Windows 7: a.karmakitty.info öffnet sich von selber. Zudem enden Links (nicht immer) auf anderen Webseiten (Werbung).

# AdwCleaner v5.026 - Bericht erstellt am 29/12/2015 um 10:27:27
# Aktualisiert am 21/12/2015 von Xplode
# Datenbank : 2015-12-23.1 [Server]
# Betriebssystem : Windows 7 Professional  (x64)
# Benutzername : Jonas *** - JONAS***
# Gestartet von : C:\Users\Jonas ***\Downloads\adwcleaner_5.026 (1).exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

Ordner Gefunden : C:\Program Files (x86)\DownTangoFTToolbar
Ordner Gefunden : C:\Program Files (x86)\incredibar.com
Ordner Gefunden : C:\Program Files (x86)\Protected Search
Ordner Gefunden : C:\Program Files (x86)\Red Sky
Ordner Gefunden : C:\Program Files (x86)\registry mechanic
Ordner Gefunden : C:\ProgramData\Ask
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search
Ordner Gefunden : C:\Users\Jonas ***\AppData\Local\DownTango
Ordner Gefunden : C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp
Ordner Gefunden : C:\Users\Jonas ***\AppData\LocalLow\DownTangoFTToolbar
Ordner Gefunden : C:\Users\Jonas ***\AppData\LocalLow\incredibar.com
Ordner Gefunden : C:\Users\Jonas ***\AppData\LocalLow\SimplyTech
Ordner Gefunden : C:\Users\Jonas ***\AppData\Roaming\DownTangoFTToolbar
Ordner Gefunden : C:\Users\Jonas ***\AppData\Roaming\registry mechanic
Ordner Gefunden : C:\Users\Jonas ***\AppData\Roaming\yoursearching
Ordner Gefunden : C:\Users\Jonas ***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DownTango
Ordner Gefunden : C:\Users\JONASS~1\AppData\Local\Temp\incredibar.com
Ordner Gefunden : C:\Users\JONASS~1\AppData\Local\Temp\APN-Stub
Ordner Gefunden : C:\windows\SysNative\Tasks\ProtectedSearch

***** [ Dateien ] *****

Datei Gefunden : C:\END
Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\user.js
Datei Gefunden : C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eakacpaijcpapndcfffdgphdiccmpknp
Datei Gefunden : C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_esurf.biz_0.localstorage
Datei Gefunden : C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_esurf.biz_0.localstorage-journal
Datei Gefunden : C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_my.parallaxsearch.com_0.localstorage
Datei Gefunden : C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_my.parallaxsearch.com_0.localstorage-journal
Datei Gefunden : C:\windows\launcher.exe

***** [ DLL ] *****


***** [ Verknüpfungen ] *****

Verknüpfung Infiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( "hxxp://esurf.biz/?ssid=1451302568&a=1024132&src=sh&uuid=f1a006da-47af-4e5e-86ec-28437d15b503" --proxy-pac-url=hxxp://stoppblock.me/wpad.dat?46e84aa4f779c4a3255103d6b3a323383346298 --disable-quic )
Verknüpfung Infiziert : C:\Users\Jonas ***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk ( "hxxp://esurf.biz/?ssid=1451302568&a=1024132&src=sh&uuid=f1a006da-47af-4e5e-86ec-28437d15b503" )
Verknüpfung Infiziert : C:\Users\Jonas ***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( "hxxp://esurf.biz/?ssid=1451302568&a=1024132&src=sh&uuid=f1a006da-47af-4e5e-86ec-28437d15b503" )
Verknüpfung Infiziert : C:\Users\Jonas ***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( "hxxp://esurf.biz/?ssid=1451302568&a=1024132&src=sh&uuid=f1a006da-47af-4e5e-86ec-28437d15b503" )
Verknüpfung Infiziert : C:\Users\Jonas ***\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( "hxxp://esurf.biz/?ssid=1451302568&a=1024132&src=sh&uuid=f1a006da-47af-4e5e-86ec-28437d15b503" --proxy-pac-url=hxxp://stoppblock.me/wpad.dat?46e84aa4f779c4a3255103d6b3a323383346298 --disable-quic )
Verknüpfung Infiziert : C:\Users\Jonas ***\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( "hxxp://esurf.biz/?ssid=1451302568&a=1024132&src=sh&uuid=f1a006da-47af-4e5e-86ec-28437d15b503" )
Verknüpfung Infiziert : C:\Users\Jonas ***\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( "hxxp://esurf.biz/?ssid=1451302568&a=1024132&src=sh&uuid=f1a006da-47af-4e5e-86ec-28437d15b503" --proxy-pac-url=hxxp://stoppblock.me/wpad.dat?46e84aa4f779c4a3255103d6b3a323383346298 --disable-quic )

***** [ Aufgabenplanung ] *****

Geplante Aufgabe Gefunden : ProtectedSearch\Protected Search

***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Web-Suche
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Jing]
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\I
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.Band
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.Band.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\3045035B-3C14-4698-8AC4-ADB18CC42C1E
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{67C71B35-A416-4A54-BD1D-15965A4FE41C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E327B07A-0E11-4FD4-BEF2-B2C5605B59C6}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F0356CB6-4AB7-425B-A31C-0369E0CB5E81}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E327B07A-0E11-4FD4-BEF2-B2C5605B59C6}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E327B07A-0E11-4FD4-BEF2-B2C5605B59C6}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E327B07A-0E11-4FD4-BEF2-B2C5605B59C6}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{E327B07A-0E11-4FD4-BEF2-B2C5605B59C6}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F0356CB6-4AB7-425B-A31C-0369E0CB5E81}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\DownTango
Schlüssel Gefunden : HKCU\Software\IM
Schlüssel Gefunden : HKCU\Software\ImInstaller
Schlüssel Gefunden : HKCU\Software\incredibar.com
Schlüssel Gefunden : HKCU\Software\ProtectedSearch
Schlüssel Gefunden : HKCU\Software\simplytech
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\SweetIM
Schlüssel Gefunden : HKCU\Software\WajIEnhance
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\simplytech
Schlüssel Gefunden : HKLM\SOFTWARE\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\DownTango
Schlüssel Gefunden : HKLM\SOFTWARE\incredibar.com
Schlüssel Gefunden : HKLM\SOFTWARE\SweetIM
Schlüssel Gefunden : HKLM\SOFTWARE\yoursearchingSoftware
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DownTango
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchURI [(Default)] - hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)] - hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://newtab.certified-toolbar.com/nie?si=41460&tid=2937&new=true
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)] - hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchURI [(Default)] - hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)] - hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchURI [(Default)] - hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2625B659-4961-417C-8E18-F17B39C57C00}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{810EFFCB-432F-4D5D-9985-1EB0D7096521}
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {810EFFCB-432F-4D5D-9985-1EB0D7096521}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{372E3302-7EBA-42FD-93CF-35D0DFC0B781}
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {372E3302-7EBA-42FD-93CF-35D0DFC0B781}

***** [ Internetbrowser ] *****

[C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gefunden : eakacpaijcpapndcfffdgphdiccmpknp
[C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gefunden : gladcbhcbkdeddbidiblppadjdjalidb

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [20927 Bytes] ##########
         

# AdwCleaner v5.026 - Bericht erstellt am 29/12/2015 um 10:27:27
# Aktualisiert am 21/12/2015 von Xplode
# Datenbank : 2015-12-23.1 [Server]
# Betriebssystem : Windows 7 Professional  (x64)
# Benutzername : Jonas *** - JONAS***
# Gestartet von : C:\Users\Jonas ***\Downloads\adwcleaner_5.026 (1).exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

Ordner Gefunden : C:\Program Files (x86)\DownTangoFTToolbar
Ordner Gefunden : C:\Program Files (x86)\incredibar.com
Ordner Gefunden : C:\Program Files (x86)\Protected Search
Ordner Gefunden : C:\Program Files (x86)\Red Sky
Ordner Gefunden : C:\Program Files (x86)\registry mechanic
Ordner Gefunden : C:\ProgramData\Ask
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search
Ordner Gefunden : C:\Users\Jonas ***\AppData\Local\DownTango
Ordner Gefunden : C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp
Ordner Gefunden : C:\Users\Jonas ***\AppData\LocalLow\DownTangoFTToolbar
Ordner Gefunden : C:\Users\Jonas ***\AppData\LocalLow\incredibar.com
Ordner Gefunden : C:\Users\Jonas ***\AppData\LocalLow\SimplyTech
Ordner Gefunden : C:\Users\Jonas ***\AppData\Roaming\DownTangoFTToolbar
Ordner Gefunden : C:\Users\Jonas ***\AppData\Roaming\registry mechanic
Ordner Gefunden : C:\Users\Jonas ***\AppData\Roaming\yoursearching
Ordner Gefunden : C:\Users\Jonas ***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DownTango
Ordner Gefunden : C:\Users\JONASS~1\AppData\Local\Temp\incredibar.com
Ordner Gefunden : C:\Users\JONASS~1\AppData\Local\Temp\APN-Stub
Ordner Gefunden : C:\windows\SysNative\Tasks\ProtectedSearch

***** [ Dateien ] *****

Datei Gefunden : C:\END
Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\user.js
Datei Gefunden : C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eakacpaijcpapndcfffdgphdiccmpknp
Datei Gefunden : C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_esurf.biz_0.localstorage
Datei Gefunden : C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_esurf.biz_0.localstorage-journal
Datei Gefunden : C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_my.parallaxsearch.com_0.localstorage
Datei Gefunden : C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_my.parallaxsearch.com_0.localstorage-journal
Datei Gefunden : C:\windows\launcher.exe

***** [ DLL ] *****


***** [ Verknüpfungen ] *****

Verknüpfung Infiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( "hxxp://esurf.biz/?ssid=1451302568&a=1024132&src=sh&uuid=f1a006da-47af-4e5e-86ec-28437d15b503" --proxy-pac-url=hxxp://stoppblock.me/wpad.dat?46e84aa4f779c4a3255103d6b3a323383346298 --disable-quic )
Verknüpfung Infiziert : C:\Users\Jonas ***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk ( "hxxp://esurf.biz/?ssid=1451302568&a=1024132&src=sh&uuid=f1a006da-47af-4e5e-86ec-28437d15b503" )
Verknüpfung Infiziert : C:\Users\Jonas ***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( "hxxp://esurf.biz/?ssid=1451302568&a=1024132&src=sh&uuid=f1a006da-47af-4e5e-86ec-28437d15b503" )
Verknüpfung Infiziert : C:\Users\Jonas ***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( "hxxp://esurf.biz/?ssid=1451302568&a=1024132&src=sh&uuid=f1a006da-47af-4e5e-86ec-28437d15b503" )
Verknüpfung Infiziert : C:\Users\Jonas ***\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( "hxxp://esurf.biz/?ssid=1451302568&a=1024132&src=sh&uuid=f1a006da-47af-4e5e-86ec-28437d15b503" --proxy-pac-url=hxxp://stoppblock.me/wpad.dat?46e84aa4f779c4a3255103d6b3a323383346298 --disable-quic )
Verknüpfung Infiziert : C:\Users\Jonas ***\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( "hxxp://esurf.biz/?ssid=1451302568&a=1024132&src=sh&uuid=f1a006da-47af-4e5e-86ec-28437d15b503" )
Verknüpfung Infiziert : C:\Users\Jonas ***\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( "hxxp://esurf.biz/?ssid=1451302568&a=1024132&src=sh&uuid=f1a006da-47af-4e5e-86ec-28437d15b503" --proxy-pac-url=hxxp://stoppblock.me/wpad.dat?46e84aa4f779c4a3255103d6b3a323383346298 --disable-quic )

***** [ Aufgabenplanung ] *****

Geplante Aufgabe Gefunden : ProtectedSearch\Protected Search

***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Web-Suche
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Jing]
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\I
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.Band
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.Band.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\3045035B-3C14-4698-8AC4-ADB18CC42C1E
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{67C71B35-A416-4A54-BD1D-15965A4FE41C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E327B07A-0E11-4FD4-BEF2-B2C5605B59C6}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F0356CB6-4AB7-425B-A31C-0369E0CB5E81}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E327B07A-0E11-4FD4-BEF2-B2C5605B59C6}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E327B07A-0E11-4FD4-BEF2-B2C5605B59C6}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E327B07A-0E11-4FD4-BEF2-B2C5605B59C6}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{E327B07A-0E11-4FD4-BEF2-B2C5605B59C6}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F0356CB6-4AB7-425B-A31C-0369E0CB5E81}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\DownTango
Schlüssel Gefunden : HKCU\Software\IM
Schlüssel Gefunden : HKCU\Software\ImInstaller
Schlüssel Gefunden : HKCU\Software\incredibar.com
Schlüssel Gefunden : HKCU\Software\ProtectedSearch
Schlüssel Gefunden : HKCU\Software\simplytech
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\SweetIM
Schlüssel Gefunden : HKCU\Software\WajIEnhance
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\simplytech
Schlüssel Gefunden : HKLM\SOFTWARE\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\DownTango
Schlüssel Gefunden : HKLM\SOFTWARE\incredibar.com
Schlüssel Gefunden : HKLM\SOFTWARE\SweetIM
Schlüssel Gefunden : HKLM\SOFTWARE\yoursearchingSoftware
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DownTango
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchURI [(Default)] - hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)] - hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://newtab.certified-toolbar.com/nie?si=41460&tid=2937&new=true
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)] - hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchURI [(Default)] - hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)] - hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchURI [(Default)] - hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2625B659-4961-417C-8E18-F17B39C57C00}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{810EFFCB-432F-4D5D-9985-1EB0D7096521}
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {810EFFCB-432F-4D5D-9985-1EB0D7096521}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{372E3302-7EBA-42FD-93CF-35D0DFC0B781}
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {372E3302-7EBA-42FD-93CF-35D0DFC0B781}

***** [ Internetbrowser ] *****

[C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gefunden : eakacpaijcpapndcfffdgphdiccmpknp
[C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gefunden : gladcbhcbkdeddbidiblppadjdjalidb

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [20927 Bytes] ##########
         

# AdwCleaner v5.026 - Bericht erstellt am 29/12/2015 um 10:27:27
# Aktualisiert am 21/12/2015 von Xplode
# Datenbank : 2015-12-23.1 [Server]
# Betriebssystem : Windows 7 Professional  (x64)
# Benutzername : Jonas *** - JONAS***
# Gestartet von : C:\Users\Jonas ***\Downloads\adwcleaner_5.026 (1).exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

Ordner Gefunden : C:\Program Files (x86)\DownTangoFTToolbar
Ordner Gefunden : C:\Program Files (x86)\incredibar.com
Ordner Gefunden : C:\Program Files (x86)\Protected Search
Ordner Gefunden : C:\Program Files (x86)\Red Sky
Ordner Gefunden : C:\Program Files (x86)\registry mechanic
Ordner Gefunden : C:\ProgramData\Ask
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search
Ordner Gefunden : C:\Users\Jonas ***\AppData\Local\DownTango
Ordner Gefunden : C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp
Ordner Gefunden : C:\Users\Jonas ***\AppData\LocalLow\DownTangoFTToolbar
Ordner Gefunden : C:\Users\Jonas ***\AppData\LocalLow\incredibar.com
Ordner Gefunden : C:\Users\Jonas ***\AppData\LocalLow\SimplyTech
Ordner Gefunden : C:\Users\Jonas ***\AppData\Roaming\DownTangoFTToolbar
Ordner Gefunden : C:\Users\Jonas ***\AppData\Roaming\registry mechanic
Ordner Gefunden : C:\Users\Jonas ***\AppData\Roaming\yoursearching
Ordner Gefunden : C:\Users\Jonas ***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DownTango
Ordner Gefunden : C:\Users\JONASS~1\AppData\Local\Temp\incredibar.com
Ordner Gefunden : C:\Users\JONASS~1\AppData\Local\Temp\APN-Stub
Ordner Gefunden : C:\windows\SysNative\Tasks\ProtectedSearch

***** [ Dateien ] *****

Datei Gefunden : C:\END
Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\user.js
Datei Gefunden : C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eakacpaijcpapndcfffdgphdiccmpknp
Datei Gefunden : C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_esurf.biz_0.localstorage
Datei Gefunden : C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_esurf.biz_0.localstorage-journal
Datei Gefunden : C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_my.parallaxsearch.com_0.localstorage
Datei Gefunden : C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_my.parallaxsearch.com_0.localstorage-journal
Datei Gefunden : C:\windows\launcher.exe

***** [ DLL ] *****


***** [ Verknüpfungen ] *****

Verknüpfung Infiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( "hxxp://esurf.biz/?ssid=1451302568&a=1024132&src=sh&uuid=f1a006da-47af-4e5e-86ec-28437d15b503" --proxy-pac-url=hxxp://stoppblock.me/wpad.dat?46e84aa4f779c4a3255103d6b3a323383346298 --disable-quic )
Verknüpfung Infiziert : C:\Users\Jonas ***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk ( "hxxp://esurf.biz/?ssid=1451302568&a=1024132&src=sh&uuid=f1a006da-47af-4e5e-86ec-28437d15b503" )
Verknüpfung Infiziert : C:\Users\Jonas ***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( "hxxp://esurf.biz/?ssid=1451302568&a=1024132&src=sh&uuid=f1a006da-47af-4e5e-86ec-28437d15b503" )
Verknüpfung Infiziert : C:\Users\Jonas ***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( "hxxp://esurf.biz/?ssid=1451302568&a=1024132&src=sh&uuid=f1a006da-47af-4e5e-86ec-28437d15b503" )
Verknüpfung Infiziert : C:\Users\Jonas ***\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( "hxxp://esurf.biz/?ssid=1451302568&a=1024132&src=sh&uuid=f1a006da-47af-4e5e-86ec-28437d15b503" --proxy-pac-url=hxxp://stoppblock.me/wpad.dat?46e84aa4f779c4a3255103d6b3a323383346298 --disable-quic )
Verknüpfung Infiziert : C:\Users\Jonas ***\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( "hxxp://esurf.biz/?ssid=1451302568&a=1024132&src=sh&uuid=f1a006da-47af-4e5e-86ec-28437d15b503" )
Verknüpfung Infiziert : C:\Users\Jonas ***\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( "hxxp://esurf.biz/?ssid=1451302568&a=1024132&src=sh&uuid=f1a006da-47af-4e5e-86ec-28437d15b503" --proxy-pac-url=hxxp://stoppblock.me/wpad.dat?46e84aa4f779c4a3255103d6b3a323383346298 --disable-quic )

***** [ Aufgabenplanung ] *****

Geplante Aufgabe Gefunden : ProtectedSearch\Protected Search

***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Web-Suche
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Jing]
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\I
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.Band
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.Band.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\3045035B-3C14-4698-8AC4-ADB18CC42C1E
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{67C71B35-A416-4A54-BD1D-15965A4FE41C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E327B07A-0E11-4FD4-BEF2-B2C5605B59C6}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F0356CB6-4AB7-425B-A31C-0369E0CB5E81}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E327B07A-0E11-4FD4-BEF2-B2C5605B59C6}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E327B07A-0E11-4FD4-BEF2-B2C5605B59C6}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E327B07A-0E11-4FD4-BEF2-B2C5605B59C6}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{E327B07A-0E11-4FD4-BEF2-B2C5605B59C6}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F0356CB6-4AB7-425B-A31C-0369E0CB5E81}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\DownTango
Schlüssel Gefunden : HKCU\Software\IM
Schlüssel Gefunden : HKCU\Software\ImInstaller
Schlüssel Gefunden : HKCU\Software\incredibar.com
Schlüssel Gefunden : HKCU\Software\ProtectedSearch
Schlüssel Gefunden : HKCU\Software\simplytech
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\SweetIM
Schlüssel Gefunden : HKCU\Software\WajIEnhance
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\simplytech
Schlüssel Gefunden : HKLM\SOFTWARE\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\DownTango
Schlüssel Gefunden : HKLM\SOFTWARE\incredibar.com
Schlüssel Gefunden : HKLM\SOFTWARE\SweetIM
Schlüssel Gefunden : HKLM\SOFTWARE\yoursearchingSoftware
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DownTango
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchURI [(Default)] - hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s
Daten Gefunden : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)] - hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://newtab.certified-toolbar.com/nie?si=41460&tid=2937&new=true
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)] - hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchURI [(Default)] - hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)] - hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchURI [(Default)] - hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2625B659-4961-417C-8E18-F17B39C57C00}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{810EFFCB-432F-4D5D-9985-1EB0D7096521}
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {810EFFCB-432F-4D5D-9985-1EB0D7096521}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{372E3302-7EBA-42FD-93CF-35D0DFC0B781}
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {372E3302-7EBA-42FD-93CF-35D0DFC0B781}

***** [ Internetbrowser ] *****

[C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gefunden : eakacpaijcpapndcfffdgphdiccmpknp
[C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gefunden : gladcbhcbkdeddbidiblppadjdjalidb

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [20927 Bytes] ##########
         

 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 29.12.2015 10:45, SYSTEM, JONAS***, Protection, Malware Protection, Starting, 
Protection, 29.12.2015 10:45, SYSTEM, JONAS***, Protection, Malware Protection, Started, 
Protection, 29.12.2015 10:45, SYSTEM, JONAS***, Protection, Malicious Website Protection, Starting, 
Update, 29.12.2015 10:45, SYSTEM, JONAS***, Manual, Rootkit Database, 2015.9.18.1, 2015.12.26.1, 
Update, 29.12.2015 10:45, SYSTEM, JONAS***, Manual, Remediation Database, 2015.9.16.1, 2015.12.15.2, 
Update, 29.12.2015 10:45, SYSTEM, JONAS***, Manual, IP Database, 2015.9.21.2, 2015.12.25.1, 
Update, 29.12.2015 10:45, SYSTEM, JONAS***, Manual, Domain Database, 2015.9.22.3, 2015.12.29.1, 
Update, 29.12.2015 10:45, SYSTEM, JONAS***, Manual, Malware Database, 2015.9.22.5, 2015.12.29.2, 
Protection, 29.12.2015 10:45, SYSTEM, JONAS***, Protection, Refresh, Starting, 
Protection, 29.12.2015 10:45, SYSTEM, JONAS***, Protection, Malicious Website Protection, Started, 
Protection, 29.12.2015 10:45, SYSTEM, JONAS***, Protection, Malicious Website Protection, Stopping, 
Protection, 29.12.2015 10:45, SYSTEM, JONAS***, Protection, Malicious Website Protection, Stopped, 
Protection, 29.12.2015 10:45, SYSTEM, JONAS***, Protection, Refresh, Success, 
Protection, 29.12.2015 10:45, SYSTEM, JONAS***, Protection, Malicious Website Protection, Starting, 
Protection, 29.12.2015 10:46, SYSTEM, JONAS***, Protection, Malicious Website Protection, Started, 
Scan, 29.12.2015 11:06, SYSTEM, JONAS***, Manual, Start: 29.12.2015 10:45, Dauer: 17 Min. 35 Sek., Bedrohungssuchlauf, Abgeschlossen, 1 Malware-Erkennung, 31 Nicht-Malware-Erkennungen, 
Protection, 29.12.2015 11:08, SYSTEM, JONAS***, Protection, Malware Protection, Starting, 
Protection, 29.12.2015 11:08, SYSTEM, JONAS***, Protection, Malware Protection, Started, 
Protection, 29.12.2015 11:08, SYSTEM, JONAS***, Protection, Malicious Website Protection, Starting, 
Protection, 29.12.2015 11:10, SYSTEM, JONAS***, Protection, Malicious Website Protection, Started, 
Update, 29.12.2015 13:23, SYSTEM, JONAS***, Scheduler, Failed, Unable to access update server, 
Update, 29.12.2015 13:26, SYSTEM, JONAS***, Scheduler, Malware Database, 2015.12.29.2, 2015.12.29.3, 
Protection, 29.12.2015 13:26, SYSTEM, JONAS***, Protection, Refresh, Starting, 
Protection, 29.12.2015 13:26, SYSTEM, JONAS***, Protection, Malicious Website Protection, Stopping, 
Protection, 29.12.2015 13:26, SYSTEM, JONAS***, Protection, Malicious Website Protection, Stopped, 
Protection, 29.12.2015 13:27, SYSTEM, JONAS***, Protection, Refresh, Success, 
Protection, 29.12.2015 13:27, SYSTEM, JONAS***, Protection, Malicious Website Protection, Starting, 
Protection, 29.12.2015 13:27, SYSTEM, JONAS***, Protection, Malicious Website Protection, Started, 
Update, 29.12.2015 14:42, SYSTEM, JONAS***, Scheduler, Malware Database, 2015.12.29.3, 2015.12.29.4, 
Protection, 29.12.2015 14:42, SYSTEM, JONAS***, Protection, Refresh, Starting, 
Protection, 29.12.2015 14:42, SYSTEM, JONAS***, Protection, Malicious Website Protection, Stopping, 
Protection, 29.12.2015 14:42, SYSTEM, JONAS***, Protection, Malicious Website Protection, Stopped, 
Protection, 29.12.2015 14:43, SYSTEM, JONAS***, Protection, Refresh, Success, 
Protection, 29.12.2015 14:43, SYSTEM, JONAS***, Protection, Malicious Website Protection, Starting, 
Protection, 29.12.2015 14:43, SYSTEM, JONAS***, Protection, Malicious Website Protection, Started, 
Detection, 29.12.2015 14:55, SYSTEM, JONAS***, Protection, Malware-Schutz, Datei, Trojan.Agent.Trace, C:\DelUS.bat, Quarantäne, [57810c9ea9e20432cf3f12d14eb5a55b]

(end)
         

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-12-2015
durchgeführt von Jonas *** (Administrator) auf JONAS*** (29-12-2015 14:44:47)
Gestartet von C:\Users\Jonas ***\Downloads
Geladene Profile: Jonas *** (Verfügbare Profile: Jonas ***)
Platform: Windows 7 Professional (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\nfservice.exe
(Norman Safeground AS) C:\Program Files\Norman\Nse\Bin\nseupdatesvc.exe
(Norman Safeground AS) C:\Program Files\Norman\Nvc\Bin\nvcsvc.exe
(Norman AS) C:\Program Files\Norman\Npm\Bin\nvoy.exe
(Norman Safeground AS) C:\Program Files\Norman\Ngs\Bin\nnf.exe
(Norman Safeground AS) C:\Program Files\Norman\Npf\Bin\npfsvc32.exe
(Norman Safeground AS) C:\Program Files\Norman\Ngs\Bin\nprosec.exe
(Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\nwscmon2.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\zanda.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard Development Company, L.P) C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(ArcSoft, Inc.) C:\Windows\system\uArcCapture.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
(Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\scheduler.exe
() C:\Program Files\Norman\Npm\Bin\njeeves2.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Flux Software LLC) C:\Users\Jonas ***\AppData\Local\FluxSoftware\Flux\flux.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dropbox, Inc.) C:\Users\Jonas ***\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\zlh.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\zlhh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\regedit.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-04] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [600936 2009-06-29] (Symantec Corporation)
HKLM-x32\...\Run: [Norman ZANDA] => C:\Program Files\Norman\Npm\Bin\ZLH.EXE [88536 2014-08-21] (Norman Safeground AS)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKU\S-1-5-21-2418012328-1902660936-3139050416-1002\...\Run: [f.lux] => C:\Users\Jonas ***\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-2418012328-1902660936-3139050416-1002\...\Run: [Dropbox Update] => C:\Users\Jonas ***\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-01] (Dropbox, Inc.)
HKU\S-1-5-21-2418012328-1902660936-3139050416-1002\...\Run: [GoogleChromeAutoLaunch_21D2127E1FA7E472A63593F3586DF878] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [741704 2015-12-11] (Google Inc.)
HKU\S-1-5-21-2418012328-1902660936-3139050416-1002\...\MountPoints2: {4b59cce4-4e45-11e0-9138-e02a82965ff2} - D:\Startme.exe
HKU\S-1-5-21-2418012328-1902660936-3139050416-1002\...\MountPoints2: {743d338c-6718-11e4-9e9a-e02a82965ff2} - D:\Windows\setup.exe /autorun
HKU\S-1-5-21-2418012328-1902660936-3139050416-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [899584 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\windows\System32\SPReview\SPReview.exe [301568 2015-12-29] (Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\nscrnsav.scr [205336 2015-06-16] ()
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonas ***\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonas ***\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonas ***\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonas ***\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonas ***\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonas ***\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonas ***\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\Users\Jonas ***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-29]
ShortcutTarget: Dropbox.lnk -> C:\Users\Jonas ***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

AutoConfigURL: [S-1-5-21-2418012328-1902660936-3139050416-1002] => hxxp://stoppblock.me/wpad.dat?46e84aa4f779c4a3255103d6b3a323383346298
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{22881A04-7A8D-47DA-9DBE-EA0473D484C7}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2418012328-1902660936-3139050416-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {372E3302-7EBA-42FD-93CF-35D0DFC0B781} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {372E3302-7EBA-42FD-93CF-35D0DFC0B781} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2418012328-1902660936-3139050416-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2418012328-1902660936-3139050416-1002 -> {372E3302-7EBA-42FD-93CF-35D0DFC0B781} URL = 
SearchScopes: HKU\S-1-5-21-2418012328-1902660936-3139050416-1002 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2011-05-02] (DigitalPersona, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2009-12-12] (Hewlett-Packard)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2011-05-02] (DigitalPersona, Inc.)
BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
BHO-x32: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL [2011-03-31] (Symantec Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-13] (Sun Microsystems, Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19] (Hewlett-Packard Company)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKU\S-1-5-21-2418012328-1902660936-3139050416-1002 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-01-24] (DivX, LLC.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-11-13] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2012-08-02] (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2418012328-1902660936-3139050416-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Jonas ***\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2010-12-06] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn
FF Extension: Symantec IPS - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn [2011-09-29] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2 [2015-12-29] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-03-10] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-03-10] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2012-01-05] [ist nicht signiert]

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dropbox für Gmail) - C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2015-12-28]
CHR Extension: (MozBar) - C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2015-12-29]
CHR Extension: (DivX HiQ) - C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2014-04-21]
CHR Extension: (AdBlock) - C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-28]
CHR Extension: (Yesware Email Tracking) - C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkjnkapjmjfpipfcccnjbjcbgdnahpjp [2015-12-28]
CHR Extension: (Boomerang for Gmail) - C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2015-12-17]
CHR Extension: (Save to Pocket) - C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2015-10-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-28]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Jonas ***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-04-21]
CHR HKLM-x32\...\Chrome\Extension: [${CHROME_KEY}] - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.3.27\incredibar.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-08]
CHR HKLM-x32\...\Chrome\Extension: [gladcbhcbkdeddbidiblppadjdjalidb] - C:\Program Files (x86)\DownTangoFTToolbar\chrome\DownTangoFTToolbar.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R3 DEBridge; C:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [704512 2010-02-01] (McAfee, Inc.) [Datei ist nicht signiert]
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [462160 2010-07-16] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [362040 2009-11-17] (Hewlett-Packard Ltd)
R2 HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [32768 2010-10-19] (Hewlett-Packard Development Company, L.P) [Datei ist nicht signiert]
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [90112 2010-05-10] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 HpFkCryptService; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192 2010-02-01] (McAfee, Inc.)
R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [297984 2009-12-12] (Hewlett-Packard) [Datei ist nicht signiert]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [280120 2010-10-01] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 nfservice; C:\Program Files\Norman\npm\bin\nfservice.exe [196072 2015-02-17] (Norman Safeground AS)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-17] (Symantec Corporation)
R3 NJeeves2; C:\Program Files\Norman\Npm\Bin\Njeeves2.exe [179080 2014-11-27] ()
R2 NNFSVC; C:\Program Files\Norman\Ngs\Bin\Nnf.exe [306360 2015-02-17] (Norman Safeground AS)
R2 Norman ZANDA; C:\Program Files\Norman\Npm\Bin\Zanda.exe [456664 2014-06-30] (Norman Safeground AS)
R2 NPFSvc32; C:\Program Files\Norman\npf\bin\npfsvc32.exe [408344 2014-08-05] (Norman Safeground AS)
R2 NPROSECSVC; C:\Program Files\Norman\Ngs\Bin\Nprosec.exe [140032 2014-10-15] (Norman Safeground AS)
R2 nseupdatesvc; C:\Program Files\Norman\nse\bin\nseupdatesvc.exe [261992 2015-02-17] (Norman Safeground AS)
R2 nvcsvc; C:\Program Files\Norman\nvc\bin\nvcsvc.exe [408776 2015-06-22] (Norman Safeground AS)
R2 NVOY; C:\Program Files\Norman\Npm\Bin\Nvoy.exe [246560 2013-06-27] (Norman AS)
R2 NWSCMON2; C:\Program Files\Norman\Npm\Bin\nwscmon2.exe [232008 2015-09-15] (Norman Safeground AS)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-11] (PDF Complete Inc)
R3 Scheduler; C:\Program Files\Norman\Npm\Bin\scheduler.exe [199680 2014-06-30] (Norman Safeground AS)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [Datei ist nicht signiert]
R2 uArcCapture; C:\windows\system\uArcCapture.exe [506472 2009-12-04] (ArcSoft, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 ALE_NF; C:\windows\system32\drivers\ale7_nf64.sys [133152 2015-02-17] (Norman Safeground AS)
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32640 2009-12-04] (ArcSoft, Inc.)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20100810.004\BHDrvx64.sys [945200 2010-08-09] (Symantec Corporation)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [40760 2009-10-21] (Hewlett-Packard Development Company L.P.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 gzflt; C:\Program Files\Norman\nvc\bin\gzflt.sys [155912 2015-02-16] (BitDefender LLC)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20100706.002\IDSVia64.sys [463408 2010-06-27] (Symantec Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-29] (Malwarebytes)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20100813.009\ENG64.SYS [117808 2010-08-13] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20100813.009\EX64.SYS [1791536 2010-08-13] (Symantec Corporation)
R1 NGS; c:\program files\norman\ngs\bin\ngs64.sys [23488 2014-06-27] (Norman Safeground AS)
R1 NPROSEC; C:\Program Files\Norman\Ngs\Bin\nprosec64.sys [41536 2014-08-27] (Norman Safeground AS)
R2 nregsec; C:\Program Files\Norman\Ngs\Bin\nregsec64.sys [69328 2015-06-19] (Norman Safeground AS)
R1 RsvLock; C:\Windows\System32\Drivers\RsvLock.sys [58184 2010-02-01] (McAfee, Inc.)
R1 RsvLock; C:\Windows\SysWow64\Drivers\RsvLock.sys [40088 2010-02-01] (McAfee, Inc.)
R0 SafeBoot; C:\Windows\System32\Drivers\SafeBoot.sys [56648 2010-02-01] ()
R0 SafeBoot; C:\Windows\SysWow64\Drivers\SafeBoot.sys [110520 2010-02-01] (McAfee, Inc.)
R0 SbAlg; C:\Windows\System32\Drivers\SbAlg.sys [60160 2009-06-04] (McAfee, Inc.)
R0 SbAlg; C:\Windows\SysWow64\Drivers\SbAlg.sys [51800 2010-02-01] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\System32\Drivers\SbFsLock.sys [15688 2010-02-01] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\SysWow64\Drivers\SbFsLock.sys [13256 2010-02-01] (McAfee, Inc.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1803904 2009-12-19] ()
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-15] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2011-05-12] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-21] (Symantec Corporation)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-02-16] (BitDefender S.R.L.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-06-11] (Cisco Systems, Inc.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-29 14:44 - 2015-12-29 14:45 - 00031044 _____ C:\Users\Jonas ***\Downloads\FRST.txt
2015-12-29 14:44 - 2015-12-29 14:44 - 02370560 _____ (Farbar) C:\Users\Jonas ***\Downloads\FRST64.exe
2015-12-29 14:44 - 2015-12-29 14:44 - 00000000 ____D C:\FRST
2015-12-29 14:43 - 2015-12-29 14:43 - 01721856 _____ (Farbar) C:\Users\Jonas ***\Downloads\FRST.exe
2015-12-29 10:45 - 2015-12-29 14:42 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-29 10:44 - 2015-12-29 11:12 - 00001100 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-29 10:44 - 2015-12-29 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-12-29 10:44 - 2015-12-29 10:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-29 10:44 - 2015-12-29 10:44 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-12-29 10:44 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2015-12-29 10:44 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-12-29 10:44 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2015-12-29 10:43 - 2015-12-29 10:43 - 22908888 _____ (Malwarebytes ) C:\Users\Jonas ***\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-29 10:27 - 2015-12-29 10:32 - 00000000 ____D C:\AdwCleaner
2015-12-29 10:26 - 2015-12-29 10:26 - 01743360 _____ C:\Users\Jonas ***\Downloads\adwcleaner_5.026 (1).exe
2015-12-29 10:25 - 2015-12-29 10:25 - 01743360 _____ C:\Users\Jonas ***\Downloads\adwcleaner_5.026.exe
2015-12-29 09:09 - 2015-12-29 09:09 - 00000000 ____D C:\windows\system32\SPReview
2015-12-28 12:31 - 2015-12-28 12:31 - 05124040 _____ (hxxp://spring-files.com) C:\Users\Jonas ***\Downloads\Power_of_Less_Leo_Babauta_pdf_downloader.exe
2015-12-28 09:22 - 2015-12-28 09:22 - 00000000 ____D C:\Program Files\Microsoft Games
2015-12-27 22:15 - 2015-12-27 22:45 - 00318186 _____ C:\Users\Jonas ***\Desktop\Migros Photo Service Reise.mcf
2015-12-27 22:15 - 2015-12-27 22:15 - 00322201 _____ C:\Users\Jonas ***\Desktop\Migros Photo Service Reise.mcf~
2015-12-27 22:14 - 2015-12-27 22:45 - 00000000 ____D C:\Users\Jonas ***\Desktop\Migros Photo Service Reise_mcf-Dateien
2015-12-27 21:07 - 2015-12-27 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Migros Photo Service
2015-12-27 21:02 - 2015-12-27 21:02 - 00000000 ____D C:\Program Files\Migros
2015-12-11 11:39 - 2015-12-11 11:39 - 00703951 _____ C:\Users\Jonas ***\Desktop\IMG_20151211_0002.pdf
2015-12-11 11:38 - 2015-12-11 11:39 - 00000000 ___HD C:\ProgramData\CanonIJScan
2015-12-11 11:38 - 2015-12-11 11:38 - 00000000 ____D C:\Users\Jonas ***\AppData\Roaming\Canon
2015-12-10 09:07 - 2015-12-10 09:07 - 00000000 ____D C:\Users\Jonas ***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-09 14:55 - 2015-12-09 14:55 - 00033106 _____ C:\Users\Jonas ***\Downloads\avb-Haftpflichtversicherung-Veranstaltungen-de.pdf
2015-12-02 19:34 - 2015-12-02 19:34 - 00040116 _____ C:\Users\Jonas ***\Downloads\VERTRAG (1).pdf
2015-12-02 19:33 - 2015-12-02 19:33 - 00040116 _____ C:\Users\Jonas ***\Downloads\VERTRAG.pdf
2015-12-01 10:27 - 2015-12-01 10:27 - 00144664 _____ C:\Users\Jonas ***\Downloads\Rechnung Nr. 1504161.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-29 14:44 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-29 14:35 - 2013-11-15 17:30 - 00000968 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2418012328-1902660936-3139050416-1002UA.job
2015-12-29 14:06 - 2011-03-10 17:04 - 00000000 ____D C:\Users\Jonas ***\AppData\Local\Google
2015-12-29 14:06 - 2011-03-10 17:04 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-29 14:05 - 2011-03-10 17:04 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-29 14:04 - 2012-11-03 19:29 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-12-29 13:57 - 2015-07-01 13:32 - 00001264 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2418012328-1902660936-3139050416-1002UA.job
2015-12-29 11:17 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-29 11:17 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-29 11:14 - 2012-10-04 16:47 - 00000000 ___RD C:\Users\Jonas ***\Dropbox
2015-12-29 11:14 - 2012-10-04 16:45 - 00000000 ____D C:\Users\Jonas ***\AppData\Roaming\Dropbox
2015-12-29 11:12 - 2015-11-26 12:02 - 00002182 _____ C:\Users\Public\Desktop\Canon MB5000 series On-Screen-Handbuch.lnk
2015-12-29 11:12 - 2015-08-28 10:22 - 00000000 ____D C:\windows\System32\Tasks\Remediation
2015-12-29 11:12 - 2015-07-21 19:35 - 00002017 _____ C:\Users\Public\Desktop\emWave2 .lnk
2015-12-29 11:12 - 2012-10-31 23:44 - 00001011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-12-29 11:12 - 2012-10-30 09:42 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-12-29 11:12 - 2012-04-09 13:28 - 00000960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2015-12-29 11:12 - 2011-07-28 16:21 - 00001641 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IDT HD Audio.lnk
2015-12-29 11:12 - 2011-01-14 01:17 - 00002128 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Launch TotalMedia Suite.lnk
2015-12-29 11:12 - 2010-12-06 01:02 - 00001348 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Default Manager.lnk
2015-12-29 11:12 - 2010-12-06 01:01 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
2015-12-29 11:12 - 2010-12-06 00:48 - 00001651 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Software Setup.lnk
2015-12-29 11:12 - 2010-12-06 00:33 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-12-29 11:12 - 2010-12-06 00:33 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-12-29 11:12 - 2009-07-14 05:57 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-29 11:12 - 2009-07-14 05:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2015-12-29 11:12 - 2009-07-14 05:57 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2015-12-29 11:12 - 2009-07-14 05:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2015-12-29 11:12 - 2009-07-14 05:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2015-12-29 11:10 - 2015-11-28 07:17 - 00002221 _____ C:\Users\Jonas ***\Desktop\HP Support Assistant.lnk
2015-12-29 11:10 - 2013-03-01 12:28 - 00003077 _____ C:\Users\Jonas ***\Desktop\Microsoft PowerPoint 2010.lnk
2015-12-29 11:10 - 2012-10-31 23:44 - 00001011 _____ C:\Users\Jonas ***\Desktop\Audacity.lnk
2015-12-29 11:10 - 2012-10-04 16:47 - 00001041 _____ C:\Users\Jonas ***\Desktop\Dropbox.lnk
2015-12-29 11:10 - 2012-02-25 21:05 - 00001190 _____ C:\Users\Jonas ***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-29 11:10 - 2012-02-25 21:05 - 00001047 _____ C:\Users\Jonas ***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-12-29 11:10 - 2011-01-14 01:13 - 00001662 _____ C:\ProgramData\Microsoft\Windows\Start Menu\IDT Audio Control Panel.lnk
2015-12-29 11:10 - 2010-12-06 01:23 - 00002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Theft Recovery.lnk
2015-12-29 11:10 - 2010-12-06 00:48 - 00000000 ____D C:\ProgramData\PDFC
2015-12-29 11:10 - 2009-07-14 06:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2015-12-29 11:10 - 2009-07-14 05:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2015-12-29 11:09 - 2010-12-06 00:48 - 00000000 ____D C:\ProgramData\HPQLOG
2015-12-29 11:08 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-12-29 11:07 - 2011-03-10 11:14 - 00000000 ____D C:\Program Files\Norman
2015-12-29 11:07 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Vss
2015-12-29 11:05 - 2012-02-20 20:04 - 00000000 ____D C:\ProgramData\InstallMate
2015-12-29 10:43 - 2010-12-06 00:48 - 00736108 _____ C:\windows\system32\perfh007.dat
2015-12-29 10:43 - 2010-12-06 00:48 - 00164994 _____ C:\windows\system32\perfc007.dat
2015-12-29 10:43 - 2009-07-14 06:13 - 01712756 _____ C:\windows\system32\PerfStringBackup.INI
2015-12-29 10:43 - 2009-07-14 04:20 - 00000000 ____D C:\windows\inf
2015-12-29 10:32 - 2012-02-20 20:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-29 10:32 - 2011-08-26 16:53 - 00000000 ____D C:\Users\Jonas ***\AppData\Local\CrashDumps
2015-12-29 10:32 - 2011-03-10 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-29 10:20 - 2012-08-31 10:14 - 00000000 ____D C:\Poker
2015-12-29 09:13 - 2015-07-01 13:32 - 00001212 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2418012328-1902660936-3139050416-1002Core.job
2015-12-29 09:13 - 2013-11-15 17:30 - 00000946 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2418012328-1902660936-3139050416-1002Core.job
2015-12-28 12:22 - 2015-07-28 08:44 - 00000000 ____D C:\Users\Jonas ***\Desktop\Health & Personal Development
2015-12-28 11:40 - 2013-05-13 22:03 - 00000000 ____D C:\Program Files (x86)\CEWE COLOR
2015-12-28 11:01 - 2011-03-09 10:36 - 00000000 ____D C:\Users\Jonas ***\AppData\Local\VirtualStore
2015-12-28 10:08 - 2011-07-05 15:20 - 00000000 ____D C:\Users\Jonas ***\AppData\Local\ElevatedDiagnostics
2015-12-28 09:22 - 2011-03-10 11:54 - 00000000 ____D C:\inetpub
2015-12-28 09:22 - 2009-07-14 04:20 - 00000000 ____D C:\windows\SysWOW64\inetsrv
2015-12-28 09:22 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\inetsrv
2015-12-28 09:14 - 2011-04-14 10:42 - 00000000 ____D C:\windows\pss
2015-12-28 08:51 - 2013-03-17 12:15 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-28 08:51 - 2013-03-17 12:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-27 23:10 - 2013-05-13 22:11 - 00000000 ____D C:\ProgramData\tmp
2015-12-27 20:46 - 2013-05-13 22:11 - 00000000 ____D C:\ProgramData\hps
2015-12-27 19:38 - 2015-11-26 12:06 - 00000000 ____D C:\ProgramData\CanonIJPLM
2015-12-27 09:16 - 2013-03-17 12:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-27 09:16 - 2012-11-20 10:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-27 09:13 - 2013-08-17 07:37 - 00000000 ____D C:\windows\system32\MRT
2015-12-27 08:37 - 2011-03-12 12:08 - 140158008 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-12-23 10:08 - 2015-08-31 12:12 - 00000000 ____D C:\Users\Public\Documents\Blog
2015-12-21 11:32 - 2009-07-14 04:20 - 00000000 ____D C:\windows\LiveKernelReports
2015-12-09 12:04 - 2012-11-03 19:29 - 00796864 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 12:04 - 2012-11-03 19:29 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-09 12:04 - 2012-11-03 19:29 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-12-03 10:19 - 2009-07-14 05:45 - 00409392 _____ C:\windows\system32\FNTCACHE.DAT
2015-12-03 10:15 - 2010-12-06 00:54 - 00000000 ____D C:\windows\System32\Tasks\Hewlett-Packard
2015-12-03 10:15 - 2010-12-06 00:47 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-12-02 19:00 - 2011-03-10 17:04 - 00004106 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-02 19:00 - 2011-03-10 17:04 - 00003854 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-02 19:00 - 2011-03-10 17:04 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-02 13:18 - 2011-03-09 10:40 - 00301728 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2011-05-27 19:48 - 2011-07-07 19:23 - 0001854 _____ () C:\Users\Jonas ***\AppData\Roaming\GhostObjGAFix.xml
2011-11-15 18:17 - 2013-01-10 18:49 - 0000088 __RSH () C:\ProgramData\70458A571C.sys
2011-03-20 20:23 - 2011-03-20 20:23 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2011-11-15 18:17 - 2013-01-10 18:49 - 0002516 ___SH () C:\ProgramData\KGyGaAvL.sys

Einige Dateien in TEMP:
====================
C:\Users\Jonas ***\AppData\Local\Temp\2014032910013319jniverify.dll
C:\Users\Jonas ***\AppData\Local\Temp\9Vc1w4HF37.exe
C:\Users\Jonas ***\AppData\Local\Temp\ApnStub.exe
C:\Users\Jonas ***\AppData\Local\Temp\AtpTimerInfo.dll
C:\Users\Jonas ***\AppData\Local\Temp\CWPCUNLR.dll
C:\Users\Jonas ***\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgmmk9b.dll
C:\Users\Jonas ***\AppData\Local\Temp\Extract.exe
C:\Users\Jonas ***\AppData\Local\Temp\FileSystemView.dll
C:\Users\Jonas ***\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Jonas ***\AppData\Local\Temp\HPSFUpdater.exe
C:\Users\Jonas ***\AppData\Local\Temp\InstallAX.exe
C:\Users\Jonas ***\AppData\Local\Temp\installerdll174247235.dll
C:\Users\Jonas ***\AppData\Local\Temp\installerdll174270152.dll
C:\Users\Jonas ***\AppData\Local\Temp\installerdll629464.dll
C:\Users\Jonas ***\AppData\Local\Temp\ipdMvEMcPr.exe
C:\Users\Jonas ***\AppData\Local\Temp\JingSetup.exe
C:\Users\Jonas ***\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Jonas ***\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Jonas ***\AppData\Local\Temp\jre3478.exe
C:\Users\Jonas ***\AppData\Local\Temp\jreB74.exe
C:\Users\Jonas ***\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Jonas ***\AppData\Local\Temp\NAHiR67Vc4.exe
C:\Users\Jonas ***\AppData\Local\Temp\NetFramework45.exe
C:\Users\Jonas ***\AppData\Local\Temp\ptuAF06_tmp.exe
C:\Users\Jonas ***\AppData\Local\Temp\Resource.exe
C:\Users\Jonas ***\AppData\Local\Temp\rootsupd.exe
C:\Users\Jonas ***\AppData\Local\Temp\Setup.exe
C:\Users\Jonas ***\AppData\Local\Temp\Sony_Ericsson_Update_Engine_Setup-2.11.11.21.exe
C:\Users\Jonas ***\AppData\Local\Temp\SP47594.exe
C:\Users\Jonas ***\AppData\Local\Temp\SP48064.exe
C:\Users\Jonas ***\AppData\Local\Temp\SP49020.exe
C:\Users\Jonas ***\AppData\Local\Temp\SP49408.exe
C:\Users\Jonas ***\AppData\Local\Temp\SP49458.exe
C:\Users\Jonas ***\AppData\Local\Temp\SP49638.exe
C:\Users\Jonas ***\AppData\Local\Temp\SP50036.exe
C:\Users\Jonas ***\AppData\Local\Temp\SP50255.exe
C:\Users\Jonas ***\AppData\Local\Temp\SP50261.exe
C:\Users\Jonas ***\AppData\Local\Temp\SP50291.exe
C:\Users\Jonas ***\AppData\Local\Temp\SP50370.exe
C:\Users\Jonas ***\AppData\Local\Temp\sp50843.exe.exe
C:\Users\Jonas ***\AppData\Local\Temp\SP50877.exe
C:\Users\Jonas ***\AppData\Local\Temp\SP51129.exe
C:\Users\Jonas ***\AppData\Local\Temp\SP51626.exe
C:\Users\Jonas ***\AppData\Local\Temp\sp52110.exe.exe
C:\Users\Jonas ***\AppData\Local\Temp\SP52407.exe
C:\Users\Jonas ***\AppData\Local\Temp\sp54373.exe
C:\Users\Jonas ***\AppData\Local\Temp\SP54600.exe
C:\Users\Jonas ***\AppData\Local\Temp\sp54620.exe
C:\Users\Jonas ***\AppData\Local\Temp\SP54635.exe
C:\Users\Jonas ***\AppData\Local\Temp\SP54922.exe
C:\Users\Jonas ***\AppData\Local\Temp\SP57752.exe
C:\Users\Jonas ***\AppData\Local\Temp\sp58915.exe
C:\Users\Jonas ***\AppData\Local\Temp\sp64126.exe
C:\Users\Jonas ***\AppData\Local\Temp\SP67224.exe
C:\Users\Jonas ***\AppData\Local\Temp\sqlite3.dll
C:\Users\Jonas ***\AppData\Local\Temp\Uninstall.exe
C:\Users\Jonas ***\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Jonas ***\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Jonas ***\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Jonas ***\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe


Einige mit null Byte Größe Dateien/Ordner:
==========================
C:\Windows\SysWOW64\nsprs.dll
C:\Windows\SysWOW64\serauth1.dll
C:\Windows\SysWOW64\serauth2.dll
C:\Windows\SysWOW64\ssprs.dll

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-11 13:28

==================== Ende von FRST.txt ============================