optional.MultiPlug.A, C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\Uninstall.exe, , [8fdfa16c83086acceb2ca40d0afa49b7], PUP.Optional.MultiPlug.A, C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\vnsb4B76.tmp, , [8fdfa16c83086acceb2ca40d0afa49b7], PUP.Optional.WombatService.A, C:\ProgramData\Service8119\Service8119.dll, , [6806b35ab8d3fd39d75619989c68639d], PUP.Optional.WombatService.A, C:\ProgramData\Service8119\Service8119.exe, , [6806b35ab8d3fd39d75619989c68639d], PUP.Optional.Acengine.A, C:\Users\Enno\AppData\Local\Temp\acengine.log, , [83ebc14c850658de18367c358c78b64a], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\acengine.tlb, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\ACDLL.dll, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\ACDLL64.dll, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\ACDLL64.exe, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\acengine.dll, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\acengine.exe, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\acengine64.dll, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\acenginecert.dll, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\ACInstaller.exe, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\acwfp.sys, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\acwfp64.sys, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\cfr3011.exe, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\freebl3.dll, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\gre.exe, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\lengine.exe, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\lengine.ini, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\lengine64.exe, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\libnspr4.dll, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\libplc4.dll, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\libplds4.dll, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\nss3.dll, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\nssckbi.dll, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\nssdbm3.dll, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\nssutil3.dll, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\slite.exe, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\smime3.dll, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\softokn3.dll, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\sqlite3.dll, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\ssl3.dll, , [6a0444c97516cb6bfd5b3f72a65eab55], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\wlu.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\1.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\a.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\b.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\c.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\d.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\e.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\f.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\g.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\h.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\i.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\j.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\k.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\l.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\m.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\n.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\o.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\p.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\q.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\r.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\s.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\t.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\u.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\v.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\w.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\x.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\y.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\z.txt, , [16584dc0fa9185b18d31624f3bc9b34d], PUP.Optional.DailyPCClean.A, C:\Users\Enno\Desktop\DailyPCClean.lnk, , [0b6346c7b6d542f43847c7ec30d48080], PUP.Optional.DailyPCClean.A, C:\Users\Enno\AppData\Local\DailyPcClean Support\updpcc_en_009010071.cyl, , [6b03dc311a712115314fa50eb153d32d], PUP.Optional.DailyPCClean.A, C:\Users\Enno\Documents\DailyPCClean\CookieExclusions.txt, , [06682de01a71db5b265bad061ee6857b], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPcClean Support\unins000.dat, , [046ac8453f4cee484a38357e38cc1be5], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPcClean Support\unins000.exe, , [046ac8453f4cee484a38357e38cc1be5], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\HomePage.url, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\Animation.gif, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\Brazilian.ini, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\CookieExclusions.txt, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\Czech.ini, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\DailyPCClean.chm, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\Danish.ini, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\Dutch.ini, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\English.ini, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\file_id.diz, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\Finnish.ini, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\French.ini, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\German.ini, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\Italian.ini, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\Japanese.ini, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\Norwegian.ini, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\Polish.ini, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\Portuguese.ini, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\Russian.ini, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\Scanning.gif, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\SDesc.txt, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\Spanish.ini, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\sqlite3.dll, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\Swedish.ini, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\unins000.dat, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Program Files\DailyPCClean\unins000.exe, , [26484cc1880370c66d166b489173d62a], PUP.Optional.DailyPCClean.A, C:\Users\Enno\AppData\Roaming\DailyPCClean\Log\Monitor.log, , [e48a838abbd07eb84f5b8037f80c837d], PUP.Optional.ShopperPro, C:\Program Files\ShopperPro\JSDriver\1.42.1.2367\jsdrv.exe, , [a3cbdf2e088349edf9d01733ee1525db], PUP.Optional.IHProtect.A, C:\Program Files\MiniLite\ProtectService.exe, , [6c022edfb5d64ee899585bd960a36898], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\globalupdate.exe, , [b7b7ac610388ad8948282bd114ee6e92], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\globalupdateBroker.exe, , [b7b7ac610388ad8948282bd114ee6e92], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\globalupdateCrashHandler.exe, , [b7b7ac610388ad8948282bd114ee6e92], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\globalupdateHelper.msi, , [b7b7ac610388ad8948282bd114ee6e92], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\globalupdateOnDemand.exe, , [b7b7ac610388ad8948282bd114ee6e92], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\goopdate.dll, , [b7b7ac610388ad8948282bd114ee6e92], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, , [b7b7ac610388ad8948282bd114ee6e92], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll, , [b7b7ac610388ad8948282bd114ee6e92], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\psmachine.dll, , [b7b7ac610388ad8948282bd114ee6e92], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\psuser.dll, , [b7b7ac610388ad8948282bd114ee6e92], PUP.Optional.GlobalUpdate.A, C:\Users\Enno\AppData\Local\Temp\comh.204480\globalupdateHelper.msi, , [bcb26f9ecbc030065d2824d8798944bc], PUP.Optional.GlobalUpdate.A, C:\Users\Enno\AppData\Local\Temp\comh.289025\globalupdateHelper.msi, , [086656b75b30fb3b2164fdff6a98817f], PUP.Optional.GlobalUpdate.A, C:\Users\Enno\AppData\Local\Temp\comh.54441\globalupdateHelper.msi, , [5717a06d1477072fc3c26894ae5457a9], PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbia.exe, , [2a4497768209231336e8cc35f60de61a], PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbici32.dll, , [2a4497768209231336e8cc35f60de61a], PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\config.json, , [5e10bf4e721981b54eb4976b0300e21e], PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\database1_0_0.ej, , [5e10bf4e721981b54eb4976b0300e21e], PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\spbihe.js, , [5e10bf4e721981b54eb4976b0300e21e], PUP.Optional.GamesDesktop.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP\GamesDesktop.lnk, , [6fff19f4bad15adca16e65a64cb74db3], PUP.Optional.GamesDesktop.A, C:\Users\Enno\AppData\Local\gmsd_de_005010071\upgmsd_de_005010071.cyl, , [2d41a26b4e3d59dd838db655d2317d83], PUP.Optional.GamesDesktop.A, C:\Users\Enno\AppData\Local\gmsd_de_005010071\gmsd_de_005010071\1.20\cnf.cyl, , [2d41a26b4e3d59dd838db655d2317d83], PUP.Optional.GamesDesktop.A, C:\Program Files\gmsd_de_005010071\unins000.dat, , [b0beb558721939fd64ad0ffc55aede22], PUP.Optional.GamesDesktop.A, C:\Program Files\gmsd_de_005010071\unins000.msg, , [b0beb558721939fd64ad0ffc55aede22], PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro\JsDriver\Config.xml, , [412d8885791277bfb04a110319ea619f], PUP.Optional.SpaceSoundPro.A, C:\Program Files\SpaceSondPro_v53.1700\SpaceSondPro_Service.exe, , [ef7f17f60a8190a6c2628e8cb05337c9], PUP.Optional.SpaceSoundPro.A, C:\Users\Enno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpaceSoundPro 1.0\SpaceSoundPro.lnk, , [d698cb42107bf343dd9b52c89e659769], PUP.Optional.SpaceSoundPro.A, C:\Users\Enno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpaceSoundPro 1.0\Uninstall.lnk, , [d698cb42107bf343dd9b52c89e659769], PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Config.xml, , [caa47c91f992cf67d8e8e43622e1ae52], PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\ExtTag.dll, , [caa47c91f992cf67d8e8e43622e1ae52], PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\ExtTag.exe.config, , [caa47c91f992cf67d8e8e43622e1ae52], PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\uninstall.exe, , [caa47c91f992cf67d8e8e43622e1ae52], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Enno\AppData\Roaming\mystartsearch\402.json, , [94da7b9212790e2895c04ecde3208e72], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Enno\AppData\Roaming\mystartsearch\bnd, , [94da7b9212790e2895c04ecde3208e72], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Enno\AppData\Roaming\mystartsearch\uninstallDlg2.xml, , [94da7b9212790e2895c04ecde3208e72], PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Enno\AppData\Roaming\mystartsearch\UninstallManager.exe, , [94da7b9212790e2895c04ecde3208e72], PUP.Optional.ProtectWindowsManager.F, C:\ProgramData\BWinManProB\WinManPro.exe, , [ef7f18f50c7f3ff72b3e57c4c340b24e], PUP.Optional.ProtectWindowsManager.F, C:\ProgramData\pWinManProp\updateconf, , [323c0d006922270f9acf24f7d330f808], PUP.Optional.ProtectWindowsManager.F, C:\ProgramData\pWinManProp\WinManPro.exe, , [323c0d006922270f9acf24f7d330f808], PUP.Optional.MiniLite.A, C:\Program Files\MiniLite\msvcp110.dll, , [006e58b52c5f0f27386aba62867d02fe], PUP.Optional.MiniLite.A, C:\Program Files\MiniLite\msvcr110.dll, , [006e58b52c5f0f27386aba62867d02fe], PUP.Optional.MiniLite.A, C:\Program Files\MiniLite\Uninstall.exe, , [006e58b52c5f0f27386aba62867d02fe], PUP.Optional.PennyBee.A, C:\ProgramData\IcyCarje\gigo3maw.dll, , [c7a738d56823280ec534d04c8d766b95], PUP.Optional.Vitruvian.A, C:\Program Files\WordSurfer_1.10.0.19\terms-of-service.rtf, , [80ee58b5f19af046a16e444ed035b947], PUP.Optional.Vitruvian.A, C:\Program Files\WordSurfer_1.10.0.19\3rd Party Licenses\buildcrx-license.txt, , [80ee58b5f19af046a16e444ed035b947], PUP.Optional.Vitruvian.A, C:\Program Files\WordSurfer_1.10.0.19\3rd Party Licenses\Info-ZIP-license.txt, , [80ee58b5f19af046a16e444ed035b947], PUP.Optional.Vitruvian.A, C:\Program Files\WordSurfer_1.10.0.19\3rd Party Licenses\JSON-simple-license.txt, , [80ee58b5f19af046a16e444ed035b947], PUP.Optional.Vitruvian.A, C:\Program Files\WordSurfer_1.10.0.19\3rd Party Licenses\nsJSON-license.txt, , [80ee58b5f19af046a16e444ed035b947], PUP.Optional.Vitruvian.A, C:\Program Files\WordSurfer_1.10.0.19\3rd Party Licenses\Nustache-license.txt, , [80ee58b5f19af046a16e444ed035b947], PUP.Optional.Vitruvian.A, C:\Program Files\WordSurfer_1.10.0.19\3rd Party Licenses\TaskScheduler-license.txt, , [80ee58b5f19af046a16e444ed035b947], PUP.Optional.Vitruvian.A, C:\Program Files\WordSurfer_1.10.0.19\3rd Party Licenses\UAC-license.txt, , [80ee58b5f19af046a16e444ed035b947], PUP.Optional.Vitruvian.A, C:\Program Files\WordSurfer_1.10.0.19\Update\Microsoft.Win32.TaskScheduler.dll, , [80ee58b5f19af046a16e444ed035b947], PUP.Optional.Vitruvian.A, C:\Program Files\WordSurfer_1.10.0.19\Update\Nustache.Core.dll, , [80ee58b5f19af046a16e444ed035b947], PUP.Optional.Vitruvian.A, C:\Program Files\WordSurfer_1.10.0.19\Update\WordSurferAutoUpdateClient.exe.config, , [80ee58b5f19af046a16e444ed035b947], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) |
|
26.08.2015, 17:34
| #2 |
| /// the machine /// TB-Ausbilder    | Falsche Seite besucht, nun Trojaner-Problem Trojan.Agent.MSIL etc hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
26.08.2015, 18:09
| #3 |
| | Falsche Seite besucht, nun Trojaner-Problem Trojan.Agent.MSIL etc Hallo Schrauber
__________________ Hier die Beiden Logs! Danke für deine Hilfe! FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:25-08-2015 02 durchgeführt von Enno (Administrator) auf ENNO-PC (26-08-2015 19:03:24) Gestartet von C:\Users\Enno\Desktop Geladene Profile: Enno (Verfügbare Profile: Enno) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe () C:\Program Files\YTDownloader\BrowserHelperSrv.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe () C:\Users\Enno\AppData\Local\Damfase.exe () C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\hnsg962D.tmp (Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (MiniLite system) C:\Program Files\MiniLite\ProtectService.exe () C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\jnsg7D2F.tmp (Lavasoft Limited) C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe () C:\Program Files\NixSrv\NixSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe (Wizzlabs) C:\Users\Enno\AppData\Local\Temp\WIZZ\ioprotect.exe (ObjectB) C:\Program Files\Object Browser\398b2968-0633-406f-80f8-df8ed6acae59-6.exe (Webby) C:\Program Files\iWebar\8b5117f2-af65-4def-9102-5938876ca8a4-1-6.exe (Webby) C:\Program Files\iWebar\8b5117f2-af65-4def-9102-5938876ca8a4-6.exe (ObjectB) C:\Program Files\Object Browser\398b2968-0633-406f-80f8-df8ed6acae59-1-6.exe (Goobzo) C:\Program Files\YTDownloader\BrowserHelper.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe () C:\Users\Enno\AppData\Local\DailyPcClean Support\updpcc_en_009010071.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe () C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\knsg62F5.tmpfs () C:\Program Files\WajaInternetEn\wajam.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (IOPRODUCT) C:\Users\Enno\AppData\Local\Temp\WIZZ\ioproduct.exe () C:\Program Files\WajaInternetEn\wajam.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe () C:\Program Files\NixSrv\packages\66a80299-e89e-44a4-91cd-06b4636bea66\NixHost.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe (Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe (Space Sound Pro) C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe () C:\Program Files\ShopperPro\JSDriver\1.42.1.2367\jsdrv.exe (YTDownloader) C:\Program Files\YTDownloader\YTDownloader.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Lavasoft) C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2670592 2015-06-01] (Sony Corporation) HKLM\...\Run: [SmartWeb] => C:\Users\Enno\AppData\Local\SmartWeb\SmartWebHelper.exe HKLM\...\Run: [SpaceSoundPro] => C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe [4203520 2015-08-03] (Space Sound Pro) HKLM\...\Run: [SPDriver] => C:\Program Files\ShopperPro\JSDriver\1.42.1.2367\jsdrv.exe [3225088 2015-08-25] () HKLM\...\Run: [gmsd_de_005010071] => "C:\Program Files\gmsd_de_005010071\gmsd_de_005010071.exe" HKLM\...\Run: [YTDownloader] => C:\Program Files\YTDownloader\YTDownloader.exe [1988528 2015-08-24] (YTDownloader) HKLM\...\RunOnce: [updpcc_en_009010071.exe] => C:\Users\Enno\AppData\Local\DailyPcClean Support\updpcc_en_009010071.exe [3333264 2015-08-25] () HKLM\...\RunOnce: [IOPROTECT] => C:\Users\Enno\AppData\Local\Temp\WIZZ\ioproduct_service.bat [120 2015-08-26] () <===== ACHTUNG HKLM\...\RunOnce: [upgmsd_de_005010071.exe] => C:\Users\Enno\AppData\Local\gmsd_de_005010071\upgmsd_de_005010071.exe [3333776 2015-08-25] () HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.) HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe [1381648 2015-06-08] (Lavasoft) HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\...\Run: [SPDriver] => C:\Program Files\ShopperPro\JSDriver\1.42.1.2367\jsdrv.exe [3225088 2015-08-25] () HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\...\Run: [YTDownloader] => C:\Program Files\YTDownloader\YTDownloader.exe [1988528 2015-08-24] (YTDownloader) HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2015-07-20] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK-Konfigurationstool.lnk [2015-07-04] ShortcutTarget: TP-LINK-Konfigurationstool.lnk -> C:\Program Files\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe () Startup: C:\Users\Enno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-08-25] ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Users\Enno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk [2015-08-26] ShortcutTarget: SmartWeb.lnk -> C:\Users\Enno\AppData\Local\SmartWeb\SmartWebHelper.exe (Keine Datei) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) ProxyServer: [S-1-5-21-3873983982-3366287411-1273497978-1000] => http=127.0.0.1:49210;https=127.0.0.1:49210 HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=D082515-AAF1615ED1F&form=CONMHP&conlogo=CT3334471 HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp SearchScopes: HKU\S-1-5-21-3873983982-3366287411-1273497978-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D082515-AAF1615ED1F&form=CONBDF&conlogo=CT3334471&q={searchTerms} SearchScopes: HKU\S-1-5-21-3873983982-3366287411-1273497978-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D082515-AAF1615ED1F&form=CONBDF&conlogo=CT3334471&q={searchTerms} BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro.dll [2015-08-25] (Goobzo Ltd.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) Winsock: Catalog9 01 C:\Windows\system32\LavasoftTcpService.dll [348488 2015-08-26] (Lavasoft Limited) Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll [348488 2015-08-26] (Lavasoft Limited) Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll [348488 2015-08-26] (Lavasoft Limited) Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll [348488 2015-08-26] (Lavasoft Limited) Winsock: Catalog9 15 C:\Windows\system32\LavasoftTcpService.dll [348488 2015-08-26] (Lavasoft Limited) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{6D09965C-7A4F-4649-9D88-FC9EE81FC8C8}: [DhcpNameServer] 192.168.1.1 192.168.1.1 StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.oursurfing.com/?type=sc&ts=1440540046&z=e53700e706dde49439f6735g1z3z6e1wcz6e4ebz2g&from=2sq&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1025257452574 FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation) FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-08-26] (globalUpdate) FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-08-26] (globalUpdate) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2001-12-31] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2001-12-31] (Google Inc.) Chrome: ======= CHR Profile: C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-04] CHR Extension: (Google Docs) - C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-04] CHR Extension: (Google Drive) - C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-04] CHR Extension: (YouTube) - C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-04] CHR Extension: (Google Search) - C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-04] CHR Extension: (Google Sheets) - C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-04] CHR Extension: (Jeffrey's Exif viewer) - C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Extensions\glpbdeclgjmeoojlmhpamjddandmplki [2015-07-04] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-04] CHR Extension: (Skype Click to Call) - C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-08-02] CHR Extension: (Ghostery) - C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-07-04] CHR Extension: (Chrome Web Store Payments) - C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-04] CHR Extension: (Gmail) - C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-04] CHR HKLM\...\Chrome\Extension: [dnligehkhogpcngalffdoomehjcbecna] - https://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [gehmndecgbcffhmfjkenpamdgechcgpe] - https://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01] StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe hxxp://www.mystartsearch.com/?type=sc&ts=1440542810&z=8730ae1ddcc7422eba20b2fg5zcz1e8w8zbofqct0z&from=cmi&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1025257452574 ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-08-25] (Adobe Systems) [Datei ist nicht signiert] R2 BrsHelper; C:\Program Files\YTDownloader\BrowserHelperSrv.exe [112560 2015-08-24] () R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation) R2 downloacyi; C:\Users\Enno\AppData\Local\Damfase.exe [50688 2015-08-26] () [Datei ist nicht signiert] R2 fimevebo; C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\hnsg962D.tmp [137728 2015-08-26] () [Datei ist nicht signiert] R2 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-07-16] (Foxit Software Inc.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [921232 2015-07-24] (NVIDIA Corporation) R2 IHProtect Service; C:\Program Files\MiniLite\ProtectService.exe [132768 2015-08-24] (MiniLite system) R2 jimocoso; C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\jnsg7D2F.tmp [227328 2015-08-26] () [Datei ist nicht signiert] R2 LavasoftTcpService; C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751792 2015-06-08] (Lavasoft Limited) R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 NixSrv; C:\Program Files\NixSrv\NixSrv.exe [379392 2015-08-25] () [Datei ist nicht signiert] <==== ACHTUNG R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20694160 2015-06-24] (NVIDIA Corporation) R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [494592 2015-06-01] (Sony Corporation) R2 SearchProtectionService; C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [19816 2015-06-08] () R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH) R2 WajaInternetEn Monitor; C:\Program Files\WajaInternetEn\wajam.exe [1730560 2015-08-17] () [Datei ist nicht signiert] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) S2 ExtTag; C:\ProgramData\ExtTag\ExtTag.exe [X] S2 globalUpdate; C:\Program Files\globalUpdate\Update\globalupdate.exe /svc [X] <==== ACHTUNG S3 globalUpdatem; C:\Program Files\globalUpdate\Update\globalupdate.exe /medsvc [X] <==== ACHTUNG S2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe /service [X] R2 toxovyne; C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\knsg62F5.tmpfs [X] S2 wsasvc_1.10.0.19; "C:\Program Files\WordSurfer_1.10.0.19\Service\wsasvc.exe" [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [98520 2015-08-26] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] () R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [41648 2015-05-19] (NVIDIA Corporation) R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [801896 2012-10-25] (Realtek Semiconductor Corporation ) R2 sbmntr; C:\Program Files\YTDownloader\sbmntr.sys [49824 2015-08-24] (YTDownloader) R2 SPDRIVER_1.42.1.2367; C:\Program Files\ShopperPro\JSDriver\1.42.1.2367\jsdrv.sys [41120 2015-08-25] () R1 wsafd_1_10_0_19; C:\Windows\System32\drivers\wsafd_1_10_0_19.sys [56448 2015-06-16] (Word Surfer) S3 SPBIUpdd; \??\C:\Program Files\Common Files\ShopperPro\spbiw.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-26 19:03 - 2015-08-26 19:03 - 00019502 _____ C:\Users\Enno\Desktop\FRST.txt 2015-08-26 19:03 - 2015-08-26 19:03 - 00000000 ____D C:\FRST 2015-08-26 19:02 - 2015-08-26 19:02 - 01690112 _____ (Farbar) C:\Users\Enno\Desktop\FRST.exe 2015-08-26 19:02 - 2015-08-26 19:02 - 00017705 _____ C:\Users\Enno\Desktop\get-mirror-server.html 2015-08-26 17:44 - 2015-08-26 17:44 - 00000000 ____D C:\ProgramData\ExtTag 2015-08-26 00:55 - 2015-08-26 17:45 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-08-26 00:55 - 2015-08-26 00:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-08-26 00:55 - 2015-08-26 00:55 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-08-26 00:55 - 2015-08-26 00:55 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 2015-08-26 00:55 - 2015-06-18 08:41 - 00094936 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-08-26 00:55 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-08-26 00:55 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-08-26 00:54 - 2015-08-26 00:54 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Enno\Downloads\mbam-setup-2.1.8.1057 (1).exe 2015-08-26 00:49 - 2015-08-26 00:50 - 00000000 ____D C:\Users\Enno\AppData\Local\BrowserHelper 2015-08-26 00:48 - 2015-08-26 19:00 - 00003430 _____ C:\Windows\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-1-7.job 2015-08-26 00:48 - 2015-08-26 19:00 - 00003430 _____ C:\Windows\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-1-6.job 2015-08-26 00:48 - 2015-08-26 19:00 - 00003110 _____ C:\Windows\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-1-7.job 2015-08-26 00:48 - 2015-08-26 19:00 - 00002766 _____ C:\Windows\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-1-6.job 2015-08-26 00:48 - 2015-08-26 19:00 - 00002746 _____ C:\Windows\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-5_user.job 2015-08-26 00:48 - 2015-08-26 19:00 - 00002746 _____ C:\Windows\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-5.job 2015-08-26 00:48 - 2015-08-26 19:00 - 00002418 _____ C:\Windows\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-5_user.job 2015-08-26 00:48 - 2015-08-26 19:00 - 00002418 _____ C:\Windows\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-5.job 2015-08-26 00:48 - 2015-08-26 17:44 - 00000000 ____D C:\Program Files\gmsd_de_005010071 2015-08-26 00:48 - 2015-08-26 17:43 - 00000000 ____D C:\Users\Enno\AppData\Local\gmsd_de_005010071 2015-08-26 00:48 - 2015-08-26 00:48 - 00001899 _____ C:\Users\Enno\Desktop\YTDownloader.lnk 2015-08-26 00:48 - 2015-08-26 00:48 - 00000000 ____D C:\Users\Enno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader 2015-08-26 00:48 - 2015-08-26 00:48 - 00000000 ____D C:\Program Files\YTDownloader 2015-08-26 00:47 - 2015-08-26 19:00 - 00005818 _____ C:\Windows\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-6.job 2015-08-26 00:47 - 2015-08-26 19:00 - 00005490 _____ C:\Windows\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-6.job 2015-08-26 00:47 - 2015-08-26 19:00 - 00005474 _____ C:\Windows\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-7.job 2015-08-26 00:47 - 2015-08-26 19:00 - 00005154 _____ C:\Windows\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-7.job 2015-08-26 00:47 - 2015-08-26 19:00 - 00000000 ____D C:\Program Files\Object Browser 2015-08-26 00:47 - 2015-08-26 19:00 - 00000000 ____D C:\Program Files\iWebar 2015-08-26 00:47 - 2015-08-26 17:49 - 00000000 ____D C:\Program Files\Common Files\ShopperPro 2015-08-26 00:47 - 2015-08-26 17:47 - 00000000 ____D C:\Program Files\ShopperPro 2015-08-26 00:47 - 2015-08-26 17:43 - 00000000 ____D C:\Users\Enno\AppData\Local\DailyPcClean Support 2015-08-26 00:47 - 2015-08-26 00:48 - 00000000 ____D C:\Program Files\e6c775f4-fd06-4422-a78c-a41a05a8bbb8 2015-08-26 00:47 - 2015-08-26 00:48 - 00000000 ____D C:\Program Files\d79cd7cf-41ed-4e57-a8f2-a6d8595d9a6a 2015-08-26 00:47 - 2015-08-26 00:47 - 00001017 _____ C:\Users\Enno\Desktop\DailyPCClean.lnk 2015-08-26 00:47 - 2015-08-26 00:47 - 00000000 ____D C:\Users\Public\Documents\ShopperPro 2015-08-26 00:47 - 2015-08-26 00:47 - 00000000 ____D C:\Users\Enno\Documents\DailyPCClean 2015-08-26 00:47 - 2015-08-26 00:47 - 00000000 ____D C:\Users\Enno\AppData\Roaming\DailyPCClean 2015-08-26 00:47 - 2015-08-26 00:47 - 00000000 ____D C:\ProgramData\ShopperPro 2015-08-26 00:47 - 2015-08-26 00:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DailyPCClean 2015-08-26 00:47 - 2015-08-26 00:47 - 00000000 ____D C:\ProgramData\BWinManProB 2015-08-26 00:47 - 2015-08-26 00:47 - 00000000 ____D C:\Program Files\FastSearch 2015-08-26 00:47 - 2015-08-26 00:47 - 00000000 ____D C:\Program Files\DailyPcClean Support 2015-08-26 00:47 - 2015-08-26 00:47 - 00000000 ____D C:\Program Files\DailyPCClean 2015-08-26 00:46 - 2015-08-26 17:44 - 00000000 ____D C:\Users\Enno\AppData\Local\SmartWeb 2015-08-26 00:46 - 2015-08-26 00:48 - 00000801 _____ C:\task.vbs 2015-08-26 00:46 - 2015-08-26 00:47 - 00000000 ____D C:\Users\Enno\AppData\Roaming\mystartsearch 2015-08-26 00:46 - 2015-08-26 00:46 - 00001029 _____ C:\Users\Enno\Desktop\SpaceSoundPro.lnk 2015-08-26 00:46 - 2015-08-26 00:46 - 00000008 _____ C:\END 2015-08-26 00:46 - 2015-08-26 00:46 - 00000000 ____D C:\Users\Enno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpaceSoundPro 1.0 2015-08-26 00:46 - 2015-08-26 00:46 - 00000000 ____D C:\Users\Enno\AppData\Local\CrashRpt 2015-08-26 00:46 - 2015-08-26 00:46 - 00000000 ____D C:\Program Files\WordSurfer_1.10.0.19 2015-08-26 00:46 - 2015-08-26 00:46 - 00000000 ____D C:\Program Files\SpaceSoundPro 2015-08-26 00:46 - 2015-08-26 00:46 - 00000000 ____D C:\Program Files\SpaceSondPro_v53.1700 2015-08-26 00:46 - 2015-08-26 00:46 - 00000000 ____D C:\Program Files\SpaceSondPro 2015-08-26 00:46 - 2015-08-26 00:46 - 00000000 _____ C:\dummy.htm 2015-08-26 00:22 - 2015-08-26 00:22 - 00000000 ____D C:\Users\Enno\Desktop\Nightwish Wishmaster 2015-08-26 00:10 - 2015-08-26 00:10 - 00000000 ____D C:\Windows\system32\appmgmt 2015-08-26 00:08 - 2015-08-26 00:08 - 00002888 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini 2015-08-26 00:08 - 2015-08-26 00:08 - 00000246 _____ C:\prefs.js 2015-08-26 00:08 - 2015-08-26 00:08 - 00000000 ____D C:\Users\Enno\AppData\Local\Lavasoft 2015-08-26 00:08 - 2015-08-26 00:08 - 00000000 ____D C:\searchplugins 2015-08-26 00:07 - 2015-08-26 00:07 - 00000000 ____D C:\Users\Enno\AppData\Roaming\Lavasoft 2015-08-26 00:07 - 2015-08-26 00:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft 2015-08-26 00:07 - 2015-08-26 00:07 - 00000000 ____D C:\ProgramData\Lavasoft 2015-08-26 00:07 - 2015-08-26 00:07 - 00000000 ____D C:\Program Files\Lavasoft 2015-08-26 00:07 - 2015-06-08 14:13 - 00348488 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll 2015-08-26 00:03 - 2015-08-26 00:09 - 00000000 ____D C:\Users\Enno\AppData\Roaming\MiniGet 2015-08-26 00:03 - 2015-08-26 00:09 - 00000000 ____D C:\Program Files\MiniGet 2015-08-26 00:02 - 2015-08-26 19:00 - 00000888 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job 2015-08-26 00:02 - 2015-08-26 17:43 - 00001016 _____ C:\Windows\Tasks\y51qdxgtcP8Lm2WD9B3HcgjE.job 2015-08-26 00:02 - 2015-08-26 00:12 - 00000388 _____ C:\Windows\Tasks\Tempo Runner gigo6maw.job 2015-08-26 00:02 - 2015-08-26 00:02 - 00000000 ____D C:\Users\Enno\AppData\Roaming\Opera Software 2015-08-26 00:02 - 2015-08-26 00:02 - 00000000 ____D C:\Users\Enno\AppData\Local\Opera Software 2015-08-26 00:02 - 2015-08-26 00:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-08-26 00:01 - 2015-08-26 17:52 - 00000000 ____D C:\Program Files\Search Extensions 2015-08-26 00:01 - 2015-08-26 17:44 - 00000000 ____D C:\ProgramData\update 2015-08-26 00:01 - 2015-08-26 17:43 - 00000884 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job 2015-08-26 00:01 - 2015-08-26 01:01 - 00000000 ____D C:\Program Files\NixSrv 2015-08-26 00:01 - 2015-08-26 00:47 - 00000124 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat 2015-08-26 00:01 - 2015-08-26 00:47 - 00000000 ____D C:\Program Files\MiniLite 2015-08-26 00:01 - 2015-08-26 00:07 - 00000000 ____D C:\Users\Enno\AppData\Local\C56FE3C0-1440547317-11DC-85B8-001E8CAAE9F4 2015-08-26 00:01 - 2015-08-26 00:02 - 00000000 ____D C:\ProgramData\pWinManProp 2015-08-26 00:01 - 2015-08-26 00:01 - 00050688 _____ C:\Users\Enno\AppData\Local\Damfase.exe 2015-08-26 00:01 - 2015-08-26 00:01 - 00000187 _____ C:\Users\Enno\AppData\Local\Damfase.exe.config 2015-08-26 00:01 - 2015-08-26 00:01 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7 2015-08-26 00:01 - 2015-08-26 00:01 - 00000000 ____D C:\Users\Enno\AppData\Local\globalUpdate 2015-08-26 00:01 - 2015-08-26 00:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-08-26 00:01 - 2015-08-26 00:01 - 00000000 ____D C:\Program Files\globalUpdate 2015-08-26 00:01 - 2009-06-10 23:39 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak 2015-08-26 00:00 - 2015-08-26 18:13 - 00000000 ____D C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4 2015-08-26 00:00 - 2015-08-26 18:05 - 00000340 ____H C:\Windows\Tasks\XAEYEBBXHCTFKVPP.job 2015-08-26 00:00 - 2015-08-26 18:05 - 00000000 ____D C:\ProgramData\Service8119 2015-08-26 00:00 - 2015-08-26 17:43 - 00000334 _____ C:\Windows\Tasks\KWTWFO1.job 2015-08-26 00:00 - 2015-08-26 00:13 - 00000000 ____D C:\ProgramData\IcyCarje 2015-08-26 00:00 - 2015-08-26 00:12 - 00000000 ____D C:\Users\Enno\AppData\Roaming\oursurfing 2015-08-26 00:00 - 2015-08-26 00:06 - 00000000 ____D C:\Program Files\Opera 2015-08-26 00:00 - 2015-08-26 00:00 - 00000000 ____D C:\ProgramData\12db864551ae4c578eb17db1a9f5d3cf 2015-08-25 23:59 - 2015-08-25 23:59 - 00000000 ____D C:\Users\Enno\Downloads\Adobe+Lightroom+6+Crack+Plus+Serial+Number+Full+Free+Download 2015-08-25 23:58 - 2015-08-25 23:58 - 00326318 _____ C:\Users\Enno\Downloads\Adobe+Lightroom+6+Crack+Plus+Serial+Number+Full+Free+Download.rar 2015-08-25 23:52 - 2015-08-25 23:55 - 00000000 ____D C:\Users\Enno\AppData\Local\Adobe 2015-08-25 23:52 - 2015-08-25 23:52 - 00000000 ____D C:\Users\Enno\Documents\Updater 2015-08-25 23:46 - 2015-08-25 23:46 - 00002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk 2015-08-25 23:45 - 2015-08-25 23:45 - 00002041 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk 2015-08-25 23:45 - 2015-08-25 23:45 - 00000000 ____D C:\Users\Public\Documents\Adobe PDF 2015-08-25 23:45 - 2015-08-25 23:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe 2015-08-25 23:45 - 2015-08-25 23:45 - 00000000 ____D C:\Program Files\Common Files\Adobe Systems Shared 2015-08-25 23:44 - 2015-08-25 23:45 - 00000000 ____D C:\Program Files\Common Files\Adobe 2015-08-25 23:44 - 2015-08-25 23:44 - 00002015 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS2.lnk 2015-08-25 23:44 - 2015-08-25 23:44 - 00002012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady CS2.lnk 2015-08-25 23:44 - 2015-08-25 23:44 - 00000000 ____D C:\ProgramData\Adobe 2015-08-25 23:42 - 2015-08-25 23:47 - 00000000 ____D C:\Program Files\Adobe 2015-08-25 23:40 - 2015-08-25 23:41 - 00000000 ____D C:\PS_CS2_Gr_NonRet 2015-08-25 23:36 - 2015-08-25 23:40 - 375232764 _____ (Adobe Systems Inc. ) C:\Users\Enno\Downloads\PS_CS2_Gr_NonRet.exe 2015-08-25 23:12 - 2015-08-25 23:20 - 00000000 ____D C:\Users\Enno\Documents\Sony PMB 2015-08-25 23:12 - 2015-08-25 23:12 - 00000000 ____D C:\Users\Enno\AppData\Roaming\NVIDIA 2015-08-25 23:09 - 2015-08-25 23:09 - 00002159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home.lnk 2015-08-25 23:09 - 2015-08-25 23:09 - 00002135 _____ C:\Users\Public\Desktop\PlayMemories Home.lnk 2015-08-25 23:09 - 2015-08-25 23:09 - 00002021 _____ C:\Users\Public\Desktop\PlayMemories Home-Hilfe.lnk 2015-08-25 23:09 - 2015-08-25 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home 2015-08-25 23:08 - 2015-08-25 23:08 - 00000000 ____D C:\Users\Enno\AppData\Roaming\Sony Corporation 2015-08-25 23:04 - 2015-08-25 23:04 - 00000000 ____D C:\Program Files\Sony 2015-08-25 23:01 - 2015-08-25 23:05 - 00000000 ____D C:\ProgramData\Sony Corporation 2015-08-25 22:58 - 2015-08-25 22:59 - 16354304 _____ (Sony Corporation) C:\Users\Enno\Downloads\PMHOME_4301DL.exe 2015-08-25 03:00 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-08-25 03:00 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-08-24 17:27 - 2015-08-24 17:27 - 00000000 ____D C:\$SysReset 2015-08-24 02:00 - 2015-08-24 02:00 - 00141864 _____ C:\Users\Enno\Downloads\bluescreenview_setup.exe 2015-08-23 21:02 - 2015-08-24 17:23 - 223400594 _____ C:\Windows\MEMORY.DMP 2015-08-23 20:59 - 2015-08-26 00:55 - 00001064 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-08-23 20:57 - 2015-08-23 20:59 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Enno\Downloads\mbam-setup-2.1.8.1057.exe 2015-08-23 19:27 - 2015-08-23 19:27 - 00054680 _____ C:\Users\Enno\Documents\cc_20150823_192709.reg 2015-08-23 19:24 - 2015-08-23 19:25 - 05375464 _____ (Piriform Ltd) C:\Users\Enno\Downloads\ccsetup508_slim.exe 2015-08-19 18:42 - 2015-08-24 18:36 - 00000000 ____D C:\Users\Enno\Desktop\BaronReplays 2015-08-19 18:38 - 2015-08-19 18:39 - 26035284 _____ C:\Users\Enno\Downloads\BaronReplays.rar 2015-08-19 02:49 - 2015-08-24 18:36 - 00000000 ____D C:\Users\Enno\Documents\LOLReplay 2015-08-19 02:49 - 2015-08-19 02:49 - 01528823 _____ C:\Users\Enno\Downloads\LOLReplay-0.8.9.37.exe 2015-08-19 02:49 - 2015-08-19 02:49 - 00001920 _____ C:\Users\Public\Desktop\LOL Recorder.lnk 2015-08-17 17:48 - 2015-08-17 17:48 - 00008192 _____ C:\Windows\system32\config\userdiff 2015-08-17 17:32 - 2015-08-17 17:36 - 357922986 _____ (Sereby Corporation) C:\Users\Enno\Downloads\aio-runtimes_v2.3.0.exe 2015-08-17 17:17 - 2015-08-24 18:37 - 00000000 __SHD C:\Recovery 2015-08-17 16:34 - 2015-08-17 17:16 - 00010449 _____ C:\Windows\diagerr.xml 2015-08-17 16:34 - 2015-08-17 17:16 - 00009528 _____ C:\Windows\diagwrn.xml 2015-08-13 03:01 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-08-12 14:31 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2015-08-12 14:31 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-08-12 14:31 - 2015-07-30 19:57 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-08-12 14:31 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-08-12 14:31 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-08-12 14:31 - 2015-07-30 19:57 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-08-12 14:31 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-08-12 14:31 - 2015-07-30 18:52 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-08-12 14:31 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-08-12 14:31 - 2015-07-28 22:04 - 00015808 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-08-12 14:31 - 2015-07-28 22:00 - 00952832 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-08-12 14:31 - 2015-07-28 22:00 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-08-12 14:31 - 2015-07-28 22:00 - 00598528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-08-12 14:31 - 2015-07-28 22:00 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-08-12 14:31 - 2015-07-28 22:00 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-08-12 14:31 - 2015-07-28 22:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-08-12 14:31 - 2015-07-28 21:54 - 00934400 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-08-12 14:31 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-08-12 14:31 - 2015-07-20 19:56 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-08-12 14:31 - 2015-07-20 19:56 - 02061312 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-08-12 14:31 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-08-12 14:31 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-08-12 14:31 - 2015-07-20 19:56 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-08-12 14:31 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-08-12 14:31 - 2015-07-20 19:56 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-08-12 14:31 - 2015-07-20 19:56 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-08-12 14:31 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-08-12 14:31 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-08-12 14:31 - 2015-07-20 19:56 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-08-12 14:31 - 2015-07-16 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-08-12 14:31 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-08-12 14:31 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-08-12 14:31 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-08-12 14:31 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-08-12 14:31 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-08-12 14:31 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-08-12 14:31 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-08-12 14:31 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-08-12 14:31 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-08-12 14:31 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-08-12 14:31 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-08-12 14:31 - 2015-07-16 21:39 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-08-12 14:31 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-08-12 14:31 - 2015-07-16 21:32 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-08-12 14:31 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-08-12 14:31 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-08-12 14:31 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-08-12 14:31 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-08-12 14:31 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-08-12 14:31 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-08-12 14:31 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-08-12 14:31 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-08-12 14:31 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-08-12 14:31 - 2015-07-16 21:06 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-08-12 14:31 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-08-12 14:31 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-08-12 14:31 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-08-12 14:31 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-08-12 14:31 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2015-08-12 14:31 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-08-12 14:31 - 2015-07-15 19:59 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-08-12 14:31 - 2015-07-15 19:59 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-08-12 14:31 - 2015-07-15 19:59 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-08-12 14:31 - 2015-07-15 19:56 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-08-12 14:31 - 2015-07-15 19:55 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2015-08-12 14:31 - 2015-07-15 19:55 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-08-12 14:31 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-08-12 14:31 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-08-12 14:31 - 2015-07-15 19:55 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-08-12 14:31 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-08-12 14:31 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-08-12 14:31 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-08-12 14:31 - 2015-07-15 19:55 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-08-12 14:31 - 2015-07-15 19:54 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-08-12 14:31 - 2015-07-15 19:54 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-08-12 14:31 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-08-12 14:31 - 2015-07-15 19:54 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-08-12 14:31 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-08-12 14:31 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-08-12 14:31 - 2015-07-15 19:54 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-08-12 14:31 - 2015-07-15 19:54 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-08-12 14:31 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2015-08-12 14:31 - 2015-07-15 19:54 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-08-12 14:31 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-08-12 14:31 - 2015-07-15 19:54 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2015-08-12 14:31 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-08-12 14:31 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-08-12 14:31 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-08-12 14:31 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-08-12 14:31 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-08-12 14:31 - 2015-07-15 18:36 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-08-12 14:31 - 2015-07-15 18:36 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-08-12 14:31 - 2015-07-15 18:36 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-08-12 14:31 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2015-08-12 14:31 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-08-12 14:31 - 2015-07-15 04:55 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll 2015-08-12 14:31 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2015-08-12 14:31 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2015-08-12 14:31 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-08-12 14:31 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-08-12 14:31 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2015-08-12 14:31 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2015-08-12 14:31 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe 2015-08-12 14:31 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\notepad.exe 2015-08-12 14:31 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2015-08-12 14:31 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2015-08-12 14:31 - 2015-05-09 20:09 - 00715200 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll 2015-08-02 00:02 - 2015-08-24 18:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps 2015-08-02 00:02 - 2015-08-02 00:02 - 00000562 _____ C:\Users\Public\Desktop\Fraps.lnk 2015-08-02 00:02 - 2015-08-02 00:02 - 00000000 ____D C:\Fraps 2015-08-02 00:00 - 2015-08-02 00:00 - 02326976 _____ (Beepa Pty Ltd) C:\Users\Enno\Downloads\setup.exe 2015-08-01 22:14 - 2015-08-01 22:14 - 00000000 ____D C:\Users\Enno\Tracing 2015-08-01 22:13 - 2015-08-01 22:13 - 00000000 ____D C:\Users\Enno\AppData\Local\Skype 2015-08-01 22:12 - 2015-08-26 19:01 - 00000000 ____D C:\Users\Enno\AppData\Roaming\Skype 2015-08-01 22:12 - 2015-08-24 18:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-08-01 22:12 - 2015-08-01 22:18 - 00000000 ___RD C:\Program Files\Skype 2015-08-01 22:12 - 2015-08-01 22:12 - 00002687 _____ C:\Users\Public\Desktop\Skype.lnk 2015-08-01 22:12 - 2015-08-01 22:12 - 00000000 ____D C:\ProgramData\Skype 2015-08-01 22:12 - 2015-08-01 22:12 - 00000000 ____D C:\Program Files\Common Files\Skype 2015-08-01 22:11 - 2015-08-01 22:11 - 01384064 _____ (Skype Technologies S.A.) C:\Users\Enno\Downloads\SkypeSetup.exe 2015-07-28 20:42 - 2015-07-28 20:42 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2015-07-27 20:11 - 2015-07-27 20:11 - 00000000 ____D C:\Users\Enno\Desktop\Sabaton ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-26 18:42 - 2015-07-04 20:55 - 01067307 _____ C:\Windows\WindowsUpdate.log 2015-08-26 18:23 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET 2015-08-26 18:12 - 2015-07-04 21:15 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-08-26 17:59 - 2015-07-04 21:16 - 00002457 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-08-26 17:58 - 2009-07-14 06:34 - 00014336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-08-26 17:58 - 2009-07-14 06:34 - 00014336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-08-26 17:43 - 2015-07-04 21:15 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-08-26 17:43 - 2009-07-14 06:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-08-26 17:42 - 2015-07-05 16:32 - 00000000 ____D C:\ProgramData\NVIDIA 2015-08-26 17:42 - 2015-07-05 04:40 - 00080870 _____ C:\Windows\PFRO.log 2015-08-26 17:42 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-08-26 17:42 - 2009-07-14 06:39 - 00030935 _____ C:\Windows\setupact.log 2015-08-26 01:13 - 2015-07-04 21:04 - 01593956 _____ C:\Windows\system32\PerfStringBackup.INI 2015-08-26 00:48 - 2015-07-05 16:32 - 00000000 ____D C:\Program Files\AGEIA Technologies 2015-08-26 00:48 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\System 2015-08-26 00:46 - 2015-07-04 21:01 - 00001719 _____ C:\Users\Enno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-08-26 00:14 - 2009-07-14 06:33 - 00269504 _____ C:\Windows\system32\FNTCACHE.DAT 2015-08-26 00:01 - 2015-07-04 21:13 - 00058016 _____ C:\Users\Enno\AppData\Local\GDIPFONTCACHEV1.DAT 2015-08-25 23:52 - 2015-07-05 15:35 - 00000000 ____D C:\Users\Enno\AppData\Roaming\Adobe 2015-08-25 23:16 - 2015-07-04 21:01 - 00000000 ____D C:\Users\Enno 2015-08-24 18:31 - 2015-07-20 03:01 - 00000000 ____D C:\Windows\system32\SPReview 2015-08-24 18:31 - 2015-07-20 03:00 - 00000000 ____D C:\Windows\system32\EventProviders 2015-08-24 18:31 - 2015-07-11 11:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live 2015-08-24 18:31 - 2015-07-11 11:38 - 00000000 ____D C:\Windows\de 2015-08-24 18:31 - 2015-07-11 11:25 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information 2015-08-24 18:31 - 2015-07-11 11:25 - 00000000 ____D C:\Windows\system32\STRING 2015-08-24 18:31 - 2015-07-11 11:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series 2015-08-24 18:31 - 2015-07-07 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader 2015-08-24 18:31 - 2015-07-05 20:51 - 00000000 ____D C:\Users\Enno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-08-24 18:31 - 2015-07-05 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-08-24 18:31 - 2015-07-05 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-08-24 18:31 - 2015-07-05 15:52 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-08-24 18:31 - 2015-07-05 15:52 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2015-08-24 18:31 - 2015-07-04 21:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-08-24 18:31 - 2015-07-04 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK 2015-08-24 18:31 - 2009-07-14 10:47 - 00000000 ____D C:\Windows\system32\Drivers\de-DE 2015-08-24 18:31 - 2009-07-14 10:47 - 00000000 ____D C:\Windows\DigitalLocker 2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 __RSD C:\Windows\Media 2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public 2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-TW 2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-HK 2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-CN 2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\tr-TR 2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\sv-SE 2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ru-RU 2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\Recovery 2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-PT 2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-BR 2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pl-PL 2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nl-NL 2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nb-NO 2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ko-KR 2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ja-JP 2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\it-IT 2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\hu-HU 2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fr-FR 2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fi-FI 2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\el-GR 2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE 2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-08-24 17:41 - 2015-07-10 15:39 - 00000000 ___HD C:\$Windows.~BT 2015-08-19 22:52 - 2015-07-11 11:33 - 00000000 ____D C:\Users\Enno\AppData\Local\Windows Live 2015-08-17 17:27 - 2015-07-05 16:22 - 00001412 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2015-08-17 17:16 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Registration 2015-08-17 16:37 - 2009-07-14 06:34 - 00002531 _____ C:\Windows\DtcInstall.log 2015-08-17 16:34 - 2009-07-14 06:39 - 00000495 _____ C:\Windows\setuperr.log 2015-08-17 16:33 - 2015-07-04 21:52 - 00000000 ____D C:\Windows\Panther 2015-08-15 18:56 - 2015-07-06 17:48 - 00000000 ____D C:\Program Files\TeamViewer 2015-08-14 18:44 - 2015-07-06 17:48 - 00000929 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-08-14 18:44 - 2015-07-06 17:48 - 00000917 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk 2015-08-13 19:11 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache 2015-08-13 03:27 - 2001-12-31 23:02 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-08-13 03:27 - 2001-12-31 23:02 - 00000000 ____D C:\Windows\system32\appraiser 2015-08-13 03:09 - 2015-07-12 05:12 - 00000000 ____D C:\Windows\system32\MRT 2015-08-13 03:03 - 2015-07-12 05:12 - 129304528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-08-09 21:22 - 2015-07-07 19:10 - 00000000 ____D C:\Users\Enno\AppData\Roaming\Foxit Software ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Enno\AppData\Roaming\y51qdxgtcP8Lm2WD9B3HcgjE 2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Enno\AppData\Roaming\y51qdxgtcP8Lm2WD9B3HcgjE.exe 2015-08-26 00:01 - 2015-08-26 00:01 - 0050688 _____ () C:\Users\Enno\AppData\Local\Damfase.exe 2015-08-26 00:01 - 2015-08-26 00:01 - 0000187 _____ () C:\Users\Enno\AppData\Local\Damfase.exe.config 2015-08-26 00:01 - 2015-08-26 00:47 - 0000124 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Enno\AppData\Local\Temp\WIZZ\ioproduct_service.bat Einige Dateien in TEMP: ==================== C:\Users\Enno\AppData\Local\Temp\5651.exe C:\Users\Enno\AppData\Local\Temp\beeafjibae.exe C:\Users\Enno\AppData\Local\Temp\BingBarSetup-Partner.exe C:\Users\Enno\AppData\Local\Temp\bitool.dll C:\Users\Enno\AppData\Local\Temp\MSETUP4.EXE C:\Users\Enno\AppData\Local\Temp\nsqC8B1.exe C:\Users\Enno\AppData\Local\Temp\Quarantine.exe C:\Users\Enno\AppData\Local\Temp\setup.exe C:\Users\Enno\AppData\Local\Temp\Sienese.dll C:\Users\Enno\AppData\Local\Temp\sqlite3.dll C:\Users\Enno\AppData\Local\Temp\System.Data.SQLite.dll C:\Users\Enno\AppData\Local\Temp\System.Data.SQLite262e2ac1-c962-4d67-b2d6-751166dc9b75.dll C:\Users\Enno\AppData\Local\Temp\uninstall.exe C:\Users\Enno\AppData\Local\Temp\Zzoooomit_uninstall.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-08-24 18:53 ==================== Ende vom FRST.txt ============================ Code:
ATTFilter (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Ad-Aware Web Companion (Version: 2.0.1025.2130 - Lavasoft) Hidden
Adobe Photoshop CS2 (HKLM\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DailyPcClean Support (HKLM\...\dpcc_en_009010071_is1) (Version: - Tuto4PC.Com) <==== ACHTUNG
DailyPCClean v4.1 (HKLM\...\DailyPCClean_is1) (Version: 4.1 - Tuto4PC.Com) <==== ACHTUNG
FastSearch (HKLM\...\FastSearch) (Version: 3.0.1.1 - FastSearch)
Fotogalerie (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.6.124.715 - Foxit Software Inc.)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.0.8.1216 - Foxit Software Inc.)
Fraps (HKLM\...\Fraps) (Version: - )
GamesDesktop 014.005010071 (HKLM\...\gmsd_de_005010071_is1) (Version: - GAMESDESKTOP) <==== ACHTUNG
globalupdate Helper (Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ACHTUNG
Google Chrome (HKLM\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
iWebar (HKLM\...\iWebar) (Version: 1.36.01.22 - Webby) <==== ACHTUNG
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LavasoftTcpService (Version: 2.3.4.7 - Lavasoft) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MergeModule_x86 (Version: 9.3.00 - Sony Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
mystartsearch uninstall (HKLM\...\mystartsearch uninstall) (Version: - mystartsearch) <==== ACHTUNG
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Object Browser (HKLM\...\Object Browser) (Version: 1.36.01.22 - ObjectB) <==== ACHTUNG
PlayMemories Home (HKLM\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 4.3.01.06011 - Sony Corporation)
PMB_ModeEditor (Version: 9.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (Version: 9.3.01 - Sony Corporation) Hidden
RocketTab (HKLM\...\RocketTab) (Version: - RocketTab) <==== ACHTUNG
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
Shopper-Pro (HKLM\...\ShopperPro) (Version: - ) <==== ACHTUNG
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.7 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
SmartWeb (HKLM\...\SmartWeb) (Version: 8.0.9 - SoftBrain Technologies Ltd.) <==== ACHTUNG
SpaceSoundPro (HKLM\...\SpaceSoundPro) (Version: 1.0 - )
SpaceSoundPro Service (HKLM\...\zz.1700.ssp) (Version: 1.0.0 - CSDI)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.45862 - TeamViewer)
TP-LINK 300Mbps Wireless USB Adapter Treiber (HKLM\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
TP-LINK-Konfigurationstool (HKLM\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Wajam (HKLM\...\WajaInternetEn) (Version: 1.50.1.13 (i1.0) - Wajam) <==== ACHTUNG
Web Companion (HKLM\...\{88B10E3E-8911-4FAC-8663-CCF6E33C58B3}_WebCompanion) (Version: 2.0.1025.2130 - Lavasoft)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WordSurfer 1.10.0.19 (HKLM\...\WordSurfer_1.10.0.19) (Version: 1.10.0.19 - WordSurfer)
YTDownloader (HKLM\...\YTDownloader) (Version: - YTDownloader) <==== ACHTUNG
Zzoooomit (HKLM\...\ZoomWebLists) (Version: - ZoomWebLists)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
24-08-2015 17:47:44 Windows Update
25-08-2015 03:00:15 Windows Update
25-08-2015 23:09:13 DirectX wurde installiert
25-08-2015 23:43:22 Adobe Photoshop CS2 wird installiert
26-08-2015 00:07:19 LavasoftWeCompanion
26-08-2015 01:07:36 Windows Update
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {017EC1AD-1EBE-4077-B054-C303F723E9C9} - System32\Tasks\YTDownloader => C:\Program Files\YTDownloader\YTDownloader.exe [2015-08-24] (YTDownloader) <==== ACHTUNG
Task: {0258BB1C-8C54-4AF5-81B5-214B3B65CCFA} - System32\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-7 => C:\Program Files\Object Browser\398b2968-0633-406f-80f8-df8ed6acae59-7.exe <==== ACHTUNG
Task: {0DF703B7-999A-4291-A016-5BB4A8F3404B} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ACHTUNG
Task: {199D325D-C3D2-4A0C-ADE6-11E07F1490CE} - System32\Tasks\ShopperProJSUpd => C:\Program Files\ShopperPro\updater.exe <==== ACHTUNG
Task: {1C314A05-930A-48EC-958F-FA376E5D247B} - System32\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-1-6 => C:\Program Files\Object Browser\398b2968-0633-406f-80f8-df8ed6acae59-1-6.exe [2015-08-26] (ObjectB) <==== ACHTUNG
Task: {25A6E63B-8722-49C7-91AB-AB6D26CC586E} - System32\Tasks\XAEYEBBXHCTFKVPP => C:\ProgramData\Service8119\Service8119.exe <==== ACHTUNG
Task: {2BD05BA6-988D-4BD3-A9CD-9A39F80AF524} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> Keine Datei <==== ACHTUNG
Task: {31310569-7ABC-45B6-B696-3A680EE773C9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-07-04] (Google Inc.)
Task: {316608A6-BA89-4FA1-BE46-29E2F703661B} - System32\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-5 => C:\Program Files\iWebar\8b5117f2-af65-4def-9102-5938876ca8a4-5.exe <==== ACHTUNG
Task: {353D30AB-28AF-44E1-B4D8-A636D03DDB78} - System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core => C:\Program Files\WordSurfer_1.10.0.19\Update\WordSurferAutoUpdateClient.exe
Task: {39B5F7DB-4B7C-44A0-9308-22A85F4B35F7} - System32\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-6 => C:\Program Files\iWebar\8b5117f2-af65-4def-9102-5938876ca8a4-6.exe [2015-08-26] (Webby) <==== ACHTUNG
Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Keine Datei <==== ACHTUNG
Task: {61BE5CD5-119B-4036-8F24-E852270F8198} - System32\Tasks\ShopperPro => C:\Program Files\ShopperPro\ShopperPro.exe <==== ACHTUNG
Task: {6272CBB5-83F8-4F82-A993-60F5DABBCDCC} - System32\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-5 => C:\Program Files\Object Browser\398b2968-0633-406f-80f8-df8ed6acae59-5.exe <==== ACHTUNG
Task: {6367DAA3-103A-456A-81E4-9E10CD16E417} - System32\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-1-7 => C:\Program Files\iWebar\8b5117f2-af65-4def-9102-5938876ca8a4-1-7.exe <==== ACHTUNG
Task: {660A6186-B582-4655-91FD-00F79F30EA5F} - System32\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-1-6 => C:\Program Files\iWebar\8b5117f2-af65-4def-9102-5938876ca8a4-1-6.exe [2015-08-26] (Webby) <==== ACHTUNG
Task: {6B27241E-9852-41F5-AA65-A918F948B41A} - System32\Tasks\SPBIW_UpdateTask_Time_343037313738353638382d2355786c325a5b5734412d34 => Wscript.exe //B "C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe /invoke /f:check_services /l:0 <==== ACHTUNG
Task: {6D59F11D-2E43-4DD2-A3AE-07F4B3828AB3} - \RocketTab -> Keine Datei <==== ACHTUNG
Task: {6DDD497C-6410-4C28-8B57-C513B6FB9FD0} - System32\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-5_user => C:\Program Files\iWebar\8b5117f2-af65-4def-9102-5938876ca8a4-5.exe <==== ACHTUNG
Task: {6F1610C4-AA99-4813-BF04-47BAF2391AD9} - System32\Tasks\KWTWFO1 => C:\ProgramData\Kikblaster\Kikblaster.exe <==== ACHTUNG
Task: {780090FD-973E-4307-B6CA-FB3509A24B08} - System32\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-7 => C:\Program Files\iWebar\8b5117f2-af65-4def-9102-5938876ca8a4-7.exe <==== ACHTUNG
Task: {7A04D544-CAA2-4C18-B0C9-BD56AAB074F2} - System32\Tasks\y51qdxgtcP8Lm2WD9B3HcgjE => C:\Users\Enno\AppData\Roaming\y51qdxgtcP8Lm2WD9B3HcgjE.exe [2015-04-20] () <==== ACHTUNG
Task: {7A08FDCA-4565-472E-A276-66A904C93924} - System32\Tasks\SPDriver => C:\Program Files\ShopperPro\JSDriver\1.42.1.2367\jsdrv.exe [2015-08-25] () <==== ACHTUNG
Task: {80B06269-BD6A-4F61-A542-C9FBECBFB1E7} - System32\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-1-7 => C:\Program Files\Object Browser\398b2968-0633-406f-80f8-df8ed6acae59-1-7.exe <==== ACHTUNG
Task: {90452F77-2587-4EAF-B481-5420EB0D9759} - System32\Tasks\YTDownloaderUpd => C:\Program Files\YTDownloader\updater.exe [2015-08-24] (Goobzo) <==== ACHTUNG
Task: {9F54B95F-5096-4803-AE61-E9B3AC5B616D} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> Keine Datei <==== ACHTUNG
Task: {B1609609-6F28-4CC6-93E2-2BFE59C32C75} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-07-04] (Google Inc.)
Task: {B843833C-25B8-4108-AABD-18AAE51E4A43} - System32\Tasks\DailyPCClean Schedule => C:\Program Files\DailyPCClean\OSPCSchedule.exe
Task: {BC651D96-3151-426C-A6BB-AEB451B38295} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {BF980ADD-E14C-4424-9083-5296F2024042} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ACHTUNG
Task: {C58A1E3B-4306-419E-911C-4F2790A37869} - System32\Tasks\RocketTab Update Task => C:\Program Files\Search Extensions\uninstall.exe <==== ACHTUNG
Task: {C861244D-3A74-464B-A3F6-75CF5666660F} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ACHTUNG
Task: {D0D25D0D-77A6-4F67-98F9-B2EF69CE051A} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ACHTUNG
Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - \Microsoft\Windows\Application Experience\AitAgent -> Keine Datei <==== ACHTUNG
Task: {D8B210DF-4EFC-4002-976F-D611E1630BB7} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ACHTUNG
Task: {DB07FDFF-1688-4D19-A6A7-6B36CDFBBF2D} - System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update => C:\Program Files\WordSurfer_1.10.0.19\Update\WordSurferAutoUpdateClient.exe
Task: {DD12E1EC-9A89-42F6-8C2B-8617324DAA1F} - System32\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-6 => C:\Program Files\Object Browser\398b2968-0633-406f-80f8-df8ed6acae59-6.exe [2015-08-26] (ObjectB) <==== ACHTUNG
Task: {F2212C31-EB33-466D-B88F-CB228A06E35A} - System32\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-5_user => C:\Program Files\Object Browser\398b2968-0633-406f-80f8-df8ed6acae59-5.exe <==== ACHTUNG
Task: {FADC99FF-7830-4DC3-8763-7C5E2DB57629} - System32\Tasks\Tempo Runner gigo6maw => C:\ProgramData\IcyCarje\gigoamaw.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-1-6.job => C:\Program Files\Object Browser\398b2968-0633-406f-80f8-df8ed6acae59-1-6.exe <==== ACHTUNG
Task: C:\Windows\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-1-7.job => C:\Program Files\Object Browser\398b2968-0633-406f-80f8-df8ed6acae59-1-7.exe <==== ACHTUNG
Task: C:\Windows\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-5.job => C:\Program Files\Object Browser\398b2968-0633-406f-80f8-df8ed6acae59-5.exe <==== ACHTUNG
Task: C:\Windows\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-5_user.job => C:\Program Files\Object Browser\398b2968-0633-406f-80f8-df8ed6acae59-5.exe <==== ACHTUNG
Task: C:\Windows\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-6.job => C:\Program Files\Object Browser\398b2968-0633-406f-80f8-df8ed6acae59-6.exe <==== ACHTUNG
Task: C:\Windows\Tasks\398b2968-0633-406f-80f8-df8ed6acae59-7.job => C:\Program Files\Object Browser\398b2968-0633-406f-80f8-df8ed6acae59-7.exe <==== ACHTUNG
Task: C:\Windows\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-1-6.job => C:\Program Files\iWebar\8b5117f2-af65-4def-9102-5938876ca8a4-1-6.exe <==== ACHTUNG
Task: C:\Windows\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-1-7.job => C:\Program Files\iWebar\8b5117f2-af65-4def-9102-5938876ca8a4-1-7.exe <==== ACHTUNG
Task: C:\Windows\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-5.job => C:\Program Files\iWebar\8b5117f2-af65-4def-9102-5938876ca8a4-5.exe <==== ACHTUNG
Task: C:\Windows\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-5_user.job => C:\Program Files\iWebar\8b5117f2-af65-4def-9102-5938876ca8a4-5.exe <==== ACHTUNG
Task: C:\Windows\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-6.job => C:\Program Files\iWebar\8b5117f2-af65-4def-9102-5938876ca8a4-6.exe <==== ACHTUNG
Task: C:\Windows\Tasks\8b5117f2-af65-4def-9102-5938876ca8a4-7.job => C:\Program Files\iWebar\8b5117f2-af65-4def-9102-5938876ca8a4-7.exe <==== ACHTUNG
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ACHTUNG
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ACHTUNG
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\KWTWFO1.job => C:\ProgramData\Kikblaster\Kikblaster.exe <==== ACHTUNG
Task: C:\Windows\Tasks\Tempo Runner gigo6maw.job => C:\ProgramData\IcyCarje\gigoamaw.exe-/dgad C:\ProgramData\IcyCarje\gigo6maw.exe
Task: C:\Windows\Tasks\XAEYEBBXHCTFKVPP.job => C:\ProgramData\Service8119\Service8119.exe <==== ACHTUNG
Task: C:\Windows\Tasks\y51qdxgtcP8Lm2WD9B3HcgjE.job => C:\Users\Enno\AppData\Roaming\y51qdxgtcP8Lm2WD9B3HcgjE.exe <==== ACHTUNG
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-07-02 17:18 - 2015-07-02 17:18 - 01758208 _____ () C:\Program Files\SpaceSoundPro\SpaceSoundPro.dll
2015-07-05 16:32 - 2015-02-04 04:05 - 00106640 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2015-08-24 11:57 - 2015-08-24 11:57 - 00112560 _____ () C:\Program Files\YTDownloader\BrowserHelperSrv.exe
2015-08-26 00:01 - 2015-08-26 00:01 - 00050688 _____ () C:\Users\Enno\AppData\Local\Damfase.exe
2015-08-26 00:01 - 2015-08-26 00:01 - 00137728 _____ () C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\hnsg962D.tmp
2015-08-26 00:01 - 2015-08-26 00:01 - 00227328 _____ () C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\jnsg7D2F.tmp
2015-08-25 10:48 - 2015-08-25 10:48 - 00379392 _____ () C:\Program Files\NixSrv\NixSrv.exe
2015-06-08 14:12 - 2015-06-08 14:12 - 00019816 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
2015-06-08 14:12 - 2015-06-08 14:12 - 00012144 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Service.Logger.dll
2015-06-08 14:12 - 2015-06-08 14:12 - 00034664 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WcfService.dll
2015-08-26 00:47 - 2015-08-25 13:19 - 03333264 ____N () C:\Users\Enno\AppData\Local\DailyPcClean Support\updpcc_en_009010071.exe
2015-08-25 23:04 - 2015-08-25 23:04 - 00358400 _____ () C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\knsg62F5.tmpfs
2015-08-17 16:22 - 2015-08-17 16:22 - 01730560 _____ () C:\Program Files\WajaInternetEn\wajam.exe
2015-08-17 16:22 - 2015-08-17 16:22 - 01730560 _____ () c:\program files\wajainterneten\wajam.exe
2015-08-26 17:43 - 2015-08-26 17:43 - 11710976 _____ () c:\program files\wajainterneten\WajaInternetEnlibs\daawu.psu
2015-07-05 15:56 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll
2015-08-26 17:43 - 2015-08-26 17:43 - 00855040 _____ () C:\Program Files\NixSrv\packages\66a80299-e89e-44a4-91cd-06b4636bea66\NixHost.exe
2015-08-26 00:47 - 2015-08-25 07:12 - 03225088 _____ () C:\Program Files\ShopperPro\JSDriver\1.42.1.2367\jsdrv.exe
2015-06-08 14:12 - 2015-06-08 14:12 - 00078656 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
2015-06-08 14:12 - 2015-06-08 14:12 - 00184680 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll
2015-06-08 14:12 - 2015-06-08 14:12 - 00046920 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll
2015-06-08 14:12 - 2015-06-08 14:12 - 00033136 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Repositories.dll
2015-06-08 14:12 - 2015-06-08 14:12 - 00015696 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll
2015-06-08 14:12 - 2015-06-08 14:12 - 00123736 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll
2015-06-08 14:13 - 2015-06-08 14:13 - 00073544 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SysInfo.dll
2015-06-08 14:11 - 2015-06-08 14:11 - 00039256 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll
2015-08-26 17:43 - 2015-08-26 17:43 - 11710976 _____ () c:\program files\wajainterneten\wajainternetenlibs\daawu.psu
2015-08-25 21:27 - 2015-08-18 07:23 - 01405768 _____ () C:\Program Files\Google\Chrome\Application\44.0.2403.157\libglesv2.dll
2015-08-25 21:27 - 2015-08-18 07:23 - 00081224 _____ () C:\Program Files\Google\Chrome\Application\44.0.2403.157\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\...\webcompanion.com -> hxxp://webcompanion.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Enno\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{3096B5E5-7DB5-4AFE-B0D3-F3483E15F567}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{889F5F02-21A7-41AD-B881-175D1AF8D5E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E7001B72-941A-433D-A7B6-952B29FBDF84}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{32FA4CD5-0587-4D9B-B108-A77C89F7444D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{33B81C27-E55C-4D9F-8648-604D82E823E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{105E4FA5-6D3F-4DCF-9FF0-690F234111F9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{458EF621-A97E-4228-A244-F28DB615E4D1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DAD99681-3789-4E2A-BD39-8C9E013F80BE}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F0058A31-9C64-408C-AA42-14B05D83887F}] => (Allow) LPort=2869
FirewallRules: [{1B966CDE-7C31-41B7-8ECD-E026704F3A3B}] => (Allow) LPort=1900
FirewallRules: [{46AEEB80-93BF-4D70-8204-87416548C858}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{6B8670C3-D2FF-4A52-B559-F90B55A33DD9}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{D02F250E-96FE-4AA9-A24E-E353B850C6F3}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{6EFB33BC-FB7F-4BE6-90CB-808B521EE2DD}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8C7B46DB-6676-45C1-81B9-D6F02E46CC8E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8BF4EBD3-D306-412A-8BC4-B7AC6310BF29}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{9304FCF6-8F60-42EB-A372-F2D97E5C01C5}] => (Allow) C:\ProgramData\IcyCarje\gigoamaw.exe
FirewallRules: [{4F50E268-F2EA-4C71-995B-1AC113C11460}] => (Allow) C:\ProgramData\IcyCarje\gigoamaw.exe
FirewallRules: [{600D790F-0E60-4BEA-8A55-0252DC8ED0AE}] => (Allow) C:\ProgramData\IcyCarje\gigoamaw.exe
FirewallRules: [{7F82F345-DB55-4FAE-BC26-D27966F4AF05}] => (Allow) C:\ProgramData\IcyCarje\gigoamaw.exe
FirewallRules: [TCP Query User{5DBA6A2B-65CF-4038-89E3-FF005D6DE2BD}C:\program files\miniget\miniget.exe] => (Block) C:\program files\miniget\miniget.exe
FirewallRules: [UDP Query User{0561136F-5522-495D-AE8C-574D95B96B80}C:\program files\miniget\miniget.exe] => (Block) C:\program files\miniget\miniget.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: ShopperPro UpdateD
Description: ShopperPro UpdateD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SPBIUpdd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/26/2015 06:21:20 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x8007000e
Error: (08/26/2015 05:43:34 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (4852) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde.
Error: (08/26/2015 05:43:31 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvNetworkStreamService restarted too many times in a short period. Aborting. [0]).
Error: (08/26/2015 12:57:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 44.0.2403.157, Zeitstempel: 0x55d29eef
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x4000000f
ID des fehlerhaften Prozesses: 0x2120
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (08/26/2015 12:57:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 44.0.2403.157, Zeitstempel: 0x55d29eef
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0xc000000f
ID des fehlerhaften Prozesses: 0x2120
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (08/26/2015 12:52:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BrowserHelper.exe, Version: 1.7.0.0, Zeitstempel: 0x55daea75
Name des fehlerhaften Moduls: BrowserHelper.exe, Version: 1.7.0.0, Zeitstempel: 0x55daea75
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00026115
ID des fehlerhaften Prozesses: 0x27a4
Startzeit der fehlerhaften Anwendung: 0xBrowserHelper.exe0
Pfad der fehlerhaften Anwendung: BrowserHelper.exe1
Pfad des fehlerhaften Moduls: BrowserHelper.exe2
Berichtskennung: BrowserHelper.exe3
Error: (08/26/2015 12:49:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ioproduct.exe, Version: 1.2.0.0, Zeitstempel: 0x55dc98c8
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a69d9f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00056289
ID des fehlerhaften Prozesses: 0x1cc
Startzeit der fehlerhaften Anwendung: 0xioproduct.exe0
Pfad der fehlerhaften Anwendung: ioproduct.exe1
Pfad des fehlerhaften Moduls: ioproduct.exe2
Berichtskennung: ioproduct.exe3
Error: (08/26/2015 12:15:35 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvNetworkStreamService restarted too many times in a short period. Aborting. [0]).
Error: (08/25/2015 11:09:12 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {098dbcc6-050a-4958-9d50-fd3a5edb440f}
Error: (08/25/2015 02:23:27 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvNetworkStreamService restarted too many times in a short period. Aborting. [0]).
Systemfehler:
=============
Error: (08/26/2015 05:45:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "globalUpdate Update Service (globalUpdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (08/26/2015 05:45:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst globalUpdate Update Service (globalUpdate) erreicht.
Error: (08/26/2015 05:44:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ExtTag" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (08/26/2015 05:44:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst ExtTag erreicht.
Error: (08/26/2015 05:43:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ShopperPro UpdateD" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/26/2015 05:43:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Word Surfer 1.10.0.19 Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (08/26/2015 05:43:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Word Surfer 1.10.0.19 Client Service erreicht.
Error: (08/26/2015 05:42:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126
Error: (08/26/2015 12:24:05 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126
Error: (08/26/2015 12:23:48 AM) (Source: volsnap) (EventID: 27) (User: )
Description: Die Schattenkopien von Volume "E:" wurden während der Ermittlung abgebrochen, weil eine kritische Steuerungsdatei nicht geöffnet werden konnte.
Microsoft Office:
=========================
Error: (08/26/2015 06:21:20 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x8007000e
System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
Error: (08/26/2015 05:43:34 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail4852WindowsMail0:
Error: (08/26/2015 05:43:31 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvNetworkStreamService restarted too many times in a short period. Aborting. [0]
Error: (08/26/2015 12:57:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe44.0.2403.15755d29eefunknown0.0.0.000000000c00000054000000f212001d0df896bc676fdC:\Program Files\Google\Chrome\Application\chrome.exeunknownafb856ac-4b7c-11e5-b5a3-001e8caae9f4
Error: (08/26/2015 12:57:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe44.0.2403.15755d29eefunknown0.0.0.000000000c0000005c000000f212001d0df896bc676fdC:\Program Files\Google\Chrome\Application\chrome.exeunknownac4bd7e5-4b7c-11e5-b5a3-001e8caae9f4
Error: (08/26/2015 12:52:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: BrowserHelper.exe1.7.0.055daea75BrowserHelper.exe1.7.0.055daea75c00000050002611527a401d0df884feceb3eC:\PROGRA~1\YTDOWN~1\BrowserHelper.exeC:\PROGRA~1\YTDOWN~1\BrowserHelper.exeeb935b28-4b7b-11e5-b5a3-001e8caae9f4
Error: (08/26/2015 12:49:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ioproduct.exe1.2.0.055dc98c8ntdll.dll6.1.7601.1893355a69d9fc0000005000562891cc01d0df87e71612b2C:\Users\Enno\AppData\Local\Temp\WIZZ\ioproduct.exeC:\Windows\SYSTEM32\ntdll.dll906affd7-4b7b-11e5-b5a3-001e8caae9f4
Error: (08/26/2015 12:15:35 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvNetworkStreamService restarted too many times in a short period. Aborting. [0]
Error: (08/25/2015 11:09:12 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {098dbcc6-050a-4958-9d50-fd3a5edb440f}
Error: (08/25/2015 02:23:27 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvNetworkStreamService restarted too many times in a short period. Aborting. [0]
CodeIntegrity:
===================================
Date: 2015-08-26 01:07:20.187
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-26 01:07:20.137
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-26 01:07:16.578
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-26 01:07:16.530
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-26 00:57:42.936
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-26 00:57:41.518
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-26 00:56:24.826
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-26 00:54:45.861
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-26 00:54:33.410
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-26 00:52:42.343
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Prozentuale Nutzung des RAM: 44%
Installierter physikalischer RAM: 3327.11 MB
Verfügbarer physikalischer RAM: 1848.5 MB
Summe virtueller Speicher: 6652.53 MB
Verfügbarer virtueller Speicher: 3994.83 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:297.99 GB) (Free:253.48 GB) NTFS
Drive e: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:70.12 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 9304C213)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B4806423)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende vom Addition.txt ============================
|
|
27.08.2015, 15:02
| #4 |
| /// the machine /// TB-Ausbilder | Falsche Seite besucht, nun Trojaner-Problem Trojan.Agent.MSIL etc Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.08.2015, 21:17
| #5 |
| | Falsche Seite besucht, nun Trojaner-Problem Trojan.Agent.MSIL etc Hallo Schrauber! Im Revo-uninstaller konnte ich leider den Globalupdate helper und DailyPcClean Support nicht finden. Desweiteren Spuckte er mir bei Rockettab folgende Fehlermeldung aus: Uninstall fehlgeschlagen vermutlich ungültiger deinstall Befehl. Combofix habe ich wie beschrieben drüberlaufen lassen dazu folgender Log: Code:
ATTFilter ComboFix 15-08-27.01 - Enno 27.08.2015 21:39:44.1.4 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.3327.1494 [GMT 2:00]
ausgeführt von:: c:\users\Enno\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
C:\prefs.js
c:\program files\AGEIA Technologies\1faacb5a-23c1-4a96-8251-45bdad4a2db8.dll
c:\program files\AGEIA Technologies\6c638346-4888-490b-b921-1e8d4d3f907f.dll
c:\program files\d79cd7cf-41ed-4e57-a8f2-a6d8595d9a6a\9a9acfd4-4a9e-4020-8620-ea2359c08c0f.dll
c:\program files\e6c775f4-fd06-4422-a78c-a41a05a8bbb8\cc528976-7d00-4ee9-afeb-ca3b10f1b053.dll
c:\program files\ShopperPro
c:\program files\ShopperPro\JSDriver\1.42.1.2367\jsdrv.exe
c:\programdata\BWinManProB
c:\programdata\BWinManProB\WinManPro.exe
c:\programdata\ShopperPro
c:\users\Enno\AppData\Local\Damfase.exe
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_globalUpdate
-------\Legacy_SPDRIVER_1.42.1.2367
-------\Service_downloacyi
-------\Service_SPDRIVER_1.42.1.2367
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-07-27 bis 2015-08-27 ))))))))))))))))))))))))))))))
.
.
2015-08-27 19:50 . 2015-08-27 19:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-08-27 19:13 . 2015-08-27 19:13 -------- d-----w- c:\program files\VS Revo Group
2015-08-26 17:03 . 2015-08-26 17:05 -------- d-----w- C:\FRST
2015-08-26 15:44 . 2015-08-26 15:44 -------- d-----w- c:\programdata\ExtTag
2015-08-25 22:55 . 2015-08-27 19:55 98520 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-08-25 22:55 . 2015-08-25 22:55 -------- d-----w- c:\program files\ Malwarebytes Anti-Malware
2015-08-25 22:55 . 2015-08-25 22:55 -------- d-----w- c:\programdata\Malwarebytes
2015-08-25 22:55 . 2015-06-18 06:41 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-08-25 22:55 . 2015-06-18 06:41 94936 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-08-25 22:55 . 2015-06-18 06:41 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-08-25 22:49 . 2015-08-25 22:50 -------- d-----w- c:\users\Enno\AppData\Local\BrowserHelper
2015-08-25 22:48 . 2015-08-27 19:52 -------- d-----w- c:\program files\YTDownloader
2015-08-25 22:48 . 2015-08-27 19:10 -------- d-----w- c:\users\Enno\AppData\Local\gmsd_de_005010071
2015-08-25 22:47 . 2015-08-26 17:31 -------- d-----w- c:\program files\Common Files\ShopperPro
2015-08-25 22:47 . 2015-08-27 19:46 -------- d-----w- c:\program files\d79cd7cf-41ed-4e57-a8f2-a6d8595d9a6a
2015-08-25 22:47 . 2015-08-27 19:46 -------- d-----w- c:\program files\e6c775f4-fd06-4422-a78c-a41a05a8bbb8
2015-08-25 22:47 . 2015-08-27 19:15 -------- d-----w- c:\program files\DailyPcClean Support
2015-08-25 22:47 . 2015-08-25 22:47 -------- d-----w- c:\program files\FastSearch
2015-08-25 22:46 . 2015-08-25 22:48 801 ----a-w- C:\task.vbs
2015-08-25 22:46 . 2015-08-25 22:46 -------- d-----w- c:\program files\SpaceSoundPro
2015-08-25 22:46 . 2015-08-25 22:46 -------- d-----w- c:\users\Enno\AppData\Local\Installer
2015-08-25 22:46 . 2015-08-25 22:46 -------- d-----w- c:\program files\SpaceSondPro
2015-08-25 22:46 . 2015-08-25 22:46 -------- d-----w- c:\users\Enno\AppData\Local\CrashRpt
2015-08-25 22:46 . 2015-08-25 22:46 -------- d-----w- c:\program files\WordSurfer_1.10.0.19
2015-08-25 22:08 . 2015-08-25 22:08 -------- d-----w- C:\searchplugins
2015-08-25 22:08 . 2015-08-25 22:08 -------- d-----w- c:\users\Enno\AppData\Local\Lavasoft
2015-08-25 22:07 . 2015-06-08 12:13 348488 ----a-w- c:\windows\system32\LavasoftTcpService.dll
2015-08-25 22:07 . 2015-08-25 22:07 -------- d-----w- c:\program files\Lavasoft
2015-08-25 22:07 . 2015-08-25 22:07 -------- d-----w- c:\users\Enno\AppData\Roaming\Lavasoft
2015-08-25 22:07 . 2015-08-25 22:07 -------- d-----w- c:\programdata\Lavasoft
2015-08-25 22:03 . 2015-08-25 22:09 -------- d-----w- c:\users\Enno\AppData\Roaming\MiniGet
2015-08-25 22:03 . 2015-08-25 22:09 -------- d-----w- c:\program files\MiniGet
2015-08-25 22:02 . 2015-08-25 22:02 -------- d-----w- c:\users\Enno\AppData\Roaming\Opera Software
2015-08-25 22:02 . 2015-08-25 22:02 -------- d-----w- c:\users\Enno\AppData\Local\Opera Software
2015-08-25 22:01 . 2015-08-25 22:07 -------- d-----w- c:\users\Enno\AppData\Local\C56FE3C0-1440547317-11DC-85B8-001E8CAAE9F4
2015-08-25 22:01 . 2015-08-25 22:01 -------- d-----w- c:\program files\globalUpdate
2015-08-25 22:01 . 2015-08-25 22:01 -------- d-----w- c:\users\Enno\AppData\Local\globalUpdate
2015-08-25 22:01 . 2015-08-25 23:01 -------- d-----w- c:\program files\NixSrv
2015-08-25 22:01 . 2015-08-27 19:09 -------- d-----w- c:\program files\Microsoft Silverlight
2015-08-25 22:01 . 2015-08-27 19:54 -------- d-----w- c:\programdata\update
2015-08-25 22:01 . 2015-08-25 22:47 -------- d-----w- c:\program files\MiniLite
2015-08-25 22:01 . 2015-08-25 22:02 -------- d-----w- c:\programdata\pWinManProp
2015-08-25 22:00 . 2015-08-26 16:13 -------- d-----w- c:\program files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4
2015-08-25 22:00 . 2015-08-25 22:12 -------- d-----w- c:\users\Enno\AppData\Roaming\oursurfing
2015-08-25 22:00 . 2015-08-26 16:05 -------- d-----w- c:\programdata\Service8119
2015-08-25 22:00 . 2015-08-25 22:00 -------- d-----w- c:\programdata\12db864551ae4c578eb17db1a9f5d3cf
2015-08-25 22:00 . 2015-08-25 22:13 -------- d-----w- c:\programdata\IcyCarje
2015-08-25 22:00 . 2015-08-25 22:06 -------- d-----w- c:\program files\Opera
2015-08-25 21:52 . 2015-08-25 21:55 -------- d-----w- c:\users\Enno\AppData\Local\Adobe
2015-08-25 21:45 . 2015-08-25 21:45 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
2015-08-25 21:44 . 2015-08-25 21:45 -------- d-----w- c:\program files\Common Files\Adobe
2015-08-25 21:40 . 2015-08-25 21:41 -------- d-----w- C:\PS_CS2_Gr_NonRet
2015-08-25 21:12 . 2015-08-25 21:12 -------- d-----w- c:\users\Enno\AppData\Roaming\NVIDIA
2015-08-25 21:08 . 2015-08-25 21:08 -------- d-----w- c:\users\Enno\AppData\Roaming\Sony Corporation
2015-08-25 21:04 . 2015-08-25 21:04 -------- d-----w- c:\program files\Sony
2015-08-25 21:01 . 2015-08-25 21:05 -------- d-----w- c:\programdata\Sony Corporation
2015-08-25 13:28 . 2015-07-31 09:37 9234960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{92A83874-8E68-446B-99C0-BE30B42B8A7F}\mpengine.dll
2015-08-25 01:00 . 2015-08-11 00:33 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2015-08-24 15:27 . 2015-08-24 15:27 -------- d-----w- C:\$SysReset
2015-08-24 09:57 . 2015-08-24 09:57 650672 ----a-w- c:\program files\Common Files\System\SysMenu.dll
2015-08-17 15:17 . 2015-08-24 16:37 -------- d-----w- C:\Recovery
2015-08-13 01:01 . 2015-07-30 13:13 103120 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-01 22:02 . 2015-08-01 22:02 -------- d-----w- C:\Fraps
2015-08-01 20:14 . 2015-08-01 20:14 -------- d-----w- c:\users\Enno\Tracing
2015-08-01 20:13 . 2015-08-01 20:13 -------- d-----w- c:\users\Enno\AppData\Local\Skype
2015-08-01 20:12 . 2015-08-27 19:54 -------- d-----w- c:\users\Enno\AppData\Roaming\Skype
2015-08-01 20:12 . 2015-08-01 20:12 -------- d-----w- c:\program files\Common Files\Skype
2015-08-01 20:12 . 2015-08-01 20:18 -------- d-----r- c:\program files\Skype
2015-08-01 20:12 . 2015-08-01 20:12 -------- d-----w- c:\programdata\Skype
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-24 04:21 . 2015-07-05 14:22 1423304 ----a-w- c:\windows\system32\nvspcap.dll
2015-07-24 04:21 . 2015-07-05 14:22 1316000 ----a-w- c:\windows\system32\nvspbridge.dll
2015-07-21 01:14 . 2015-07-21 01:14 194048 ----a-w- c:\windows\system32\elshyph.dll
2015-07-21 01:14 . 2015-07-21 01:14 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2015-07-21 01:14 . 2015-07-21 01:14 645120 ----a-w- c:\windows\system32\jsIntl.dll
2015-07-21 01:14 . 2015-07-21 01:14 62464 ----a-w- c:\windows\system32\tdc.ocx
2015-07-21 01:14 . 2015-07-21 01:14 182272 ----a-w- c:\windows\system32\msls31.dll
2015-07-21 01:14 . 2015-07-21 01:14 86016 ----a-w- c:\windows\system32\iesysprep.dll
2015-07-21 01:14 . 2015-07-21 01:14 74240 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2015-07-21 01:14 . 2015-07-21 01:14 48640 ----a-w- c:\windows\system32\mshtmler.dll
2015-07-21 01:14 . 2015-07-21 01:14 36352 ----a-w- c:\windows\system32\imgutil.dll
2015-07-21 01:14 . 2015-07-21 01:14 24576 ----a-w- c:\windows\system32\licmgr10.dll
2015-07-21 01:14 . 2015-07-21 01:14 151552 ----a-w- c:\windows\system32\iexpress.exe
2015-07-21 01:14 . 2015-07-21 01:14 139264 ----a-w- c:\windows\system32\wextract.exe
2015-07-21 01:14 . 2015-07-21 01:14 13312 ----a-w- c:\windows\system32\mshta.exe
2015-07-21 01:14 . 2015-07-21 01:14 111616 ----a-w- c:\windows\system32\IEAdvpack.dll
2015-07-21 01:13 . 2015-07-21 01:13 231424 ----a-w- c:\windows\system32\mswsock.dll
2015-07-21 01:13 . 2015-07-21 01:13 49152 ----a-w- c:\windows\system32\taskhost.exe
2015-07-21 01:11 . 2015-07-21 01:11 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-07-21 01:11 . 2015-07-21 01:11 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2015-07-21 01:11 . 2015-07-21 01:11 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-07-21 01:11 . 2015-07-21 01:11 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-07-21 01:11 . 2015-07-21 01:11 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-07-21 01:11 . 2015-07-21 01:11 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2015-07-21 01:11 . 2015-07-21 01:11 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-07-21 01:11 . 2015-07-21 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-07-21 01:11 . 2015-07-21 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-07-21 01:11 . 2015-07-21 01:11 293376 ----a-w- c:\windows\system32\dxgi.dll
2015-07-21 01:11 . 2015-07-21 01:11 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-07-21 01:11 . 2015-07-21 01:11 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2015-07-21 01:11 . 2015-07-21 01:11 220160 ----a-w- c:\windows\system32\d3d10core.dll
2015-07-21 01:11 . 2015-07-21 01:11 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2015-07-21 01:11 . 2015-07-21 01:11 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2015-07-21 01:11 . 2015-07-21 01:11 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2015-07-21 01:11 . 2015-07-21 01:11 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2015-07-21 01:11 . 2015-07-21 01:11 1080832 ----a-w- c:\windows\system32\d3d10.dll
2015-07-21 01:11 . 2015-07-21 01:11 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-07-21 01:10 . 2015-07-21 01:10 1505280 ----a-w- c:\windows\system32\d3d11.dll
2015-07-20 01:05 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2015-07-15 18:37 . 2015-08-12 12:31 2560 ----a-w- c:\windows\system32\drivers\de-DE\mountmgr.sys.mui
2015-07-11 09:37 . 2012-07-17 12:37 24288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-07-04 17:48 . 2015-07-20 20:41 1414656 ----a-w- c:\windows\system32\ole32.dll
2015-06-23 11:27 . 2015-07-04 19:19 246952 ------w- c:\windows\system32\MpSigStub.exe
2015-06-17 17:39 . 2015-07-20 20:40 305664 ----a-w- c:\windows\system32\gdi32.dll
2015-06-15 22:28 . 2015-06-15 22:28 56448 ----a-w- c:\windows\system32\drivers\wsafd_1_10_0_19.sys
2015-06-15 21:47 . 2015-07-20 20:42 101824 ----a-w- c:\windows\system32\consent.exe
2015-06-15 21:43 . 2015-07-20 20:42 337408 ----a-w- c:\windows\system32\msihnd.dll
2015-06-15 21:43 . 2015-07-20 20:42 2364416 ----a-w- c:\windows\system32\msi.dll
2015-06-15 21:43 . 2015-07-20 20:42 1805824 ----a-w- c:\windows\system32\authui.dll
2015-06-15 21:43 . 2015-07-20 20:42 47104 ----a-w- c:\windows\system32\appinfo.dll
2015-06-15 21:42 . 2015-07-20 20:42 73216 ----a-w- c:\windows\system32\msiexec.exe
2015-06-15 21:37 . 2015-07-20 20:42 25088 ----a-w- c:\windows\system32\msimsg.dll
2015-06-11 17:57 . 2015-07-20 20:42 919552 ----a-w- c:\windows\system32\rdpcorets.dll
2015-06-11 17:15 . 2015-07-20 20:42 134656 ----a-w- c:\windows\system32\rdpudd.dll
2015-06-11 17:15 . 2015-07-20 20:42 15872 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2015-06-01 23:47 . 2015-07-20 20:35 210432 ----a-w- c:\windows\system32\cewmdm.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2015-07-28 53655680]
"Web Companion"="c:\program files\Lavasoft\Web Companion\Application\WebCompanion.exe" [2015-06-08 1381648]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-07-24 2634896]
"ShadowPlay"="c:\windows\system32\nvspcap.dll" [2015-07-24 1423304]
"PMBVolumeWatcher"="c:\program files\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2015-06-01 2670592]
"SpaceSoundPro"="c:\program files\SpaceSoundPro\SpaceSoundPro.exe" [2015-08-03 4203520]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2015-07-20 280576]
.
c:\users\Enno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TP-LINK-Konfigurationstool.lnk - c:\program files\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe -nogui [2015-7-4 846848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 BrsHelper;BrsHelper;c:\progra~1\YTDOWN~1\BROWSE~2.EXE [x]
R2 ExtTag;ExtTag;c:\programdata\ExtTag\ExtTag.exe [x]
R2 fimevebo;Field Data Storage;c:\program files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\hnsg962D.tmp [2015-08-25 137728]
R2 jimocoso;Cool Barcode;c:\program files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\jnsg7D2F.tmp [2015-08-25 227328]
R2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-24 20694160]
R2 sbmntr;sbmntr;c:\progra~1\YTDOWN~1\sbmntr.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2015-06-25 327296]
R2 SPBIUpd;ShopperPro Update;c:\program files\Common Files\ShopperPro\spbiu.exe [x]
R2 toxovyne;Sender Satellite;c:\program files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\knsg62F5.tmpfs [2015-08-25 358400]
R2 wsasvc_1.10.0.19;Word Surfer 1.10.0.19 Client Service;c:\program files\WordSurfer_1.10.0.19\Service\wsasvc.exe [x]
R3 globalUpdatem;globalUpdate Update Service (globalUpdatem);c:\program files\globalUpdate\Update\globalupdate.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-07-16 102912]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2015-06-11 15872]
R3 SPBIUpdd;ShopperPro UpdateD;c:\program files\Common Files\ShopperPro\spbiw.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S1 wsafd_1_10_0_19;wsafd_1_10_0_19;c:\windows\system32\drivers\wsafd_1_10_0_19.sys [2015-06-15 56448]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2015-07-16 244392]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-07-24 921232]
S2 IHProtect Service;IHProtect Service;c:\program files\MiniLite\ProtectService.exe [2015-08-24 132768]
S2 LavasoftTcpService;LavasoftTcpService;c:\program files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2015-06-08 2751792]
S2 MBAMScheduler;MBAMScheduler;c:\program files\ Malwarebytes Anti-Malware \mbamscheduler.exe [2015-06-18 1871160]
S2 MBAMService;MBAMService;c:\program files\ Malwarebytes Anti-Malware \mbamservice.exe [2015-06-18 1133880]
S2 NixSrv;NixSrv Service;c:\program files\NixSrv\NixSrv.exe [2015-08-25 379392]
S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-07-24 1871504]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2015-06-01 494592]
S2 SearchProtectionService;IE Search Set;c:\program files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [2015-06-08 19816]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-02-03 409800]
S3 AtcL001;NDIS-Miniporttreiber für L1-Gigabit-Ethernet-Controller von Atheros;c:\windows\system32\DRIVERS\l160x86.sys [2009-07-13 47104]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-06-18 23256]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2015-08-27 98520]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-06-18 51928]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-07-24 18576]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2015-05-19 41648]
S3 RTL8192cu;300Mbps Wireless USB Adapter;c:\windows\system32\DRIVERS\RTL8192cu.sys [2012-10-25 801896]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - NVSTREAMKMS
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc REG_MULTI_SZ DiagTrack
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-08-25 19:27 993608 ----a-w- c:\program files\Google\Chrome\Application\44.0.2403.157\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-07-04 19:15]
.
2015-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-07-04 19:15]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.bing.com/?pc=COSP&ptag=D082515-AAF1615ED1F&form=CONMHP&conlogo=CT3334471
uInternet Settings,ProxyOverride = <-loopback>
LSP: c:\windows\system32\LavasoftTcpService.dll
Trusted Zone: localhost
Trusted Zone: webcompanion.com
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-ZoomWebLists - c:\users\Enno\AppData\Local\Temp\Zzoooomit_uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\fimevebo]
"ImagePath"="c:\program files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\hnsg962D.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\jimocoso]
"ImagePath"="c:\program files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\jnsg7D2F.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\toxovyne]
"ImagePath"="c:\program files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\knsg62F5.tmpfs"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3873983982-3366287411-1273497978-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3873983982-3366287411-1273497978-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\TeamViewer\TeamViewer_Service.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\program files\ Malwarebytes Anti-Malware \mbam.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
c:\program files\TeamViewer\TeamViewer.exe
c:\program files\TeamViewer\tv_w32.exe
c:\windows\system32\GWX\GWX.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-08-27 22:06:15 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-08-27 20:06
.
Vor Suchlauf: 11 Verzeichnis(se), 269.286.076.416 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 271.983.321.088 Bytes frei
.
- - End Of File - - 06549E8FDA82DEA6B9987A72D3FEE0E7
A36C5E4F47E84449FF07ED3517B43A31
|
|
28.08.2015, 15:46
| #6 |
| /// the machine /// TB-Ausbilder | Falsche Seite besucht, nun Trojaner-Problem Trojan.Agent.MSIL etc Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Falsche Seite besucht, nun Trojaner-Problem Trojan.Agent.MSIL etc |
|
30.08.2015, 16:03
| #7 |
| | Falsche Seite besucht, nun Trojaner-Problem Trojan.Agent.MSIL etc Hallo Schrauber! Hier deine geforderten LOG's MBAM LOG: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 30.08.2015 Suchlaufzeit: 14:39 Protokolldatei: mbamlog2.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.08.29.05 Rootkit-Datenbank: v2015.08.16.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: Enno Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 312760 Abgelaufene Zeit: 7 Min., 13 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 3 PUP.Optional.Bundle, C:\Program Files\MiniLite\ProtectService.exe, 352, Löschen bei Neustart, [0c8d7f8fe4a736002081197f38ca28d8] PUP.Optional.MultiPlug, C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\jnsg7D2F.tmp, 1176, Löschen bei Neustart, [aaefe727ed9ecb6b7fc1cfd1aa5aaa56] PUP.Optional.SpaceSoundPro, C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe, 1464, Löschen bei Neustart, [7722af5f3d4eb2848389f4bd9470718f] Module: 4 PUP.Optional.SpaceSoundPro, C:\Program Files\SpaceSoundPro\SpaceSoundPro.dll, Löschen bei Neustart, [7722af5f3d4eb2848389f4bd9470718f], PUP.Optional.SpaceSoundPro, C:\Program Files\SpaceSoundPro\SpaceSoundPro.dll, Löschen bei Neustart, [7722af5f3d4eb2848389f4bd9470718f], PUP.Optional.MiniLite, C:\Program Files\MiniLite\msvcp110.dll, Löschen bei Neustart, [8d0c947a97f4ea4c939ba26e05fe3bc5], PUP.Optional.MiniLite, C:\Program Files\MiniLite\msvcr110.dll, Löschen bei Neustart, [8d0c947a97f4ea4c939ba26e05fe3bc5], Registrierungsschlüssel: 112 PUP.Optional.Bundle, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IHProtect Service, In Quarantäne, [0c8d7f8fe4a736002081197f38ca28d8], PUP.Optional.WordSurfer, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\wsafd_1_10_0_19, In Quarantäne, [26739e70dbb082b48c97246ff90c857b], PUP.Optional.WordSurfer, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WordSurfer_1.10.0.19, In Quarantäne, [c0d90e0099f20a2ceb38365df213ad53], PUP.Optional.FastSearch, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\FastSearch, In Quarantäne, [5b3ede30395238fef3d6ba16778a639d], PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\jimocoso, In Quarantäne, [aaefe727ed9ecb6b7fc1cfd1aa5aaa56], PUP.Optional.SpaceSoundPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\zz.1700.ssp, In Quarantäne, [5742cf3f35565adcc3480ca57094639d], PUP.Optional.SpaceSoundPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SpaceSoundPro, In Quarantäne, [7722af5f3d4eb2848389f4bd9470718f], PUP.Optional.SpaceSoundPro, HKLM\SOFTWARE\CLASSES\CLSID\{5013A5D0-34A9-489F-BF9A-3A0E34D8902B}, In Quarantäne, [7722af5f3d4eb2848389f4bd9470718f], PUP.Optional.SpaceSoundPro, HKLM\SOFTWARE\CLASSES\CLSID\{B43F10EC-BD1C-48D5-A123-3DCA3321C187}, In Quarantäne, [7722af5f3d4eb2848389f4bd9470718f], PUP.Optional.GamesDesktop, HKLM\SOFTWARE\GAMESDESKTOP, In Quarantäne, [cecbef1f286337fff06e137d6c98d729], PUP.Optional.HighDefAction, HKLM\SOFTWARE\HighDefAction, In Quarantäne, [0495709ef596e94d31177b187b89d42c], PUP.Optional.IHProtect, HKLM\SOFTWARE\IHProtect, In Quarantäne, [257458b6dcaf87af69d26c290ef69769], PUP.Optional.iWebar, HKLM\SOFTWARE\iWebar-nv, In Quarantäne, [6c2dcb43107b2a0c40b8a9edeb19956b], PUP.Optional.iWebar, HKLM\SOFTWARE\iWebar-nv-ie, In Quarantäne, [11886ca2e0ab023476821e7842c26a96], PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\mystartsearchSoftware, In Quarantäne, [dcbde02e890248ee383c9c8ce81baa56], PUP.Optional.ObjectBrowser, HKLM\SOFTWARE\Object Browser-nv, In Quarantäne, [f7a2b955672439fd3b37534f40c49769], PUP.Optional.ObjectBrowser, HKLM\SOFTWARE\Object Browser-nv-ie, In Quarantäne, [574211fd4c3ff93d10626e34887c52ae], PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\oursurfingSoftware, In Quarantäne, [4a4f66a86229e74fd35237e96e957090], PUP.Optional.SpaceSoundPro, HKLM\SOFTWARE\SpaceSondPro, In Quarantäne, [6831cc42d3b87abc0906a809778d4fb1], PUP.Optional.SpaceSoundPro, HKLM\SOFTWARE\SpaceSoundPro, In Quarantäne, [0d8c58b69cef0a2cd838a9083fc550b0], PUP.Optional.WPM, HKLM\SOFTWARE\supWindowsMangerProtect, In Quarantäne, [930605096f1c6bcbbf465469788c758b], PUP.Optional.WordSurfer, HKLM\SOFTWARE\WordSurfer_1.10.0.19, In Quarantäne, [6d2c8b834843cd6944b2883415ef34cc], PUP.Optional.YorkNewCin, HKLM\SOFTWARE\YorkNewCin, In Quarantäne, [d3c60509b3d8ca6c3f18932a21e323dd], PUP.Optional.Zoom, HKLM\SOFTWARE\ZoomWebLists, In Quarantäne, [aced4bc31b707cbae0ffead3e81c6e92], PUP.Optional.CrossRider, HKLM\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, In Quarantäne, [5a3fdd311a711e183ed11672c0447d83], PUP.Optional.CinemaPlus, HKLM\SOFTWARE\ARENAHD, In Quarantäne, [f9a024ea4c3f3ef82c110c75976dcc34], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, In Quarantäne, [297033dbbccfeb4b2921cec3e81c7c84], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickProcessLauncherMachine, In Quarantäne, [91088688d0bbb6805febbed3a2625ea2], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickProcessLauncherMachine.1.0, In Quarantäne, [eaafa6683b5085b151f97e1330d4cf31], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoCreateAsync, In Quarantäne, [960345c9e5a61e189ab1aee3d52f0bf5], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoCreateAsync.1.0, In Quarantäne, [5c3df21c7c0fb77fad9ef9980df7de22], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreClass, In Quarantäne, [386167a75a31fd394803bbd6fc0839c7], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreClass.1, In Quarantäne, [8910bc52533850e695b6afe236ce0df3], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreMachineClass, In Quarantäne, [574258b6d0bbd4624a012a679f6559a7], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreMachineClass.1, In Quarantäne, [d4c5ed216e1d2c0a7ecd672a55af15eb], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CredentialDialogMachine, In Quarantäne, [1f7a5ab4f695ee483714dab7659f7e82], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CredentialDialogMachine.1.0, In Quarantäne, [58416aa4eaa16fc775d6c5cce91b2dd3], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine, In Quarantäne, [5d3caf5f4942f73fee5dcdc49272ba46], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine.1.0, In Quarantäne, [49504bc3a8e335012c1fa8e9828223dd], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback, In Quarantäne, [e6b3e42adeadd85e9dae2c65788c5fa1], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0, In Quarantäne, [b5e4f41aafdc57dfbf8c93fe8c78e11f], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc, In Quarantäne, [3168e02e19722c0a202b207122e20df3], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc.1.0, In Quarantäne, [b5e40608bbd0db5bd675177a3dc755ab], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.ProcessLauncher, In Quarantäne, [1188e02ec0cb14221536cfc29c68966a], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.ProcessLauncher.1.0, In Quarantäne, [7a1fb45a0487c96d5bf0207102028b75], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3COMClassService, In Quarantäne, [e6b3010df6950d298bc031601be9ba46], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3COMClassService.1.0, In Quarantäne, [277217f7dcaf41f53b102a67c440c33d], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachine, In Quarantäne, [e3b6907e296265d1c98292ffff057888], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachine.1.0, In Quarantäne, [277240ceddaedd594a01721fca3a30d0], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback, In Quarantäne, [d1c8917d35564beb5fec504120e47987], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback.1.0, In Quarantäne, [5c3d34da91fa162094b79bf63dc7ea16], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebSvc, In Quarantäne, [3168c5499af15adc60ebccc559ab48b8], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebSvc.1.0, In Quarantäne, [c0d9bd51d8b385b18dbe1f727292817f], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\APPID\GLOBALUPDATE.EXE, In Quarantäne, [badf8c82a7e446f03d0c5c356c98629e], PUP.Optional.FastSearch, HKLM\SOFTWARE\FASTSEARCH, In Quarantäne, [0099c34bc4c7de58baa67a132fd51ee2], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\GLOBALUPDATE\UPDATE\Clients, In Quarantäne, [b0e9818db3d831059fae8110c63e669a], PUP.Optional.CrossRider, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\20891, In Quarantäne, [5d3c0fff2665e452f22699efdc2822de], PUP.Optional.CrossRider, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21836, In Quarantäne, [3465a6688803ff372aeedcaccb39c33d], PUP.Optional.WombatUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\SERVICE8119.EXE, In Quarantäne, [f7a20a0433582313e4d89f1de321eb15], PUP.Optional.RocketTab.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\RocketTab, Löschen bei Neustart, [7b1e25e9583396a00e1d3d37e81c48b8], PUP.Optional.RocketTab.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\RocketTab Update Task, Löschen bei Neustart, [613861ad3a51f34356d577fd32d21be5], PUP.Optional.ShopperPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ShopperPro, Löschen bei Neustart, [6f2a040ab8d369cd132ebe61eb184eb2], PUP.Optional.ShopperPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ShopperProJSUpd, Löschen bei Neustart, [e2b7a56932590630e26037e8bf44768a], PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SMupdate1, Löschen bei Neustart, [3960b25c7912ed494c52543ddf250af6], PUP.Optional.ShopperPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SPBIW_UpdateTask_Time_343037313738353638382d2355786c325a5b5734412d34, Löschen bei Neustart, [e2b73ed0e8a3d561e6b706a8d232728e], PUP.Optional.ShopperPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SPDriver, Löschen bei Neustart, [dbbe7c92bccf1620fd460a155da6b749], PUP.Optional.WordSurfer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WordSurfer Auto Updater 1.10.0.19 Core, Löschen bei Neustart, [7920b658bad1b08621d358640400ae52], PUP.Optional.WordSurfer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WordSurfer Auto Updater 1.10.0.19 Pending Update, Löschen bei Neustart, [5e3b78961d6e05310be9a21a9b69ae52], PUP.Optional.VOPackage, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPackage, In Quarantäne, [5841ef1f43482d09099f2495ca3a3cc4], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, In Quarantäne, [cbce769878133006a7aac2cfc341817f], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, In Quarantäne, [2772a06eff8c1422b49ca4ed8a7a6997], PUP.Optional.Tuto4PC, HKLM\SOFTWARE\TUTORIALS, In Quarantäne, [2f6a62ac72191323303f34838f75f907], PUP.Optional.PCSpeedUp, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, In Quarantäne, [dcbdfb13dfacf73f504e277d9c68fc04], PUP.Optional.Vitruvian, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WSASVC_1.10.0.19, In Quarantäne, [f1a856b82b6037fff988536663a1aa56], PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\FIMEVEBO, In Quarantäne, [8c0d99758209d56187e4f3add331a45c], PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TOXOVYNE, In Quarantäne, [b7e27b93f59642f4abc0a00039cb8779], PUP.Optional.WindowsMangerProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, In Quarantäne, [6039937bb4d7fa3c8ec4af0ddb297b85], PUP.Optional.ExtTag, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EXTTAG, In Quarantäne, [1f7a6ea06922b383637bc7c5778d0af6], PUP.Optional.ShopperPro, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPBIUPD, In Quarantäne, [287110fe2764b581cbd67e305ca8a65a], PUP.Optional.ShopperPro, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPBIUPDD, In Quarantäne, [3b5edd319dee46f07f222787d72d2ad6], PUP.Optional.iWebar, HKU\S-1-5-18\SOFTWARE\iWebar-nv, In Quarantäne, [06933dd1adde4de9d621f3a3e61ec23e], PUP.Optional.iWebar, HKU\S-1-5-18\SOFTWARE\iWebar-nv-ie, In Quarantäne, [0990d23c5932f343d5222d69c242f10f], PUP.Optional.ObjectBrowser, HKU\S-1-5-18\SOFTWARE\Object Browser-nv, In Quarantäne, [cecb11fda7e4e45285e9b8ea15efde22], PUP.Optional.ObjectBrowser, HKU\S-1-5-18\SOFTWARE\Object Browser-nv-ie, In Quarantäne, [1d7c4dc1d8b3ef47640a257dd232e31d], PUP.Optional.CrossRider, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, In Quarantäne, [a7f2a46adab150e6e8e2c9bdcf3512ee], PUP.Optional.CinemaPlus, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\Cinema_Plus-6.1cV25.08-nv-ie, In Quarantäne, [089109057219b185e446156c758ff808], PUP.Optional.HighDefAction, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\HighDefAction, In Quarantäne, [ebaeb35bb4d7ad894dfa7320b153ab55], PUP.Optional.iWebar, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\iWebar-nv, In Quarantäne, [58413ad43a513cfad423ebab46be2cd4], PUP.Optional.iWebar, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\iWebar-nv-ie, In Quarantäne, [b7e2b955107bdd592ec92d6906feb64a], PUP.Optional.ObjectBrowser, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\Object Browser-nv, In Quarantäne, [b4e545c98506c57135395d453ec6fe02], PUP.Optional.ObjectBrowser, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\Object Browser-nv-ie, In Quarantäne, [158440ce1873fb3b90dea10161a38d73], PUP.Optional.RocketTab.PrxySvrRST, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\RocketTabInstalled, In Quarantäne, [5544b05e7813092d11c31913cf346c94], PUP.Optional.Tuto4PC, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\TutoTag, In Quarantäne, [1f7a97777f0c69cd6efddbdc8480ab55], PUP.Optional.YorkNewCin, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\YorkNewCin, In Quarantäne, [3e5b4ac4b1da3bfb094dcaf3729212ee], PUP.Optional.CinemaPlus, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\ARENAHD, In Quarantäne, [5f3a9e70d8b3ea4c8c9294ed689cc63a], PUP.Optional.GlobalUpdate, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY, In Quarantäne, [f1a897771d6ec96dfc5049480400b14f], PUP.Optional.CrossRider, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\20891, In Quarantäne, [d0c914faee9d9e98528db1d533d1718f], PUP.Optional.CrossRider, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21836, In Quarantäne, [5d3ce9257d0e7eb80cd3fb8b26de7090], PUP.Optional.CrossRider, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\ObjectB, In Quarantäne, [36634bc37d0ee74f1d70d9ae94707e82], PUP.Optional.CrossRider, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Webby, In Quarantäne, [8c0d5cb2c5c6231322c8f39439cb7888], PUP.Optional.Conduit, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In Quarantäne, [4950917d8cff053111496a19689c26da], PUP.Optional.OutBrowse, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB, In Quarantäne, [4257dc32c8c3db5b346fd5cec1439d63], PUP.Optional.RocketTab.PrxySvrRST, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\SEARCH EXTENSIONS, In Quarantäne, [b1e85faf5a31c274b7eeb1b5986ca55b], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, In Quarantäne, [2e6b0d01117a38fe05bebf3558aaf010], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, In Quarantäne, [2e6b0d01117a38fe05bebf3558aaf010], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, In Quarantäne, [2e6b0d01117a38fe05bebf3558aaf010], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, In Quarantäne, [2e6b0d01117a38fe05bebf3558aaf010], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, In Quarantäne, [2e6b0d01117a38fe05bebf3558aaf010], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, In Quarantäne, [2e6b0d01117a38fe05bebf3558aaf010], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, In Quarantäne, [2e6b0d01117a38fe05bebf3558aaf010], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, In Quarantäne, [2e6b0d01117a38fe05bebf3558aaf010], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, In Quarantäne, [2e6b0d01117a38fe05bebf3558aaf010], Registrierungswerte: 33 PUP.Optional.SpaceSoundPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SpaceSoundPro, "C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe", In Quarantäne, [7722af5f3d4eb2848389f4bd9470718f] PUP.Optional.CinemaPlus, HKLM\SOFTWARE\ARENAHD|value, 1, In Quarantäne, [f9a024ea4c3f3ef82c110c75976dcc34] PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\CLASSES\APPID\GLOBALUPDATE.EXE|AppID, {3278F5CF-48F3-4253-A6BB-004CE84AF492}, In Quarantäne, [badf8c82a7e446f03d0c5c356c98629e] PUP.Optional.FastSearch, HKLM\SOFTWARE\FASTSEARCH|affid, 4435, In Quarantäne, [0099c34bc4c7de58baa67a132fd51ee2] PUP.Optional.PCTuner, HKLM\SOFTWARE\HIGHDEFACTION|value, 1, In Quarantäne, [5742bc52157639fde1ccd1d3b84c0df3] PUP.Optional.WombatUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\Service8119.exe|{a53dd3e5-0283-4ab3-b77c-7bd1bc7550c6}.sdb, 130850136640306087, In Quarantäne, [f7a20a0433582313e4d89f1de321eb15] PUP.Optional.Tuto4PC, HKLM\SOFTWARE\TUTORIALS|HostGUID, A406FD55-42B3-4BBD-B0DE-011A8D448E69, In Quarantäne, [2f6a62ac72191323303f34838f75f907] PUP.Optional.Vitruvian, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\wsasvc_1.10.0.19|ImagePath, "C:\Program Files\WordSurfer_1.10.0.19\Service\wsasvc.exe", In Quarantäne, [f1a856b82b6037fff988536663a1aa56] PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\fimevebo|ImagePath, C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\hnsg962D.tmp, In Quarantäne, [8c0d99758209d56187e4f3add331a45c] PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\jimocoso|ImagePath, C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\jnsg7D2F.tmp, In Quarantäne, [6e2b7c92721967cf84e78f1149bb19e7] PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\toxovyne|ImagePath, C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\knsg62F5.tmpfs, In Quarantäne, [b7e27b93f59642f4abc0a00039cb8779] PUP.Optional.ExtTag, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EXTTAG|ImagePath, C:\ProgramData\ExtTag\ExtTag.exe, In Quarantäne, [1f7a6ea06922b383637bc7c5778d0af6] PUP.Optional.ShopperPro, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPBIUpd|ImagePath, C:\Program Files\Common Files\ShopperPro\spbiu.exe /service, In Quarantäne, [287110fe2764b581cbd67e305ca8a65a] PUP.Optional.ShopperPro, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPBIUpdd|ImagePath, \??\C:\Program Files\Common Files\ShopperPro\spbiw.sys, In Quarantäne, [3b5edd319dee46f07f222787d72d2ad6] PUP.Optional.CinemaPlus, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\ARENAHD|value, 1, In Quarantäne, [5f3a9e70d8b3ea4c8c9294ed689cc63a] PUP.Optional.GlobalUpdate, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY|source, auto, In Quarantäne, [f1a897771d6ec96dfc5049480400b14f] PUP.Optional.PCTuner, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\HIGHDEFACTION|value, 1, In Quarantäne, [3663d539464539fd0e9b0e96de269e62] PUP.Optional.Conduit, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://www.bing.com/search?pc=COSP&ptag=D082515-AAF1615ED1F&form=CONBDF&conlogo=CT3334471&q={searchTerms}, In Quarantäne, [4950917d8cff053111496a19689c26da] PUP.Optional.OutBrowse, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype20, 8/26/15 0:1:1, In Quarantäne, [4257dc32c8c3db5b346fd5cec1439d63] PUP.Optional.OutBrowse, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype24, 8/26/15 0:1:1, In Quarantäne, [d8c1b05ee4a775c10a99564dbf45fe02] PUP.Optional.OutBrowse, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype27, 8/26/15 0:1:1, In Quarantäne, [dabf32dc701b82b49013960de61e8779] PUP.Optional.OutBrowse, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype41, 8/26/15 0:1:1, In Quarantäne, [8a0ffa14e7a4e1552c77adf6996b25db] PUP.Optional.OutBrowse, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype42, 8/26/15 0:1:1, In Quarantäne, [4b4e14fadeadfd39841f2281a163d22e] PUP.Optional.OutBrowse, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype26, 8/26/15 0:1:5, In Quarantäne, [663327e747441521f4afc3e0fc089c64] PUP.Optional.OutBrowse, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype43, 8/26/15 0:1:5, In Quarantäne, [108951bdb5d67eb88e15aef5eb19fe02] PUP.Optional.OutBrowse, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype15, 8/26/15 0:1:13, In Quarantäne, [831617f7a4e704328f1420838e7638c8] PUP.Optional.OutBrowse, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype4, 8/26/15 0:1:35, In Quarantäne, [0a8faf5f404b0630198a792ac143b34d] PUP.Optional.OutBrowse, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype34, 8/26/15 0:1:35, In Quarantäne, [6138db3383089e983a693172c53fbe42] PUP.Optional.OutBrowse, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype35, 8/26/15 0:1:35, In Quarantäne, [3c5dfe101c6f0e281291772c08fccc34] PUP.Optional.OutBrowse, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype14, 8/26/15 0:2:2, In Quarantäne, [cccd48c65e2d4de9efb4079c61a3b050] PUP.Optional.OutBrowse, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype25, 8/26/15 0:3:2, In Quarantäne, [0594aa6473189c9a60435f44f0147e82] PUP.Optional.OutBrowse, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\OB|monitype6, 8/26/15 0:3:7, In Quarantäne, [43569c728308df579112f6ad20e44db3] PUP.Optional.RocketTab.PrxySvrRST, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\SEARCH EXTENSIONS|RocketTab, 1, In Quarantäne, [b1e85faf5a31c274b7eeb1b5986ca55b] Registrierungsdaten: 2 PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files\Google\Chrome\Application\chrome.exe" hxxp://www.mystartsearch.com/?type=sc&ts=1440542810&z=8730ae1ddcc7422eba20b2fg5zcz1e8w8zbofqct0z&from=cmi&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1025257452574, Gut: (Chrome.exe), Schlecht: ("C:\Program Files\Google\Chrome\Application\chrome.exe" hxxp://www.mystartsearch.com/?type=sc&ts=1440542810&z=8730ae1ddcc7422eba20b2fg5zcz1e8w8zbofqct0z&from=cmi&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1025257452574),Ersetzt,[edac23ebb3d852e4c736e36e7a8b53ad] PUP.Optional.Conduit, HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.bing.com/?pc=COSP&ptag=D082515-AAF1615ED1F&form=CONMHP&conlogo=CT3334471, Gut: (www.google.com), Schlecht: (hxxp://www.bing.com/?pc=COSP&ptag=D082515-AAF1615ED1F&form=CONMHP&conlogo=CT3334471),Ersetzt,[653416f8dbb0a39368d5bca1a46135cb] Ordner: 35 PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.BrowserHelper, C:\Users\Enno\AppData\Local\BrowserHelper, In Quarantäne, [ecad45c9404bca6c629dc2bc1aea04fc], PUP.Optional.ConvertAd, C:\Users\Enno\AppData\Local\C56FE3C0-1440547317-11DC-85B8-001E8CAAE9F4, In Quarantäne, [d5c4f01eeaa1270f83356a19e3213ac6], PUP.Optional.DailyPCClean, C:\Users\Enno\Documents\DailyPCClean, In Quarantäne, [d2c7b6587a11cd6994cefb8dd62e49b7], PUP.Optional.MultiPlug, C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4, Löschen bei Neustart, [aaefe727ed9ecb6b7fc1cfd1aa5aaa56], PUP.Optional.SpaceSoundPro, C:\Program Files\SpaceSondPro, In Quarantäne, [5742cf3f35565adcc3480ca57094639d], PUP.Optional.SpaceSoundPro, C:\Program Files\SpaceSoundPro, Löschen bei Neustart, [7722af5f3d4eb2848389f4bd9470718f], PUP.Optional.SpaceSoundPro, C:\Program Files\SpaceSoundPro\config, In Quarantäne, [7722af5f3d4eb2848389f4bd9470718f], PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro, In Quarantäne, [3f5a5fafe2a9b97d66db57996d95847c], PUP.Optional.OurSurfing.ShrtCln, C:\Users\Enno\AppData\Roaming\oursurfing, In Quarantäne, [2475cb43addec86e46f703f0936f669a], PUP.Optional.GlobalUpdate, C:\Program Files\globalUpdate\Update, In Quarantäne, [2e6b0d01117a38fe05bebf3558aaf010], PUP.Optional.GlobalUpdate, C:\Program Files\globalUpdate\Update\1.3.25.0, In Quarantäne, [2e6b0d01117a38fe05bebf3558aaf010], PUP.Optional.GlobalUpdate, C:\Program Files\globalUpdate\Update\Download, In Quarantäne, [2e6b0d01117a38fe05bebf3558aaf010], PUP.Optional.GlobalUpdate, C:\Program Files\globalUpdate\Update\Install, In Quarantäne, [2e6b0d01117a38fe05bebf3558aaf010], PUP.Optional.GlobalUpdate, C:\Program Files\globalUpdate\Update\Offline, In Quarantäne, [2e6b0d01117a38fe05bebf3558aaf010], PUP.Optional.GlobalUpdate, C:\Program Files\globalUpdate\Update\Offline\{00956091-F76A-41FB-AD01-6537977921EA}, In Quarantäne, [2e6b0d01117a38fe05bebf3558aaf010], PUP.Optional.ExtTag, C:\ProgramData\ExtTag, In Quarantäne, [46535bb3e0ab5bdbb8bec343e12213ed], PUP.Optional.GamesDesktop, C:\Users\Enno\AppData\Local\gmsd_de_005010071, In Quarantäne, [e8b149c5e0ab34025afd907844bf29d7], PUP.Optional.GamesDesktop, C:\Users\Enno\AppData\Local\gmsd_de_005010071\gmsd_de_005010071, In Quarantäne, [e8b149c5e0ab34025afd907844bf29d7], PUP.Optional.GamesDesktop, C:\Users\Enno\AppData\Local\gmsd_de_005010071\gmsd_de_005010071\1.20, In Quarantäne, [e8b149c5e0ab34025afd907844bf29d7], PUP.Optional.GamesDesktop, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP, In Quarantäne, [8910f618bad1e650a3b60efabc478080], PUP.Optional.MiniLite, C:\Program Files\MiniLite, Löschen bei Neustart, [8d0c947a97f4ea4c939ba26e05fe3bc5], PUP.Optional.PennyBee, C:\ProgramData\IcyCarje, In Quarantäne, [910816f8018a4fe7daab6ba7e81b8977], PUP.Optional.ProtectWindowsManager, C:\ProgramData\pWinManProp, In Quarantäne, [05944ec01279999d89819d773fc4aa56], PUP.Optional.ProtectWindowsManager, C:\ProgramData\pWinManProp\update, In Quarantäne, [05944ec01279999d89819d773fc4aa56], PUP.Optional.ShopperPro, C:\Users\Public\Documents\ShopperPro, In Quarantäne, [1584ad611d6ea591d9c82fe802010df3], PUP.Optional.ShopperPro, C:\Users\Public\Documents\ShopperPro\JsDriver, In Quarantäne, [1584ad611d6ea591d9c82fe802010df3], PUP.Optional.SpaceSoundPro, C:\Program Files\SpaceSondPro_v53.1700, In Quarantäne, [fb9eb55999f2af87b2a17c9d8f7422de], PUP.Optional.SpaceSoundPro, C:\Users\Enno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpaceSoundPro 1.0, In Quarantäne, [f8a1d33b8a010a2cf26261b88f74956b], PUP.Optional.Vitruvian, C:\Program Files\WordSurfer_1.10.0.19, In Quarantäne, [2178040a8ffcab8b6b070e8b6f961ae6], PUP.Optional.Vitruvian, C:\Program Files\WordSurfer_1.10.0.19\3rd Party Licenses, In Quarantäne, [2178040a8ffcab8b6b070e8b6f961ae6], PUP.Optional.Vitruvian, C:\Program Files\WordSurfer_1.10.0.19\Service, In Quarantäne, [2178040a8ffcab8b6b070e8b6f961ae6], PUP.Optional.Vitruvian, C:\Program Files\WordSurfer_1.10.0.19\Update, In Quarantäne, [2178040a8ffcab8b6b070e8b6f961ae6], Dateien: 139 PUP.Optional.Bundle, C:\Program Files\MiniLite\ProtectService.exe, Löschen bei Neustart, [0c8d7f8fe4a736002081197f38ca28d8], PUP.Optional.WordSurfer, C:\Windows\System32\drivers\wsafd_1_10_0_19.sys, In Quarantäne, [26739e70dbb082b48c97246ff90c857b], Adware.PennyBee, C:\ProgramData\IcyCarje\gigo3maw.dll, In Quarantäne, [48515bb3fa919c9aa5a3c2fbf110aa56], Trojan.Dropper, C:\ProgramData\pWinManProp\WinManPro.exe, In Quarantäne, [bcdd808ef893e94d8edf5875ed14629e], PUP.Optional.Tuto4PC, C:\Program Files\DailyPcClean Support\DailyPCClean.exe, In Quarantäne, [d2c78787acdf76c05592b3c118edd62a], PUP.Optional.WordSurfer, C:\Program Files\WordSurfer_1.10.0.19\Uninstall.exe, In Quarantäne, [c0d90e0099f20a2ceb38365df213ad53], PUP.Optional.MiniLite, C:\Program Files\MiniLite\Uninstall.exe, In Quarantäne, [9900b45aa0ebcf678a95f8db9a6758a8], PUP.Optional.FastSearch, C:\Program Files\FastSearch\uninstall.exe, In Quarantäne, [5b3ede30395238fef3d6ba16778a639d], PUP.Optional.Amonetize, C:\Windows\Temp\tmp7C02.tmp, In Quarantäne, [cdccd33be3a8cf67e3ebab189071e41c], Trojan.Agent, C:\Users\Enno\AppData\Local\C56FE3C0-1440547317-11DC-85B8-001E8CAAE9F4\snsr36EF.tmp, In Quarantäne, [465341cdb4d782b4c068f9c4738e60a0], PUP.Optional.RocketTab.PrxySvrRST, C:\Windows\System32\Tasks\RocketTab Update Task, In Quarantäne, [e6b3fb135f2c2f07c115919b59aaf50b], PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\ShopperPro, In Quarantäne, [c3d66f9f018adb5bd31ec669c93a7a86], PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\ShopperProJSUpd, In Quarantäne, [cacfd935eba077bf757d48e712f19f61], PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\SPDriver, In Quarantäne, [e1b8e826eaa178bed320111eb84b5fa1], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\acengine.tlb, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\ACDLL.dll, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\ACDLL64.dll, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\ACDLL64.exe, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\acengine.dll, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\acengine.exe, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\acengine64.dll, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\acenginecert.dll, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\ACInstaller.exe, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\acwfp.sys, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\acwfp64.sys, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\cfr3011.exe, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\freebl3.dll, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\gre.exe, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\lengine.exe, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\lengine.ini, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\lengine64.exe, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\libnspr4.dll, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\libplc4.dll, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\libplds4.dll, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\nss3.dll, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\nssckbi.dll, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\nssdbm3.dll, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\nssutil3.dll, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\slite.exe, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\smime3.dll, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\softokn3.dll, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\sqlite3.dll, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.Winsock.HijackBoot, C:\Program Files\FastSearch\ssl3.dll, In Quarantäne, [d2c7bf4fe0ab93a34cf831408e7610f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\wlu.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\1.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\a.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\b.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\c.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\d.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\e.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\f.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\g.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\h.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\i.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\j.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\k.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\l.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\m.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\n.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\o.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\p.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\q.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\r.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\s.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\t.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\u.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\v.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\w.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\x.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\y.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.SmartWeb, C:\Users\Enno\AppData\LocalLow\SmartWeb\Data\z.txt, In Quarantäne, [5d3c8c82abe0de58b9d05120b15310f0], PUP.Optional.BrowserHelper, C:\Users\Enno\AppData\Local\BrowserHelper\BrowserHelperBk.txt, In Quarantäne, [ecad45c9404bca6c629dc2bc1aea04fc], PUP.Optional.BrowserHelper, C:\Users\Enno\AppData\Local\BrowserHelper\BrowserHelper.txt, In Quarantäne, [ecad45c9404bca6c629dc2bc1aea04fc], PUP.Optional.ConvertAd, C:\Users\Enno\AppData\Local\C56FE3C0-1440547317-11DC-85B8-001E8CAAE9F4\Uninstall.exe, In Quarantäne, [d5c4f01eeaa1270f83356a19e3213ac6], PUP.Optional.ConvertAd, C:\Users\Enno\AppData\Local\C56FE3C0-1440547317-11DC-85B8-001E8CAAE9F4\EEA7.tmp, In Quarantäne, [d5c4f01eeaa1270f83356a19e3213ac6], PUP.Optional.ConvertAd, C:\Users\Enno\AppData\Local\C56FE3C0-1440547317-11DC-85B8-001E8CAAE9F4\onsb377D.tmp, In Quarantäne, [d5c4f01eeaa1270f83356a19e3213ac6], PUP.Optional.ConvertAd, C:\Users\Enno\AppData\Local\C56FE3C0-1440547317-11DC-85B8-001E8CAAE9F4\pnsb377E.exe, In Quarantäne, [d5c4f01eeaa1270f83356a19e3213ac6], PUP.Optional.ConvertAd, C:\Users\Enno\AppData\Local\C56FE3C0-1440547317-11DC-85B8-001E8CAAE9F4\rnsb377C.exe, In Quarantäne, [d5c4f01eeaa1270f83356a19e3213ac6], PUP.Optional.ConvertAd, C:\Users\Enno\AppData\Local\C56FE3C0-1440547317-11DC-85B8-001E8CAAE9F4\snsr36EF.tmp, In Quarantäne, [d5c4f01eeaa1270f83356a19e3213ac6], PUP.Optional.DailyPCClean, C:\Users\Enno\Documents\DailyPCClean\CookieExclusions.txt, In Quarantäne, [d2c7b6587a11cd6994cefb8dd62e49b7], PUP.Optional.Goobzo, C:\Windows\System32\Tasks\SMupdate1, In Quarantäne, [e9b0967898f369cdaeea474a9e66f010], PUP.Optional.MultiPlug, C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\jnsg7D2F.tmp, Löschen bei Neustart, [aaefe727ed9ecb6b7fc1cfd1aa5aaa56], PUP.Optional.MultiPlug, C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\rnsb7742.exe, In Quarantäne, [aaefe727ed9ecb6b7fc1cfd1aa5aaa56], PUP.Optional.MultiPlug, C:\Program Files\C56FE3C0-1440540058-11DC-85B8-001E8CAAE9F4\Uninstall.exe, In Quarantäne, [aaefe727ed9ecb6b7fc1cfd1aa5aaa56], PUP.Optional.SpaceSoundPro, C:\Users\Enno\Desktop\SpaceSoundPro.lnk, In Quarantäne, [96030b03503b60d625e5ab0602026898], PUP.Optional.SpaceSoundPro, C:\Program Files\SpaceSondPro\uninstall.exe, In Quarantäne, [5742cf3f35565adcc3480ca57094639d], PUP.Optional.SpaceSoundPro, C:\Program Files\SpaceSondPro\Spacesoundpro.exe, In Quarantäne, [5742cf3f35565adcc3480ca57094639d], PUP.Optional.SpaceSoundPro, C:\Program Files\SpaceSoundPro\Uninstall.exe, In Quarantäne, [7722af5f3d4eb2848389f4bd9470718f], PUP.Optional.SpaceSoundPro, C:\Program Files\SpaceSoundPro\backup_High Definition Audio-Gerät_Digitalaudio (S_PDIF).reg, In Quarantäne, [7722af5f3d4eb2848389f4bd9470718f], PUP.Optional.SpaceSoundPro, C:\Program Files\SpaceSoundPro\backup_High Definition Audio-Gerät_Kopfhörer.reg, In Quarantäne, [7722af5f3d4eb2848389f4bd9470718f], PUP.Optional.SpaceSoundPro, C:\Program Files\SpaceSoundPro\backup_High Definition Audio-Gerät_Lautsprecher.reg, In Quarantäne, [7722af5f3d4eb2848389f4bd9470718f], PUP.Optional.SpaceSoundPro, C:\Program Files\SpaceSoundPro\backup_Logitech USB Headset H340_Lautsprecher.reg, In Quarantäne, [7722af5f3d4eb2848389f4bd9470718f], PUP.Optional.SpaceSoundPro, C:\Program Files\SpaceSoundPro\silentconfigurator.exe, In Quarantäne, [7722af5f3d4eb2848389f4bd9470718f], PUP.Optional.SpaceSoundPro, C:\Program Files\SpaceSoundPro\silentunconfigurator.exe, In Quarantäne, [7722af5f3d4eb2848389f4bd9470718f], PUP.Optional.SpaceSoundPro, C:\Program Files\SpaceSoundPro\SpaceSoundPro.dll, Löschen bei Neustart, [7722af5f3d4eb2848389f4bd9470718f], PUP.Optional.SpaceSoundPro, C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe, Löschen bei Neustart, [7722af5f3d4eb2848389f4bd9470718f], PUP.Optional.SpaceSoundPro, C:\Program Files\SpaceSoundPro\config\SpaceSoundPro.conf, In Quarantäne, [7722af5f3d4eb2848389f4bd9470718f], PUP.Optional.SpaceSoundPro, C:\Program Files\SpaceSoundPro\config\SpaceSoundPro.err, In Quarantäne, [7722af5f3d4eb2848389f4bd9470718f], PUP.Optional.SpaceSoundPro, C:\Program Files\SpaceSoundPro\config\SpaceSoundProLinks.conf, In Quarantäne, [7722af5f3d4eb2848389f4bd9470718f], PUP.Optional.SpaceSoundPro, C:\Program Files\SpaceSoundPro\config\SpaceSoundProUser.conf, In Quarantäne, [7722af5f3d4eb2848389f4bd9470718f], PUP.Optional.WombatUpdater, C:\Windows\AppPatch\Custom\{a53dd3e5-0283-4ab3-b77c-7bd1bc7550c6}.sdb, In Quarantäne, [4f4a11fdeba0b680764508b46d978c74], PUP.Optional.WordSurfer, C:\Windows\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core, In Quarantäne, [4d4c4ac4e3a82f0746abecd0b74da25e], PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbia.exe, In Quarantäne, [3f5a5fafe2a9b97d66db57996d95847c], PUP.Optional.GlobalUpdate, C:\Program Files\globalUpdate\Update\1.3.25.0\globalupdate.exe, In Quarantäne, [2e6b0d01117a38fe05bebf3558aaf010], PUP.Optional.GlobalUpdate, C:\Program Files\globalUpdate\Update\1.3.25.0\globalupdateBroker.exe, In Quarantäne, [2e6b0d01117a38fe05bebf3558aaf010], PUP.Optional.GlobalUpdate, C:\Program Files\globalUpdate\Update\1.3.25.0\globalupdateCrashHandler.exe, In Quarantäne, [2e6b0d01117a38fe05bebf3558aaf010], PUP.Optional.GlobalUpdate, C:\Program Files\globalUpdate\Update\1.3.25.0\globalupdateHelper.msi, In Quarantäne, [2e6b0d01117a38fe05bebf3558aaf010], PUP.Optional.GlobalUpdate, C:\Program Files\globalUpdate\Update\1.3.25.0\globalupdateOnDemand.exe, In Quarantäne, [2e6b0d01117a38fe05bebf3558aaf010], PUP.Optional.GlobalUpdate, C:\Program Files\globalUpdate\Update\1.3.25.0\goopdate.dll, In Quarantäne, [2e6b0d01117a38fe05bebf3558aaf010], PUP.Optional.GlobalUpdate, C:\Program Files\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, In Quarantäne, [2e6b0d01117a38fe05bebf3558aaf010], PUP.Optional.GlobalUpdate, C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll, In Quarantäne, [2e6b0d01117a38fe05bebf3558aaf010], PUP.Optional.GlobalUpdate, C:\Program Files\globalUpdate\Update\1.3.25.0\psmachine.dll, In Quarantäne, [2e6b0d01117a38fe05bebf3558aaf010], PUP.Optional.GlobalUpdate, C:\Program Files\globalUpdate\Update\1.3.25.0\psuser.dll, In Quarantäne, [2e6b0d01117a38fe05bebf3558aaf010], PUP.Optional.ExtTag, C:\ProgramData\ExtTag\Config.xml, In Quarantäne, [46535bb3e0ab5bdbb8bec343e12213ed], PUP.Optional.ExtTag, C:\ProgramData\ExtTag\ExtTag.dll, In Quarantäne, [46535bb3e0ab5bdbb8bec343e12213ed], PUP.Optional.ExtTag, C:\ProgramData\ExtTag\ExtTag.exe.config, In Quarantäne, [46535bb3e0ab5bdbb8bec343e12213ed], PUP.Optional.ExtTag, C:\ProgramData\ExtTag\uninstall.exe, In Quarantäne, [46535bb3e0ab5bdbb8bec343e12213ed], PUP.Optional.GamesDesktop, C:\Users\Enno\AppData\Local\gmsd_de_005010071\upgmsd_de_005010071.cyl, In Quarantäne, [e8b149c5e0ab34025afd907844bf29d7], PUP.Optional.GamesDesktop, C:\Users\Enno\AppData\Local\gmsd_de_005010071\gmsd_de_005010071\1.20\cnf.cyl, In Quarantäne, [e8b149c5e0ab34025afd907844bf29d7], PUP.Optional.MiniLite, C:\Program Files\MiniLite\msvcp110.dll, Löschen bei Neustart, [8d0c947a97f4ea4c939ba26e05fe3bc5], PUP.Optional.MiniLite, C:\Program Files\MiniLite\msvcr110.dll, Löschen bei Neustart, [8d0c947a97f4ea4c939ba26e05fe3bc5], PUP.Optional.PennyBee, C:\ProgramData\IcyCarje\gigo3maw.dll, In Quarantäne, [910816f8018a4fe7daab6ba7e81b8977], PUP.Optional.ProtectWindowsManager, C:\ProgramData\pWinManProp\updateconf, In Quarantäne, [05944ec01279999d89819d773fc4aa56], PUP.Optional.ProtectWindowsManager, C:\ProgramData\pWinManProp\WinManPro.exe, In Quarantäne, [05944ec01279999d89819d773fc4aa56], PUP.Optional.ShopperPro, C:\Users\Public\Documents\ShopperPro\JsDriver\Config.xml, In Quarantäne, [1584ad611d6ea591d9c82fe802010df3], PUP.Optional.SpaceSoundPro, C:\Program Files\SpaceSondPro_v53.1700\SpaceSondPro_Service.exe, In Quarantäne, [fb9eb55999f2af87b2a17c9d8f7422de], PUP.Optional.SpaceSoundPro, C:\Users\Enno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpaceSoundPro 1.0\SpaceSoundPro.lnk, In Quarantäne, [f8a1d33b8a010a2cf26261b88f74956b], PUP.Optional.SpaceSoundPro, C:\Users\Enno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpaceSoundPro 1.0\Uninstall.lnk, In Quarantäne, [f8a1d33b8a010a2cf26261b88f74956b], PUP.Optional.Vitruvian, C:\Program Files\WordSurfer_1.10.0.19\terms-of-service.rtf, In Quarantäne, [2178040a8ffcab8b6b070e8b6f961ae6], PUP.Optional.Vitruvian, C:\Program Files\WordSurfer_1.10.0.19\3rd Party Licenses\buildcrx-license.txt, In Quarantäne, [2178040a8ffcab8b6b070e8b6f961ae6], PUP.Optional.Vitruvian, C:\Program Files\WordSurfer_1.10.0.19\3rd Party Licenses\Info-ZIP-license.txt, In Quarantäne, [2178040a8ffcab8b6b070e8b6f961ae6], PUP.Optional.Vitruvian, C:\Program Files\WordSurfer_1.10.0.19\3rd Party Licenses\JSON-simple-license.txt, In Quarantäne, [2178040a8ffcab8b6b070e8b6f961ae6], PUP.Optional.Vitruvian, C:\Program Files\WordSurfer_1.10.0.19\3rd Party Licenses\nsJSON-license.txt, In Quarantäne, [2178040a8ffcab8b6b070e8b6f961ae6], PUP.Optional.Vitruvian, C:\Program Files\WordSurfer_1.10.0.19\3rd Party Licenses\Nustache-license.txt, In Quarantäne, [2178040a8ffcab8b6b070e8b6f961ae6], PUP.Optional.Vitruvian, C:\Program Files\WordSurfer_1.10.0.19\3rd Party Licenses\TaskScheduler-license.txt, In Quarantäne, [2178040a8ffcab8b6b070e8b6f961ae6], PUP.Optional.Vitruvian, C:\Program Files\WordSurfer_1.10.0.19\3rd Party Licenses\UAC-license.txt, In Quarantäne, [2178040a8ffcab8b6b070e8b6f961ae6], PUP.Optional.Vitruvian, C:\Program Files\WordSurfer_1.10.0.19\Update\Microsoft.Win32.TaskScheduler.dll, In Quarantäne, [2178040a8ffcab8b6b070e8b6f961ae6], PUP.Optional.Vitruvian, C:\Program Files\WordSurfer_1.10.0.19\Update\Nustache.Core.dll, In Quarantäne, [2178040a8ffcab8b6b070e8b6f961ae6], PUP.Optional.Vitruvian, C:\Program Files\WordSurfer_1.10.0.19\Update\WordSurferAutoUpdateClient.exe.config, In Quarantäne, [2178040a8ffcab8b6b070e8b6f961ae6], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.004 - Bericht erstellt 30/08/2015 um 15:36:48
# Aktualisiert 26/08/2015 von Xplode
# Datenbank : 2015-08-30.1 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x86)
# Benutzername : Enno - ENNO-PC
# Gestarted von : C:\Users\Enno\Desktop\AdwCleaner_5.004.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
[-] Dienst Gelöscht : BrsHelper
[-] Dienst Gelöscht : globalUpdatem
[-] Dienst Gelöscht : sbmntr
[-] Dienst Gelöscht : ExtTag
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\Program Files\globalUpdate
[-] Ordner Gelöscht : C:\Program Files\YTDownloader
[-] Ordner Gelöscht : C:\Program Files\DailyPcClean Support
[-] Ordner Gelöscht : C:\ProgramData\ExtTag
[-] Ordner Gelöscht : C:\ProgramData\12db864551ae4c578eb17db1a9f5d3cf
[-] Ordner Gelöscht : C:\Users\Enno\AppData\Local\globalUpdate
[-] Ordner Gelöscht : C:\Users\Enno\Documents\Updater
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Program Files\Common Files\System\SysMenu.dll
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
[-] Task Gelöscht : YTDownloader
[-] Task Gelöscht : YTDownloaderUpd
[-] Task Gelöscht : Microsoft\Windows\Multimedia\SMupdate3
[-] Task Gelöscht : Microsoft\Windows\Maintenance\SMupdate2
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\SysMenuExt
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL
[-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
[-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
[-] Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\rttasks
[-] Schlüssel Gelöscht : HKCU\Software\DAILYPCCLEAN
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\ShopperPro
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\downchecker
***** [ Internetbrowser ] *****
[-] [C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : leaguereplays.en.softonic.com
[-] [C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Gelöscht : hxxp://www.mystartsearch.com/webfavicon.ico
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4911 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.9 (08.27.2015:1)
OS: Windows 7 Ultimate x86
Ran by Enno on 30.08.2015 at 15:41:12,55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Bar
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3873983982-3366287411-1273497978-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
~~~ Files
Successfully deleted: [File] C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
~~~ Folders
Successfully deleted: [Folder] C:\Program Files\lavasoft\web companion
Successfully deleted: [Folder] C:\Program Files\miniget
Successfully deleted: [Folder] C:\ProgramData\exttag
Successfully deleted: [Folder] C:\ProgramData\lavasoft\web companion
Successfully deleted: [Folder] C:\Users\Enno\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Users\Enno\Appdata\Local\installer
Successfully deleted: [Folder] C:\Users\Enno\AppData\Roaming\lavasoft\web companion
Successfully deleted: [Folder] C:\Users\Enno\AppData\Roaming\miniget
Successfully deleted: [Folder] C:\ProgramData\Service8119
~~~ Chrome
[C:\Users\Enno\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Enno\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Enno\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Enno\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.08.2015 at 15:43:06,84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:29-08-2015
durchgeführt von Enno (Administrator) auf ENNO-PC (30-08-2015 15:44:24)
Gestartet von C:\Users\Enno\Desktop
Geladene Profile: Enno (Verfügbare Profile: Enno)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
() C:\Program Files\NixSrv\NixSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2670592 2015-06-01] (Sony Corporation)
HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2015-07-20] (Microsoft Corporation)
AppInit_DLLs: C:\ProgramData\ExtTag\Biosunfix.dll => Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK-Konfigurationstool.lnk [2015-07-04]
ShortcutTarget: TP-LINK-Konfigurationstool.lnk -> C:\Program Files\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe ()
Startup: C:\Users\Enno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-08-25]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3873983982-3366287411-1273497978-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByvzhEb-M2ds_L_8afFBUWV8_sXcOi2Kzvbo8s_Cs2n1EfhGltjUvAdFMvbNxw7hf2uspODYYcvxK5BqJ8KpVgW4xMtO_EhRwnFigYQJKMN-T4MT-HM1CO62AbI_i2k6miq1V9rfjD-CIyziGuPYCXhRyfBGh&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByvzhEb-M2ds_L_8afFBUWV8_sXcOi2Kzvbo8s_Cs2n1EfhGltjUvAdFMvbNxw7hf2uspODYYcvxK5BqJ8KpVgW4xMtO_EhRwnFigYQJKMN-T4MT-HM1CO62AbI_i2k6miq1V9rfjD-CIyziGuPYCXhRyfBGh&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3873983982-3366287411-1273497978-1000 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByvzhEb-M2ds_L_8afFBUWV8_sXcOi2Kzvbo8s_Cs2n1EfhGltjUvAdFMvbNxw7hf2uspODYYcvxK5BqJ8KpVgW4xMtO_EhRwnFigYQJKMN-T4MT-HM1CO62AbI_i2k6miq1V9rfjD-CIyziGuPYCXhRyfBGh&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3873983982-3366287411-1273497978-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByvzhEb-M2ds_L_8afFBUWV8_sXcOi2Kzvbo8s_Cs2n1EfhGltjUvAdFMvbNxw7hf2uspODYYcvxK5BqJ8KpVgW4xMtO_EhRwnFigYQJKMN-T4MT-HM1CO62AbI_i2k6miq1V9rfjD-CIyziGuPYCXhRyfBGh&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{6D09965C-7A4F-4649-9D88-FC9EE81FC8C8}: [DhcpNameServer] 192.168.1.1 192.168.1.1
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2001-12-31] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2001-12-31] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-04]
CHR Extension: (Google Docs) - C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-04]
CHR Extension: (Google Drive) - C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-04]
CHR Extension: (YouTube) - C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-04]
CHR Extension: (Google Search) - C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-04]
CHR Extension: (Google Sheets) - C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-04]
CHR Extension: (Jeffrey's Exif viewer) - C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Extensions\glpbdeclgjmeoojlmhpamjddandmplki [2015-07-04]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-04]
CHR Extension: (Skype Click to Call) - C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-08-02]
CHR Extension: (Ghostery) - C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-07-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-04]
CHR Extension: (Gmail) - C:\Users\Enno\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-04]
CHR HKLM\...\Chrome\Extension: [dnligehkhogpcngalffdoomehjcbecna] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gehmndecgbcffhmfjkenpamdgechcgpe] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
StartMenuInternet: Google Chrome - Chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-08-25] (Adobe Systems) [Datei ist nicht signiert]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-07-16] (Foxit Software Inc.)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [921232 2015-07-24] (NVIDIA Corporation)
S2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NixSrv; C:\Program Files\NixSrv\NixSrv.exe [379392 2015-08-25] () [Datei ist nicht signiert] <==== ACHTUNG
S2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20694160 2015-06-24] (NVIDIA Corporation)
S2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [494592 2015-06-01] (Sony Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 ExtTag; C:\ProgramData\ExtTag\ExtTag.exe [X]
S2 LavasoftTcpService; C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [X]
S2 SearchProtectionService; "C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [41648 2015-05-19] (NVIDIA Corporation)
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [801896 2012-10-25] (Realtek Semiconductor Corporation )
S3 catchme; \??\C:\Users\Enno\AppData\Local\Temp\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-30 15:43 - 2015-08-30 15:43 - 00003165 _____ C:\Users\Enno\Desktop\JRT.txt
2015-08-30 15:43 - 2015-08-30 15:43 - 00000000 ____D C:\Users\Enno\Desktop\FRST-OlderVersion
2015-08-30 15:39 - 2015-08-30 15:39 - 00004990 _____ C:\Users\Enno\Desktop\AdwCleaner[C1].txt
2015-08-30 15:39 - 2015-08-30 15:39 - 00002377 _____ C:\Windows\system32\findit.xml
2015-08-30 15:39 - 2015-08-30 15:39 - 00000000 ____D C:\Users\Enno\AppData\Roaming\Mozilla
2015-08-30 15:39 - 2015-08-30 15:39 - 00000000 ____D C:\ProgramData\ExtTags
2015-08-30 14:23 - 2015-08-30 14:23 - 01798640 _____ (Malwarebytes Corporation) C:\Users\Enno\Desktop\JRT.exe
2015-08-30 14:22 - 2015-08-30 14:24 - 09599225 _____ (Malwarebytes Corporation ) C:\Users\Enno\Downloads\mbam-setup-2.1.8.1057 (2).exe
2015-08-30 14:22 - 2015-08-30 14:22 - 01618432 _____ C:\Users\Enno\Desktop\AdwCleaner_5.004.exe
2015-08-27 22:06 - 2015-08-27 22:06 - 00022470 _____ C:\ComboFix.txt
2015-08-27 21:37 - 2015-08-27 22:06 - 00000000 ____D C:\Qoobox
2015-08-27 21:37 - 2015-08-27 22:01 - 00000000 ____D C:\Windows\erdnt
2015-08-27 21:37 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-27 21:37 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-27 21:37 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-27 21:37 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-27 21:37 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-27 21:37 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-27 21:37 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-27 21:37 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-27 21:31 - 2015-08-27 21:31 - 05636265 ____R (Swearware) C:\Users\Enno\Desktop\ComboFix.exe
2015-08-27 21:13 - 2015-08-30 14:48 - 00001226 _____ C:\Users\Enno\Desktop\Revo Uninstaller.lnk
2015-08-27 21:13 - 2015-08-27 21:13 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Enno\Desktop\revosetup95.exe
2015-08-27 21:13 - 2015-08-27 21:13 - 00000000 ____D C:\Program Files\VS Revo Group
2015-08-26 19:04 - 2015-08-26 19:05 - 00039792 _____ C:\Users\Enno\Desktop\Addition.txt
2015-08-26 19:03 - 2015-08-30 15:44 - 00012836 _____ C:\Users\Enno\Desktop\FRST.txt
2015-08-26 19:03 - 2015-08-30 15:44 - 00000000 ____D C:\FRST
2015-08-26 19:02 - 2015-08-30 15:43 - 01690624 _____ (Farbar) C:\Users\Enno\Desktop\FRST.exe
2015-08-26 19:02 - 2015-08-26 19:02 - 00017705 _____ C:\Users\Enno\Desktop\get-mirror-server.html
2015-08-26 00:55 - 2015-08-30 15:38 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-26 00:55 - 2015-08-26 00:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-08-26 00:55 - 2015-08-26 00:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-26 00:55 - 2015-08-26 00:55 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware
2015-08-26 00:55 - 2015-06-18 08:41 - 00094936 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-26 00:55 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-26 00:55 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-26 00:54 - 2015-08-26 00:54 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Enno\Downloads\mbam-setup-2.1.8.1057 (1).exe
2015-08-26 00:47 - 2015-08-27 21:46 - 00000000 ____D C:\Program Files\e6c775f4-fd06-4422-a78c-a41a05a8bbb8
2015-08-26 00:47 - 2015-08-27 21:46 - 00000000 ____D C:\Program Files\d79cd7cf-41ed-4e57-a8f2-a6d8595d9a6a
2015-08-26 00:46 - 2015-08-26 00:48 - 00000801 _____ C:\task.vbs
2015-08-26 00:46 - 2015-08-26 00:46 - 00000000 _____ C:\dummy.htm
2015-08-26 00:22 - 2015-08-26 00:22 - 00000000 ____D C:\Users\Enno\Desktop\Nightwish Wishmaster
2015-08-26 00:10 - 2015-08-26 00:10 - 00000000 ____D C:\Windows\system32\appmgmt
2015-08-26 00:08 - 2015-08-26 00:08 - 00002888 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-08-26 00:08 - 2015-08-26 00:08 - 00000000 ____D C:\Users\Enno\AppData\Local\Lavasoft
2015-08-26 00:08 - 2015-08-26 00:08 - 00000000 ____D C:\searchplugins
2015-08-26 00:07 - 2015-08-30 15:42 - 00000000 ____D C:\Users\Enno\AppData\Roaming\Lavasoft
2015-08-26 00:07 - 2015-08-30 15:42 - 00000000 ____D C:\ProgramData\Lavasoft
2015-08-26 00:07 - 2015-08-30 15:42 - 00000000 ____D C:\Program Files\Lavasoft
2015-08-26 00:07 - 2015-08-26 00:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-08-26 00:07 - 2015-06-08 14:13 - 00348488 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll
2015-08-26 00:02 - 2015-08-26 23:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-26 00:02 - 2015-08-26 00:02 - 00000000 ____D C:\Users\Enno\AppData\Roaming\Opera Software
2015-08-26 00:02 - 2015-08-26 00:02 - 00000000 ____D C:\Users\Enno\AppData\Local\Opera Software
2015-08-26 00:01 - 2015-08-30 14:21 - 00000000 ____D C:\ProgramData\update
2015-08-26 00:01 - 2015-08-27 21:09 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-26 00:01 - 2015-08-26 01:01 - 00000000 ____D C:\Program Files\NixSrv
2015-08-26 00:01 - 2015-08-26 00:01 - 00000187 _____ C:\Users\Enno\AppData\Local\Damfase.exe.config
2015-08-26 00:01 - 2015-08-26 00:01 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-08-26 00:01 - 2009-06-10 23:39 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-08-26 00:00 - 2015-08-26 00:06 - 00000000 ____D C:\Program Files\Opera
2015-08-25 23:59 - 2015-08-25 23:59 - 00000000 ____D C:\Users\Enno\Downloads\Adobe+Lightroom+6+Crack+Plus+Serial+Number+Full+Free+Download
2015-08-25 23:58 - 2015-08-25 23:58 - 00326318 _____ C:\Users\Enno\Downloads\Adobe+Lightroom+6+Crack+Plus+Serial+Number+Full+Free+Download.rar
2015-08-25 23:52 - 2015-08-25 23:55 - 00000000 ____D C:\Users\Enno\AppData\Local\Adobe
2015-08-25 23:46 - 2015-08-30 14:48 - 00002047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk
2015-08-25 23:45 - 2015-08-30 14:48 - 00002029 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk
2015-08-25 23:45 - 2015-08-25 23:45 - 00000000 ____D C:\Users\Public\Documents\Adobe PDF
2015-08-25 23:45 - 2015-08-25 23:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2015-08-25 23:45 - 2015-08-25 23:45 - 00000000 ____D C:\Program Files\Common Files\Adobe Systems Shared
2015-08-25 23:44 - 2015-08-30 14:48 - 00002003 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS2.lnk
2015-08-25 23:44 - 2015-08-30 14:48 - 00002000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady CS2.lnk
2015-08-25 23:44 - 2015-08-25 23:45 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-08-25 23:44 - 2015-08-25 23:44 - 00000000 ____D C:\ProgramData\Adobe
2015-08-25 23:42 - 2015-08-25 23:47 - 00000000 ____D C:\Program Files\Adobe
2015-08-25 23:40 - 2015-08-25 23:41 - 00000000 ____D C:\PS_CS2_Gr_NonRet
2015-08-25 23:36 - 2015-08-25 23:40 - 375232764 _____ (Adobe Systems Inc. ) C:\Users\Enno\Downloads\PS_CS2_Gr_NonRet.exe
2015-08-25 23:12 - 2015-08-25 23:20 - 00000000 ____D C:\Users\Enno\Documents\Sony PMB
2015-08-25 23:12 - 2015-08-25 23:12 - 00000000 ____D C:\Users\Enno\AppData\Roaming\NVIDIA
2015-08-25 23:09 - 2015-08-30 14:48 - 00002147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home.lnk
2015-08-25 23:09 - 2015-08-30 14:48 - 00002129 _____ C:\Users\Public\Desktop\PlayMemories Home.lnk
2015-08-25 23:09 - 2015-08-30 14:48 - 00002003 _____ C:\Users\Public\Desktop\PlayMemories Home-Hilfe.lnk
2015-08-25 23:09 - 2015-08-25 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home
2015-08-25 23:08 - 2015-08-25 23:08 - 00000000 ____D C:\Users\Enno\AppData\Roaming\Sony Corporation
2015-08-25 23:04 - 2015-08-25 23:04 - 00000000 ____D C:\Program Files\Sony
2015-08-25 23:01 - 2015-08-25 23:05 - 00000000 ____D C:\ProgramData\Sony Corporation
2015-08-25 22:58 - 2015-08-25 22:59 - 16354304 _____ (Sony Corporation) C:\Users\Enno\Downloads\PMHOME_4301DL.exe
2015-08-25 03:00 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-25 03:00 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-24 17:27 - 2015-08-24 17:27 - 00000000 ____D C:\$SysReset
2015-08-24 02:00 - 2015-08-24 02:00 - 00141864 _____ C:\Users\Enno\Downloads\bluescreenview_setup.exe
2015-08-23 21:02 - 2015-08-24 17:23 - 223400594 _____ C:\Windows\MEMORY.DMP
2015-08-23 20:59 - 2015-08-30 14:48 - 00001058 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-23 20:57 - 2015-08-23 20:59 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Enno\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-23 19:27 - 2015-08-23 19:27 - 00054680 _____ C:\Users\Enno\Documents\cc_20150823_192709.reg
2015-08-23 19:24 - 2015-08-23 19:25 - 05375464 _____ (Piriform Ltd) C:\Users\Enno\Downloads\ccsetup508_slim.exe
2015-08-19 18:42 - 2015-08-24 18:36 - 00000000 ____D C:\Users\Enno\Desktop\BaronReplays
2015-08-19 18:38 - 2015-08-19 18:39 - 26035284 _____ C:\Users\Enno\Downloads\BaronReplays.rar
2015-08-19 02:49 - 2015-08-30 14:48 - 00001914 _____ C:\Users\Public\Desktop\LOL Recorder.lnk
2015-08-19 02:49 - 2015-08-24 18:36 - 00000000 ____D C:\Users\Enno\Documents\LOLReplay
2015-08-19 02:49 - 2015-08-19 02:49 - 01528823 _____ C:\Users\Enno\Downloads\LOLReplay-0.8.9.37.exe
2015-08-17 17:48 - 2015-08-17 17:48 - 00008192 _____ C:\Windows\system32\config\userdiff
2015-08-17 17:32 - 2015-08-17 17:36 - 357922986 _____ (Sereby Corporation) C:\Users\Enno\Downloads\aio-runtimes_v2.3.0.exe
2015-08-17 17:17 - 2015-08-24 18:37 - 00000000 ____D C:\Recovery
2015-08-17 16:34 - 2015-08-17 17:16 - 00010449 _____ C:\Windows\diagerr.xml
2015-08-17 16:34 - 2015-08-17 17:16 - 00009528 _____ C:\Windows\diagwrn.xml
2015-08-13 03:01 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 14:31 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 14:31 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 14:31 - 2015-07-30 19:57 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 14:31 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 14:31 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 14:31 - 2015-07-30 19:57 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 14:31 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 14:31 - 2015-07-30 18:52 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 14:31 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 14:31 - 2015-07-28 22:04 - 00015808 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 14:31 - 2015-07-28 22:00 - 00952832 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 14:31 - 2015-07-28 22:00 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 14:31 - 2015-07-28 22:00 - 00598528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 14:31 - 2015-07-28 22:00 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 14:31 - 2015-07-28 22:00 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 14:31 - 2015-07-28 22:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 14:31 - 2015-07-28 21:54 - 00934400 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 14:31 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 14:31 - 2015-07-20 19:56 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 14:31 - 2015-07-20 19:56 - 02061312 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 14:31 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 14:31 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 14:31 - 2015-07-20 19:56 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 14:31 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 14:31 - 2015-07-20 19:56 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 14:31 - 2015-07-20 19:56 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 14:31 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 14:31 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 14:31 - 2015-07-20 19:56 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 14:31 - 2015-07-16 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 14:31 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 14:31 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 14:31 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 14:31 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 14:31 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 14:31 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 14:31 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 14:31 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 14:31 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 14:31 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 14:31 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 14:31 - 2015-07-16 21:39 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 14:31 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 14:31 - 2015-07-16 21:32 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 14:31 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 14:31 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 14:31 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 14:31 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 14:31 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 14:31 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 14:31 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 14:31 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 14:31 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 14:31 - 2015-07-16 21:06 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 14:31 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 14:31 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 14:31 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 14:31 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 14:31 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-08-12 14:31 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 14:31 - 2015-07-15 19:59 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 14:31 - 2015-07-15 19:59 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 14:31 - 2015-07-15 19:59 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 14:31 - 2015-07-15 19:56 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 14:31 - 2015-07-15 19:55 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 14:31 - 2015-07-15 19:55 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 14:31 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 14:31 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 14:31 - 2015-07-15 19:55 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 14:31 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 14:31 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 14:31 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 14:31 - 2015-07-15 19:55 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 14:31 - 2015-07-15 19:54 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 14:31 - 2015-07-15 19:54 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 14:31 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 14:31 - 2015-07-15 19:54 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 14:31 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 14:31 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 14:31 - 2015-07-15 19:54 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 14:31 - 2015-07-15 19:54 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 14:31 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 14:31 - 2015-07-15 19:54 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 14:31 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 14:31 - 2015-07-15 19:54 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 14:31 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 14:31 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 14:31 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 14:31 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 14:31 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 14:31 - 2015-07-15 18:36 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 14:31 - 2015-07-15 18:36 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 14:31 - 2015-07-15 18:36 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 14:31 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 14:31 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 14:31 - 2015-07-15 04:55 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 14:31 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 14:31 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 14:31 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 14:31 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 14:31 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 14:31 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-12 14:31 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 14:31 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 14:31 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 14:31 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 14:31 - 2015-05-09 20:09 - 00715200 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-02 00:02 - 2015-08-30 14:48 - 00000556 _____ C:\Users\Public\Desktop\Fraps.lnk
2015-08-02 00:02 - 2015-08-24 18:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-08-02 00:02 - 2015-08-02 00:02 - 00000000 ____D C:\Fraps
2015-08-02 00:00 - 2015-08-02 00:00 - 02326976 _____ (Beepa Pty Ltd) C:\Users\Enno\Downloads\setup.exe
2015-08-01 22:14 - 2015-08-01 22:14 - 00000000 ____D C:\Users\Enno\Tracing
2015-08-01 22:13 - 2015-08-01 22:13 - 00000000 ____D C:\Users\Enno\AppData\Local\Skype
2015-08-01 22:12 - 2015-08-30 15:40 - 00000000 ____D C:\Users\Enno\AppData\Roaming\Skype
2015-08-01 22:12 - 2015-08-30 14:48 - 00002681 _____ C:\Users\Public\Desktop\Skype.lnk
2015-08-01 22:12 - 2015-08-24 18:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-01 22:12 - 2015-08-01 22:18 - 00000000 ___RD C:\Program Files\Skype
2015-08-01 22:12 - 2015-08-01 22:12 - 00000000 ____D C:\ProgramData\Skype
2015-08-01 22:12 - 2015-08-01 22:12 - 00000000 ____D C:\Program Files\Common Files\Skype
2015-08-01 22:11 - 2015-08-01 22:11 - 01384064 _____ (Skype Technologies S.A.) C:\Users\Enno\Downloads\SkypeSetup.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-30 15:41 - 2009-07-14 06:34 - 00014336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-30 15:41 - 2009-07-14 06:34 - 00014336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-30 15:39 - 2015-07-04 21:16 - 00002133 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-30 15:39 - 2015-07-04 21:01 - 00001425 _____ C:\Users\Enno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-30 15:38 - 2015-07-05 16:32 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-30 15:38 - 2015-07-04 21:15 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-30 15:38 - 2015-07-04 21:15 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-30 15:38 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-30 15:38 - 2009-07-14 06:39 - 00031999 _____ C:\Windows\setupact.log
2015-08-30 15:37 - 2015-07-04 20:55 - 01173017 _____ C:\Windows\WindowsUpdate.log
2015-08-30 15:36 - 2015-07-05 16:34 - 00000000 ____D C:\AdwCleaner
2015-08-30 15:36 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\System
2015-08-30 14:55 - 2015-07-05 04:40 - 00126306 _____ C:\Windows\PFRO.log
2015-08-30 14:50 - 2009-07-14 10:47 - 00000000 ____D C:\Windows\DigitalLocker
2015-08-30 14:48 - 2015-07-11 11:38 - 00001308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-08-30 14:48 - 2015-07-11 11:38 - 00001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-08-30 14:48 - 2015-07-11 11:37 - 00001392 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2015-08-30 14:48 - 2015-07-07 19:05 - 00002089 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2015-08-30 14:48 - 2015-07-06 17:48 - 00000917 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-08-30 14:48 - 2015-07-06 17:48 - 00000911 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-08-30 14:48 - 2015-07-05 16:22 - 00001406 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-08-30 14:48 - 2015-07-04 21:05 - 00002103 _____ C:\Users\Public\Desktop\TP-LINK-Konfigurationstool.lnk
2015-08-30 14:48 - 2015-07-04 20:57 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-08-30 14:48 - 2015-07-04 20:56 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-08-30 14:48 - 2009-07-14 06:46 - 00001479 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-30 14:48 - 2009-07-14 06:46 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2015-08-30 14:48 - 2009-07-14 06:42 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2015-08-30 14:48 - 2009-07-14 06:42 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2015-08-30 14:48 - 2009-07-14 06:42 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2015-08-30 14:48 - 2009-07-14 06:37 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2015-08-27 22:06 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Default
2015-08-27 22:06 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2015-08-27 21:53 - 2009-07-14 04:04 - 00000215 _____ C:\Windows\system.ini
2015-08-27 21:51 - 2009-07-14 04:03 - 44826624 _____ C:\Windows\system32\config\SOFTWARE.bak
2015-08-27 21:51 - 2009-07-14 04:03 - 35651584 _____ C:\Windows\system32\config\COMPON~1.bak
2015-08-27 21:51 - 2009-07-14 04:03 - 20447232 _____ C:\Windows\system32\config\SYSTEM.bak
2015-08-27 21:51 - 2009-07-14 04:03 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2015-08-27 21:51 - 2009-07-14 04:03 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2015-08-27 21:51 - 2009-07-14 04:03 - 00262144 _____ C:\Windows\system32\config\DEFAULT.bak
2015-08-27 21:46 - 2015-07-05 16:32 - 00000000 ____D C:\Program Files\AGEIA Technologies
2015-08-27 21:43 - 2015-07-06 17:48 - 00000000 ____D C:\Program Files\TeamViewer
2015-08-26 18:23 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-08-26 01:13 - 2015-07-04 21:04 - 01593956 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-26 00:14 - 2009-07-14 06:33 - 00269504 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-26 00:01 - 2015-07-04 21:13 - 00058016 _____ C:\Users\Enno\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-25 23:52 - 2015-07-05 15:35 - 00000000 ____D C:\Users\Enno\AppData\Roaming\Adobe
2015-08-25 23:16 - 2015-07-04 21:01 - 00000000 ____D C:\Users\Enno
2015-08-24 18:31 - 2015-07-20 03:01 - 00000000 ____D C:\Windows\system32\SPReview
2015-08-24 18:31 - 2015-07-20 03:00 - 00000000 ____D C:\Windows\system32\EventProviders
2015-08-24 18:31 - 2015-07-11 11:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-08-24 18:31 - 2015-07-11 11:38 - 00000000 ____D C:\Windows\de
2015-08-24 18:31 - 2015-07-11 11:25 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2015-08-24 18:31 - 2015-07-11 11:25 - 00000000 ____D C:\Windows\system32\STRING
2015-08-24 18:31 - 2015-07-11 11:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series
2015-08-24 18:31 - 2015-07-07 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-08-24 18:31 - 2015-07-05 20:51 - 00000000 ____D C:\Users\Enno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-24 18:31 - 2015-07-05 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-24 18:31 - 2015-07-05 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-24 18:31 - 2015-07-05 15:52 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-24 18:31 - 2015-07-05 15:52 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-24 18:31 - 2015-07-04 21:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-24 18:31 - 2015-07-04 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2015-08-24 18:31 - 2009-07-14 10:47 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 __RSD C:\Windows\Media
2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-TW
2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-HK
2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-CN
2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\tr-TR
2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\sv-SE
2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ru-RU
2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\Recovery
2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-PT
2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-BR
2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pl-PL
2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nl-NL
2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nb-NO
2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ko-KR
2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ja-JP
2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\it-IT
2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\hu-HU
2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fr-FR
2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fi-FI
2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\el-GR
2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-08-24 18:31 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-24 17:41 - 2015-07-10 15:39 - 00000000 ____D C:\$Windows.~BT
2015-08-19 22:52 - 2015-07-11 11:33 - 00000000 ____D C:\Users\Enno\AppData\Local\Windows Live
2015-08-17 17:16 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Registration
2015-08-17 16:37 - 2009-07-14 06:34 - 00002531 _____ C:\Windows\DtcInstall.log
2015-08-17 16:34 - 2009-07-14 06:39 - 00000495 _____ C:\Windows\setuperr.log
2015-08-17 16:33 - 2015-07-04 21:52 - 00000000 ____D C:\Windows\Panther
2015-08-13 19:11 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-08-13 03:27 - 2001-12-31 23:02 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-13 03:27 - 2001-12-31 23:02 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-13 03:09 - 2015-07-12 05:12 - 00000000 ____D C:\Windows\system32\MRT
2015-08-13 03:03 - 2015-07-12 05:12 - 129304528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-09 21:22 - 2015-07-07 19:10 - 00000000 ____D C:\Users\Enno\AppData\Roaming\Foxit Software
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Enno\AppData\Roaming\y51qdxgtcP8Lm2WD9B3HcgjE
2015-08-26 00:01 - 2015-08-26 00:01 - 0000187 _____ () C:\Users\Enno\AppData\Local\Damfase.exe.config
Einige Dateien in TEMP:
====================
C:\Users\Enno\AppData\Local\Temp\rjbttwa2.dll
C:\Users\Enno\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-24 18:53
==================== Ende vom FRST.txt ============================
 ist das Normal?Youtube geht aber. Fehlercode: Windows Media Player-Fehler C00D11B1 |
|
31.08.2015, 07:05
| #8 |
| /// the machine /// TB-Ausbilder | Falsche Seite besucht, nun Trojaner-Problem Trojan.Agent.MSIL etc Also nur der Windows Media Player betroffen? ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Falsche Seite besucht, nun Trojaner-Problem Trojan.Agent.MSIL etc |
| acengine.dll, appdata, download, ergebnis, explorer, f.txt, falsche, forum, helper, iexplore.exe, image, install.exe, installmanager.exe, internet, internet explorer, logitech, malwarebytes, microsoft, monitor, programme, roaming, seite, service.exe, software, system32, trojaner, usb, websites, windows |
dann auf 
und dann auf 
. 
WARNUNG an die MITLESER: 
Linear-Darstellung
