Komischer Linkversuch zu grevolutionstore.it
 

Hallo, dachte bisher, ich könnte alle Probleme selber lösen, aber ich denke, diesmal bin ich auf Hilfe angewiesen.
Toll, dass es dieses Board gibt!

Zum Thema:
Ein Bekannter rief mich an, er bekäme eine Warnmeldung für einen Trojaner, wenn er sich auf meiner Webseite eine 360°-Panorama-Aufnahme ansehen wolle.
Da dies bei mir nicht der Fall war, schaute ich mir die Seite genauer an und stellte fest, dass beim Anklicken der Seite unten in der Statusleiste immer eine Verbindung steht: ...warten auf grevolutionstore.it (siehe Anhang).
Beim scannen mit Baidu wurde in der Datei panoStudioViewer.js auf meinem Rechner der Virus / Trojaner Rce.Gen5 gefunden (siehe Anhang).
Habe ihn mittlerweile eliminiert und die Datei mit einer neuen Version ersetzt.
Aber die Meldung zu grevolutionstore.it steht immer noch in der Statusleiste (auch nach Leeren des Caches).
Jetzt bin ich mir nicht sicher, ob das alles war, oder ich doch noch weitere Schritte unternehmen muss. Die Seite mit dem Link auf die 360° Aufnahme ist hier: hxxp://villadelsol.eu/Sol/ferienwohnung2.htm (mein privates Ferienhaus in Spanien), dort auf den mittleren 360° Button klicken.
Die Logfiles lt. Anleitung habe ich beigefügt und freue mich auf weitere Hilfe und Anleitung zur Beseitigung des Problemes.
Schon mal herzlichen Dank.
Hubert

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

OK, hier die Logfiles:
1. Addition.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2014 01
Ran by Hubert at 2014-10-07 15:04:00
Running from C:\Users\Hubert\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Baidu Antivirus (Enabled - Up to date) {10616E6C-0E20-8594-D377-A7D03F6128A6}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Baidu Antivirus (Enabled - Up to date) {AB008F88-281A-8A1A-E9C7-9CA244E6621B}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

325 USB PC Camera (HKLM-x32\...\{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}) (Version: 0.6.0.001 - Sonix)
6000E609_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
6000E609_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
6000E609a (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABBYY FineReader 9.0 Professional Edition (HKLM-x32\...\{F9000000-0001-0000-0000-074957833700}) (Version: 9.00.453.55019 - ABBYY)
Ad-Aware Antivirus (HKLM\...\{E39A80AE-0CC0-43EE-AB6B-BE11DC4F969F}_AdAwareUpdater) (Version: 11.3.6321.0 - Lavasoft)
AdAwareInstaller (Version: 11.3.6321.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.3.6321.0 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.5.0.1060 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.3 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS4 (HKLM-x32\...\Adobe_acce07fd2c8fe7f9e3f26243e626578) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Dreamweaver CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.146 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
AllDup 3.4.24 (HKLM-x32\...\AllDup_is1) (Version: 3.4.24 - Michael Thummerer Software Design)
Allway Sync version 12.16.9 (HKLM-x32\...\Allway Sync_is1) (Version: - Botkind Inc)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arles Image Web Page Creator 7.4.3 (HKLM-x32\...\Arles Image Web Page Creator_is1) (Version: 7.4.3 - Digital Dutch)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.1403 - DsNET Corp)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
BackUp Maker (HKLM-x32\...\BackUp Maker_is1) (Version: 7.0.0.3 - ASCOMP Software GmbH)
Baidu Antivirus (HKLM-x32\...\Baidu Antivirus) (Version: 4.4.4.73449 - Baidu, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Cadia Version 5.10 (HKLM-x32\...\{D1751010-2A7E-4951-8F77-6380B71CE0F3}_is1) (Version: 5.10 - Langwald-EDV-Beratung)
Camtasia Studio 8 (HKLM-x32\...\{8F6F7194-0734-4CDA-8C04-6B766F2241A6}) (Version: 8.0.4.1060 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.01 - Piriform)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
CopyTrans Control Center deinstallieren (HKCU\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
CorelDRAW Graphics Suite 12 (HKLM-x32\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.458 - Corel Corporation)
Crystal Button 2008 InMotion! (v.3.2) (HKLM-x32\...\Crystal Button 2008 InMotion! Pack_is1) (Version: - SWGSoft, Inc.)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version: - Microsoft)
Designer 2.0 (HKLM-x32\...\Designer 2.0_is1) (Version: 7.9.4 - Fomanu AG)
DesignPro 5 (HKLM-x32\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.5.708 - Avery Dennison)
DesignPro 5 (x32 Version: 5.5.708 - Avery Dennison) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.2.3.0 - devolo AG)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
DreamBoxEdit -- The one and only settings editor for your Dreambox (HKLM-x32\...\DreamBoxEdit) (Version: - )
Dropbox (HKCU\...\Dropbox) (Version: 2.0.22 - Dropbox, Inc.)
EaseUS Partition Master 9.2.1 Home Edition (HKLM-x32\...\EaseUS Partition Master Home Edition_is1) (Version: - EaseUS)
Elevated Installer (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG)
FLV Player 2.0 (build 25) (HKLM-x32\...\FLV Player) (Version: 2.0 (build 25) - Martijn de Visser)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Garmin BaseCamp (HKLM-x32\...\{CBB4288D-2D32-43BB-8FCE-3F102E385956}) (Version: 4.3.5 - Garmin Ltd or its subsidiaries)
Garmin City Navigator Europe NT 2012.10 Update (HKLM-x32\...\{41A00174-B4EA-4E79-9CAF-DC118A878B92}) (Version: 15.10.0.0 - Garmin Ltd or its subsidiaries)
Garmin City Navigator Europe NT 2014.40 Update (HKLM-x32\...\{45734B7D-FC19-4C0A-997F-6AFF6E1D29F8}) (Version: 17.40.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{b43ffffb-1adc-4bcb-b277-7844ebff94da}) (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
GnuWin32: Wget version 1.10.1 (HKLM-x32\...\Wget-1.10.1_is1) (Version: 1.10.1 - GnuWin32)
Google Earth (HKLM-x32\...\{3E8A20E1-223F-11E2-9116-B8AC6F98CCE3}) (Version: 7.0.1.8244 - Google)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.09) (Version: 9.09 - Artifex Software Inc.)
HandBrake 0.9.8 (HKLM-x32\...\HandBrake) (Version: 0.9.8 - )
Hide-My-Address (HKLM-x32\...\{01CCDA56-6D59-4915-8BE2-752376E80E82}) (Version: 1.00.0000 - Wolfgang Wirth)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 6000 E609 Series (HKLM\...\{91DDAB49-487B-4649-93CE-81F6B3423051}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
IB Updater 2.0.0.578 (HKLM\...\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1) (Version: 2.0.0.578 - IncrediBar) <==== ATTENTION
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
INSTAR Camera Tool (HKLM-x32\...\{630473B5-3AA9-4477-B6DD-F9EA5BEEDD42}) (Version: 2.0.1.0 - INSTAR)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2555 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iSpy (64 bit) (HKLM\...\{79AAFB4D-30FF-4999-9A16-322C4BB61E7C}) (Version: 5.5.8 - iSpy)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Kits Configuration Installer (x32 Version: 8.59.25584 - Microsoft) Hidden
K-Lite Codec Pack 9.9.9 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.9.9 - )
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
MAGIX 3D Maker (embedded MSI) (HKLM-x32\...\{80D4BACA-9012-49BC-B8F2-6777736F6380}) (Version: 6.0.0.10 - MAGIX AG)
MAGIX Foto Manager 2006 (D) (HKLM-x32\...\MAGIX Foto Manager 2006 D) (Version: 3.0.1.78 - MAGIX AG)
MAGIX Fotos auf CD & DVD 5.0 (D) (HKLM-x32\...\MAGIX Fotos auf CD & DVD 5.0 D) (Version: 5.0.2.0 - MAGIX AG)
MAGIX Fotos auf CD & DVD 9 (HKLM-x32\...\MAGIX_MSI_Fotos_auf_CD_DVD_9) (Version: 9.0.4.5 - MAGIX AG)
MAGIX Fotos auf CD & DVD 9 (x32 Version: 9.0.4.5 - MAGIX AG) Hidden
MAGIX Music Manager (D) (HKLM-x32\...\MAGIX Music Manager D) (Version: 1.1.1.692 - MAGIX AG)
MAGIX Online Druck Service (HKLM-x32\...\{151B2CCE-8296-4D6F-9F1A-7AFB1212B244}) (Version: 3.4.3.0 - MAGIX AG)
MAGIX Online Druck Service (HKLM-x32\...\MAGIX Online Druck Service) (Version: - Silverwire Software GmbH)
MAGIX Screenshare (HKLM-x32\...\{DAD6325D-55CF-4D30-9DB9-2ADFE02D0777}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed 2 (MSI) (HKLM-x32\...\{84BAAC2F-E676-4547-B098-A1C660902C8E}) (Version: 6.0.1.4 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\{494420A9-5F25-457B-9BBF-228E6A73B94B}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Video deluxe 17 Plus (Designelemente) (HKLM-x32\...\{B1ED2C1F-0EA3-4C59-A901-A9EFEEB277A2}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 17 Plus (Fotoshow Maker-Stile 1) (HKLM-x32\...\{7DFB8477-AF96-43AB-B634-7C4CFE03AECB}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 17 Plus (Fotoshow Maker-Stile 2) (HKLM-x32\...\{6F67AA27-9A77-4B44-AA60-0DAE06EBD8A7}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 17 Plus (Individuelle Menüvorlagen) (HKLM-x32\...\{435B4802-A7C1-40D3-A4AA-4B812AFEF876}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 17 Plus (Menüvorlagen 1) (HKLM-x32\...\{AC2ADA73-BB6C-4B55-9CFD-F48257F4C346}) (Version: 1.1.0.0 - MAGIX AG)
MAGIX Video deluxe 17 Plus (Menüvorlagen 2) (HKLM-x32\...\{EE525E77-8ED2-4EB3-AE86-AAFF0A097523}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 17 Plus (Soundtrack Maker-Stile) (HKLM-x32\...\{8B76837F-1217-45DD-BD27-89D7A157A230}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 17 Plus (Titeleffekte) (HKLM-x32\...\{8A32D2D3-56A1-4506-B59D-14DD1A82A200}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 17 Plus (Überblendeffekte) (HKLM-x32\...\{FF53DAC1-948B-420D-B784-9B43003474C5}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 17 Plus Download-Version (HKLM-x32\...\MAGIX_MSI_Videodeluxe17_plus) (Version: 10.0.1.14 - MAGIX AG)
MAGIX Video deluxe 17 Plus Download-Version (x32 Version: 10.0.1.14 - MAGIX AG) Hidden
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft XML Parser (x32 Version: 8.0.7820.0 - Microsoft Corporation) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.4 - F.J. Wechselberger)
Namo WebEditor 8 (HKLM-x32\...\{D3507473-2CE3-4073-A6BA-A0846B5CC687}) (Version: 8.00.000 - Namo Interactive, Inc.)
Nero 7 Premium (HKLM-x32\...\{CAFE6B40-C54C-4389-AE45-5F961C771031}) (Version: 7.02.8186 - Nero AG)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Network64 (Version: 130.0.579.000 - Hewlett-Packard) Hidden
Nitro PDF Professional (HKLM\...\{853F9C53-2518-4AD0-ABA2-A72EDF4441A4}) (Version: 5.5.2.0 - Nitro PDF Software )
Nitro Reader 3 (HKLM\...\{47220B83-D895-4262-9227-E5D8FA7F7384}) (Version: 3.5.2.10 - Nitro)
onlinebrief24.de (HKLM-x32\...\eBriefdienst-onlinebrief24) (Version: - )
PanoramaStudio 2.6 Pro ((deinstallieren)) (HKLM\...\PanoramaStudio2Pro) (Version: - )
Password Safe (HKLM-x32\...\Password Safe) (Version: - )
PC Wizard 2012.2.12 (HKLM-x32\...\PC Wizard 2012_is1) (Version: - CPUID)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Personal Ancestral File 5 (HKLM-x32\...\{D94A8E22-DF2B-4107-9E51-608A60A7671D}) (Version: - )
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.7 - )
PowerChute Personal Edition 3.0.2 (HKLM-x32\...\{8ED262EE-FC73-47A9-BB86-D92223246881}) (Version: 3.0.2 - Schneider Electric)
proDAD Mercalli Easy Video Stabilizer 2.0 (HKLM-x32\...\proDAD-MercalliEasy-2.0) (Version: 2.0.4319 - proDAD GmbH)
ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5919 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Riot plugin (HKLM-x32\...\Riot-plugin) (Version: - )
RouterControl 2.0 (HKLM-x32\...\RouterControl) (Version: - )
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Network PC Fax (HKLM-x32\...\{80078570-6C67-486C-8CF0-B0D778FC69B5}) (Version: 1.04.027 - Samsung)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.)
Schmaili 9.0 (HKLM-x32\...\Schmaili_is1) (Version: - )
Scribble Papers 2.7.1 (HKLM-x32\...\Scribble Papers_is1) (Version: - Jens Hoetger)
Scribus 1.4.1 (HKLM-x32\...\Scribus 1.4.1) (Version: 1.4.1 - The Scribus Team)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
SimpleSYN 3.5 (HKLM-x32\...\{eb67e997-31f3-40c4-90f8-18775ef324f0}) (Version: 3.5.6924 - creativbox.net)
SimpleSYN 3.5 (x32 Version: 3.5.6924 - creativbox.net) Hidden
sipgate Faxdrucker (HKLM\...\{406C475B-F98F-4815-B996-7F403BCF14F3}) (Version: 1.0.3 - sipgate GmbH)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
StarMoney (x32 Version: 3.0.5.8 - StarFinanz) Hidden
StarMoney (x32 Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney Business 6.0 (HKLM-x32\...\{6C5C2899-D117-454B-934E-BE64065933D6}) (Version: 6.0 - Star Finanz GmbH)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
SWFPlayer 2.6.2.0 (HKLM-x32\...\SWFPlayer_is1) (Version: 2.6.2.0 - Michael Faust, Alpha Interactive)
Syncios Version 4.1.0 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 4.1.0 - Anvsoft, Inc.)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrafficMonitor 4.90 (HKLM-x32\...\TrafficMonitor) (Version: - )
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
TSR Watermark Image software version 2.3.2.5 - Free version (HKLM-x32\...\TSR Watermark Image - Free version_is1) (Version: - )
Ulead GIF Animator 5 ESD (HKLM-x32\...\{8AF3E926-ED59-11D4-A44B-0000E86D2305}) (Version: - )
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Viewer (HKLM-x32\...\Video Viewer) (Version: 0.2.0.3 - AVTECH Corporation, Inc.)
VisionGS BE (HKLM-x32\...\VisionGS BE_is1) (Version: - bluepath GmbH)
VisualLightBox (HKLM-x32\...\VisualLightBox_is1) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Wartung Samsung SCX-4623FW Series (HKLM-x32\...\Samsung SCX-4623FW Series) (Version: - Samsung Electronics Co., Ltd.)
Weather Display 10.37R Build 45 (HKLM-x32\...\Weather Display_is1) (Version: - )
Weather Display Live (HKLM-x32\...\Weather Display Live_is1) (Version: - Weather Display Ltd.)
web control version 3.0.1.8 (HKLM-x32\...\{20779EFD-5A24-45F7-A133-132975478C4E}_is1) (Version: 3.0.1.8 - )
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Software Development Kit (HKLM-x32\...\{a3717ca4-b44e-422d-8268-ee4dabb332fd}) (Version: 8.59.25584 - Microsoft Corporation)
Windows Software Development Kit EULA (x32 Version: 8.59.25584 - Microsoft Corporations) Hidden
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DF}) (Version: 18.0.10661 - WinZip Computing, S.L. )
WPanorama (HKCU\...\WPanorama) (Version: - )
WPT Redistributables (x32 Version: 8.59.25584 - Microsoft) Hidden
WPTx64 (x32 Version: 8.59.25584 - Microsoft) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-106921944-1459413208-1379297083-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Hubert\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-106921944-1459413208-1379297083-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hubert\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-106921944-1459413208-1379297083-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hubert\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-106921944-1459413208-1379297083-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hubert\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-106921944-1459413208-1379297083-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hubert\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)

==================== Restore Points =========================

10-09-2014 06:26:34 AA11
10-09-2014 06:52:36 Windows Update
10-09-2014 14:20:42 SimpleSYN 3.5
13-09-2014 11:09:56 Windows Update
20-09-2014 22:00:02 Geplanter Prüfpunkt
24-09-2014 14:16:13 SimpleSYN 3.5
24-09-2014 14:18:45 SimpleSYN 3.5
24-09-2014 14:22:35 Windows Update
01-10-2014 22:00:02 Geplanter Prüfpunkt
03-10-2014 09:50:21 ape@map wird installiert
03-10-2014 11:00:19 ape@map wird entfernt
03-10-2014 11:03:57 ape@map wird entfernt
03-10-2014 19:50:02 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {30B27C33-2E41-47F8-9318-45A8EEA691B2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {4052A9A2-46CD-4F66-95D5-0E93ED154DF3} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
Task: {4601B97B-A264-473C-A85C-52C9D24203F5} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-08-07] ()
Task: {AE1D4F63-450E-41FA-B9D8-F1F9683F708B} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {BEABAF7D-CDF1-4A60-9C31-93BDC671DF9D} - System32\Tasks\RunAsStdUser Task => C:\Program Files\NetDrive\netdrive.exe

==================== Loaded Modules (whitelisted) =============

2013-01-11 15:20 - 2010-06-17 22:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2013-01-10 14:32 - 2009-10-28 07:34 - 00027648 _____ () C:\Windows\System32\sso4ml6.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 02745168 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareShellExtension.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 03396400 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\RCF.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00123744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_filesystem-vc100-mt-1_55.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00024408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_system-vc100-mt-1_55.dll
2013-06-08 12:22 - 2007-05-10 13:18 - 00835584 _____ () C:\Windows\vsnp325.exe
2014-08-27 12:53 - 2014-08-27 12:53 - 08886592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
2014-08-27 12:53 - 2014-08-27 12:53 - 00055648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_date_time-vc100-mt-1_55.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00103768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_thread-vc100-mt-1_55.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00033624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_chrono-vc100-mt-1_55.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00500056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_locale-vc100-mt-1_55.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 02101568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\HtmlFramework.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00066872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\DllStorage.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00832848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTrayDefaultSkin.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00811328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\Localization.dll
2013-06-08 12:22 - 2007-04-21 09:36 - 00270336 _____ () C:\Windows\tsnp325.exe
2014-02-13 15:27 - 2014-02-13 15:27 - 00692224 _____ () C:\Program Files (x86)\onlinebrief24.de\ebdhelper.exe
2014-09-09 15:07 - 2014-08-12 10:42 - 00736768 _____ () C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
2014-08-27 12:32 - 2014-08-27 12:32 - 00706864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
2014-08-27 12:52 - 2014-08-27 12:52 - 11947856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareServiceKernel.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00788824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_regex-vc100-mt-1_55.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00734536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareActivation.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 02167640 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareApplicationUpdater.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00813896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareGamingMode.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00098624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareReset.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00120128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTime.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00943960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareDefinitionsUpdater.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00869224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01105224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareIgnoreList.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00247624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareQuarantine.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00988504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiMalwareEngine.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00212824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiRootkitEngine.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01172816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScannerHistory.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01277248 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScanner.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00035160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_timer-vc100-mt-1_55.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00975192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScannerScheduler.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01109336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareRealTimeProtection.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00229200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareIncompatibles.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00891720 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiSpam.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00843088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiPhishing.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 03090768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareParentalControl.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 02624848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareWebProtection.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01067344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareEmailProtection.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01290584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareNetworkProtection.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01004352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwarePromo.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00343880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareFeedback.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 02787160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareThreatWorkAlliance.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01238848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwarePinCode.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01004864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareNotice.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00928072 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAvcEngine.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00154944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\SecurityCenter.dll
2011-04-08 05:13 - 2011-04-08 05:13 - 00323072 _____ () C:\Windows\system32\SaMinDrv.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-19 05:20 - 2014-05-19 05:20 - 00208744 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavDllFilter.dll
2014-04-08 11:53 - 2014-04-08 11:55 - 00541032 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\sqlite.dll
2014-07-13 18:44 - 2014-02-19 20:21 - 00208896 ____N () C:\Program Files (x86)\VideoViewer\DatabaseOp.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2014-07-13 18:44 - 2011-04-22 15:21 - 00040960 ____N () C:\Program Files (x86)\VideoViewer\DvrInitCom.dll
2013-01-10 17:35 - 2013-11-21 16:21 - 00031744 ____N () C:\Windows\SysWow64\AVC_JPEG.dll
2014-07-13 18:44 - 2013-11-20 15:54 - 02121216 ____N () C:\Windows\SysWow64\avcodec-55.40.801.dll
2014-07-13 18:44 - 2013-11-20 15:54 - 00399360 ____N () C:\Windows\SysWow64\avutil-52.49.800.dll
2014-07-13 18:44 - 2013-11-20 15:54 - 00310784 ____N () C:\Windows\SysWow64\avformat-55.21.800.dll
2014-07-13 18:44 - 2013-11-20 15:54 - 00368128 ____N () C:\Windows\SysWow64\swscale-2.5.801.dll
2013-01-10 17:35 - 2014-02-10 15:34 - 00196608 ____N () C:\Windows\SysWow64\AVC_H264.dll
2014-07-13 18:44 - 2014-02-19 20:20 - 00143360 ____N () C:\Program Files (x86)\VideoViewer\RecordOp.dll
2014-07-13 18:44 - 2014-02-19 20:21 - 00552960 ____N () C:\Program Files (x86)\VideoViewer\LiveVideo.dll
2014-07-13 18:44 - 2014-02-19 20:20 - 00098304 ____N () C:\Program Files (x86)\VideoViewer\PlaybackOp.dll
2014-07-13 18:44 - 2011-08-23 16:07 - 00065536 ____N () C:\Program Files (x86)\VideoViewer\NetMsgDLL.DLL
2014-09-09 20:44 - 2005-11-27 22:07 - 00491520 _____ () C:\Windows\SysWow64\CoolXPButton.ocx
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-09-09 15:07 - 2014-08-12 10:42 - 00382464 _____ () C:\Program Files (x86)\Syncios\DuiLib.dll
2014-09-09 15:07 - 2013-03-01 10:30 - 00059904 _____ () C:\Program Files (x86)\Syncios\zlib.dll
2014-09-09 15:07 - 2013-03-01 10:30 - 00526848 _____ () C:\Program Files (x86)\Syncios\sqlite3.dll
2014-09-09 15:07 - 2014-04-29 17:11 - 00067072 _____ () C:\Program Files (x86)\Syncios\zlib1.dll
2014-09-09 15:07 - 2014-01-06 11:24 - 00671744 _____ () C:\Program Files (x86)\Syncios\hashab.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 00237384 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2013-02-14 15:46 - 2013-02-14 15:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2014-10-05 18:18 - 2012-04-16 13:15 - 00004608 _____ () c:\program files (x86)\trafficmonitor\lgLcdLibWrapper.dll
2013-02-13 06:44 - 2013-02-13 06:44 - 00028160 _____ () C:\Program Files (x86)\Pidgin\libssp-0.dll
2013-02-13 06:44 - 2013-02-13 06:44 - 00671031 _____ () C:\Program Files (x86)\Pidgin\exchndl.dll
2013-05-09 14:32 - 2013-05-09 14:32 - 00904525 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libcairo-2.dll
2013-05-09 14:32 - 2013-05-09 14:32 - 00279059 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libfontconfig-1.dll
2013-05-09 14:32 - 2013-05-09 14:32 - 00177586 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libexpat-1.dll
2013-05-09 14:32 - 2013-05-09 14:32 - 00553382 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\freetype6.dll
2013-05-09 14:32 - 2013-05-09 14:32 - 00216992 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libpng14-14.dll
2013-05-09 14:32 - 2013-05-09 14:32 - 00100352 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\zlib1.dll
2013-02-13 06:43 - 2013-02-13 06:43 - 01274655 _____ () C:\Program Files (x86)\Pidgin\libxml2-2.dll
2013-02-13 06:44 - 2013-02-13 06:44 - 00475580 _____ () C:\Program Files (x86)\Pidgin\spellcheck\libgtkspell-0.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00020997 _____ () C:\Program Files (x86)\Pidgin\plugins\autoaccept.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00013253 _____ () C:\Program Files (x86)\Pidgin\plugins\buddynote.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00024924 _____ () C:\Program Files (x86)\Pidgin\plugins\convcolors.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00015702 _____ () C:\Program Files (x86)\Pidgin\plugins\extplacement.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00014147 _____ () C:\Program Files (x86)\Pidgin\plugins\gtkbuddynote.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00018882 _____ () C:\Program Files (x86)\Pidgin\plugins\history.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00012865 _____ () C:\Program Files (x86)\Pidgin\plugins\iconaway.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00019043 _____ () C:\Program Files (x86)\Pidgin\plugins\idle.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00018555 _____ () C:\Program Files (x86)\Pidgin\plugins\joinpart.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00015074 _____ () C:\Program Files (x86)\Pidgin\plugins\libaim.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00310491 _____ () C:\Program Files (x86)\Pidgin\liboscar.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00092874 _____ () C:\Program Files (x86)\Pidgin\plugins\libbonjour.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00209619 _____ () C:\Program Files (x86)\Pidgin\plugins\libgg.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00016005 _____ () C:\Program Files (x86)\Pidgin\plugins\libicq.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00105620 _____ () C:\Program Files (x86)\Pidgin\plugins\libirc.dll
2013-02-13 06:43 - 2013-02-13 06:43 - 00190464 _____ () C:\Program Files (x86)\Pidgin\libsasl.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00373657 _____ () C:\Program Files (x86)\Pidgin\plugins\libmsn.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00149933 _____ () C:\Program Files (x86)\Pidgin\plugins\libmxit.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00106670 _____ () C:\Program Files (x86)\Pidgin\plugins\libmyspace.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00123540 _____ () C:\Program Files (x86)\Pidgin\plugins\libnovell.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00116583 _____ () C:\Program Files (x86)\Pidgin\plugins\libsametime.dll
2013-02-13 06:43 - 2013-02-13 06:43 - 00152852 _____ () C:\Program Files (x86)\Pidgin\libmeanwhile-1.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00171090 _____ () C:\Program Files (x86)\Pidgin\plugins\libsilc.dll
2013-02-13 06:43 - 2013-02-13 06:43 - 02097721 _____ () C:\Program Files (x86)\Pidgin\libsilc-1-1-2.dll
2013-02-13 06:43 - 2013-02-13 06:43 - 00818985 _____ () C:\Program Files (x86)\Pidgin\libsilcclient-1-1-3.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00055758 _____ () C:\Program Files (x86)\Pidgin\plugins\libsimple.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00021337 _____ () C:\Program Files (x86)\Pidgin\plugins\libxmpp.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00415553 _____ () C:\Program Files (x86)\Pidgin\libjabber.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00022832 _____ () C:\Program Files (x86)\Pidgin\plugins\libyahoo.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00228908 _____ () C:\Program Files (x86)\Pidgin\libymsg.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00019793 _____ () C:\Program Files (x86)\Pidgin\plugins\libyahoojp.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00047391 _____ () C:\Program Files (x86)\Pidgin\plugins\log_reader.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00021795 _____ () C:\Program Files (x86)\Pidgin\plugins\markerline.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00013456 _____ () C:\Program Files (x86)\Pidgin\plugins\newline.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00029225 _____ () C:\Program Files (x86)\Pidgin\plugins\notify.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00017023 _____ () C:\Program Files (x86)\Pidgin\plugins\offlinemsg.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00029256 _____ () C:\Program Files (x86)\Pidgin\plugins\pidginrc.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00015380 _____ () C:\Program Files (x86)\Pidgin\plugins\psychic.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00015429 _____ () C:\Program Files (x86)\Pidgin\plugins\relnot.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00015045 _____ () C:\Program Files (x86)\Pidgin\plugins\sendbutton.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00069575 _____ () C:\Program Files (x86)\Pidgin\plugins\spellchk.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00027811 _____ () C:\Program Files (x86)\Pidgin\plugins\ssl-nss.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00012004 _____ () C:\Program Files (x86)\Pidgin\plugins\ssl.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00015978 _____ () C:\Program Files (x86)\Pidgin\plugins\statenotify.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00030353 _____ () C:\Program Files (x86)\Pidgin\plugins\themeedit.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00032020 _____ () C:\Program Files (x86)\Pidgin\plugins\ticker.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00018399 _____ () C:\Program Files (x86)\Pidgin\plugins\timestamp.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00023305 _____ () C:\Program Files (x86)\Pidgin\plugins\timestamp_format.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00029791 _____ () C:\Program Files (x86)\Pidgin\plugins\win2ktrans.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00030771 _____ () C:\Program Files (x86)\Pidgin\plugins\winprefs.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00037191 _____ () C:\Program Files (x86)\Pidgin\plugins\xmppconsole.dll
2013-02-13 06:45 - 2013-02-13 06:45 - 00044494 _____ () C:\Program Files (x86)\Pidgin\plugins\xmppdisco.dll
2013-02-13 06:43 - 2013-02-13 06:43 - 00102400 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslANONYMOUS.dll
2013-02-13 06:43 - 2013-02-13 06:43 - 00115712 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslCRAMMD5.dll
2013-02-13 06:43 - 2013-02-13 06:43 - 00140288 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslDIGESTMD5.dll
2013-02-13 06:43 - 2013-02-13 06:43 - 00102912 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslLOGIN.dll
2013-02-13 06:43 - 2013-02-13 06:43 - 00102912 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslPLAIN.dll
2013-02-13 06:44 - 2013-02-13 06:44 - 00425984 _____ () C:\Program Files (x86)\Pidgin\sqlite3.dll
2013-05-09 14:32 - 2013-05-09 14:32 - 00090496 _____ () C:\Program Files (x86)\Pidgin\Gtk\lib\gtk-2.0\2.10.0\engines\libwimp.dll
2014-09-25 16:20 - 2014-09-25 16:21 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Hubert^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: NetDrive => "C:\Program Files\NetDrive\netdrive.exe" -tray
MSCONFIG\startupreg: OODefragTray => C:\Program Files\OO Software\Defrag\oodtray.exe
MSCONFIG\startupreg: OODITRAY.EXE => C:\Program Files\OO Software\DiskImage\ooditray.exe
MSCONFIG\startupreg: tsnp325 => C:\Windows\tsnp325.exe
MSCONFIG\startupreg: VideoViewer => C:\Program Files (x86)\VideoViewer\VideoViewer.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-106921944-1459413208-1379297083-500 - Administrator - Disabled)
fbwuser (S-1-5-21-106921944-1459413208-1379297083-1003 - Limited - Enabled)
Gast (S-1-5-21-106921944-1459413208-1379297083-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-106921944-1459413208-1379297083-1002 - Limited - Enabled)
Hubert (S-1-5-21-106921944-1459413208-1379297083-1000 - Administrator - Enabled) => C:\Users\Hubert

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/07/2014 10:27:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24

Error: (10/07/2014 10:27:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23

Error: (10/07/2014 10:27:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22

Error: (10/07/2014 10:27:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21

Error: (10/07/2014 10:27:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20

Error: (10/07/2014 10:27:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19

Error: (10/07/2014 10:27:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18

Error: (10/07/2014 10:27:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17

Error: (10/07/2014 10:27:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 16

Error: (10/07/2014 10:27:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 15


System errors:
=============
Error: (10/04/2014 08:44:47 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst StarMoney Business 6.0 OnlineUpdate erreicht.

Error: (10/04/2014 08:43:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (10/04/2014 08:43:37 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Core Update Service erreicht.

Error: (10/04/2014 08:43:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (10/03/2014 09:50:39 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f020b fehlgeschlagen: SAMSUNG Electronics Co., Ltd. - Other hardware - SAMSUNG Mobile MTP Device

Error: (10/03/2014 05:44:09 AM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (10/03/2014 05:43:14 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (10/03/2014 05:43:14 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (09/29/2014 09:15:09 AM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (09/28/2014 05:11:10 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.


Microsoft Office Sessions:
=========================
Error: (10/07/2014 10:27:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24

Error: (10/07/2014 10:27:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23

Error: (10/07/2014 10:27:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22

Error: (10/07/2014 10:27:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21

Error: (10/07/2014 10:27:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20

Error: (10/07/2014 10:27:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19

Error: (10/07/2014 10:27:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18

Error: (10/07/2014 10:27:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17

Error: (10/07/2014 10:27:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 16

Error: (10/07/2014 10:27:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 15


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 58%
Total physical RAM: 8157.09 MB
Available physical RAM: 3414.81 MB
Total Pagefile: 18155.27 MB
Available Pagefile: 14246.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:116.28 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Video) (Fixed) (Total:298.09 GB) (Free:173.84 GB) NTFS
Drive f: (Verbatim) (Fixed) (Total:465.76 GB) (Free:331.89 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 3AE71515)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: D9D1075A)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 6684C31F)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

2. FRST.txt
FRST Logfile:
--- --- ---

3. defogger_disable.log
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 15:06 on 07/10/2014 (Hubert)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

4. gmer.log
GMER Logfile:
--- --- ---

Hoffe, das war so richtig!
Gruß
Hubert

Downloade Dir bitte Malwarebytes Anti-Malware

• Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
• Starte Malwarebytes' Anti-Malware (MBAM).
• Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
• Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
• Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
• Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
• Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
• Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

• Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
• Drücke eine beliebige Taste, um das Tool zu starten.
• Je nach System kann der Scan eine Weile dauern.
• Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
• Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Hier die neuen Logfiles
 

1. MBAM.txt
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 08.10.2014
Suchlauf-Zeit: 12:54:08
Logdatei: MBAM.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.10.08.03
Rootkit Datenbank: v2014.09.19.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Hubert

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 382477
Verstrichene Zeit: 13 Min, 51 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 35
PUP.Optional.StartPage.A, HKLM\SOFTWARE\CLASSES\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}, In Quarantäne, [c38070a28def80b6bf5e6a2d31d1cf31],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\CLASSES\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}\INPROCSERVER32, In Quarantäne, [c38070a28def80b6bf5e6a2d31d1cf31],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}, In Quarantäne, [c38070a28def80b6bf5e6a2d31d1cf31],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}, In Quarantäne, [c38070a28def80b6bf5e6a2d31d1cf31],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}, In Quarantäne, [c38070a28def80b6bf5e6a2d31d1cf31],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}, In Quarantäne, [c38070a28def80b6bf5e6a2d31d1cf31],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}, In Quarantäne, [c38070a28def80b6bf5e6a2d31d1cf31],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\CLASSES\Extension.ExtensionHelperObject.1, In Quarantäne, [c38070a28def80b6bf5e6a2d31d1cf31],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\CLASSES\Extension.ExtensionHelperObject, In Quarantäne, [c38070a28def80b6bf5e6a2d31d1cf31],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Extension.ExtensionHelperObject, In Quarantäne, [c38070a28def80b6bf5e6a2d31d1cf31],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{336D0C35-8A85-403A-B9D2-65C292C39087}, In Quarantäne, [c38070a28def80b6bf5e6a2d31d1cf31],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Extension.ExtensionHelperObject.1, In Quarantäne, [c38070a28def80b6bf5e6a2d31d1cf31],
PUP.Optional.StartPage.A, HKU\S-1-5-21-106921944-1459413208-1379297083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{336D0C35-8A85-403A-B9D2-65C292C39087}, In Quarantäne, [c38070a28def80b6bf5e6a2d31d1cf31],
PUP.Optional.StartPage.A, HKU\S-1-5-21-106921944-1459413208-1379297083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{336D0C35-8A85-403A-B9D2-65C292C39087}, In Quarantäne, [c38070a28def80b6bf5e6a2d31d1cf31],
PUP.Optional.Snapdo.T, HKU\S-1-5-21-106921944-1459413208-1379297083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, In Quarantäne, [281bf022a7d5c76f431ed9fba45ed32d],
PUP.Optional.Snapdo.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, In Quarantäne, [281bf022a7d5c76f431ed9fba45ed32d],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-106921944-1459413208-1379297083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [f54e957db4c8092dd3d6494e20e2fa06],
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [f54e957db4c8092dd3d6494e20e2fa06],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, In Quarantäne, [be8528ea2d4fe5510d21646d1be7a45c],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, In Quarantäne, [93b0769ca0dc231366c912bfa062d22e],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, In Quarantäne, [46fd6ca6205ce84e4b78458b42c04fb1],
PUP.Optional.Incredibar.A, HKLM\SOFTWARE\IB Updater, In Quarantäne, [f1526da5cfadb0864445f53f7390f010],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\Iminent, In Quarantäne, [99aa92804339ba7cf0cc50f7020140c0],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent, In Quarantäne, [76cd1ef42d4f39fd9c74cca69e6642be],
PUP.Optional.Incredibar.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\dlnembnfbcpjnepmfjmngjenhhajpdfd, In Quarantäne, [55ee7e94027a3afc5d2bb38148bb0af6],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DatamngrCoordinator.exe, In Quarantäne, [ec57977b097350e689dce53a6d967090],
PUP.Optional.Incredibar.A, HKLM\SOFTWARE\WOW6432NODE\IB Updater, In Quarantäne, [093a62b05c202e084e3bd55f57ace917],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, In Quarantäne, [70d354bef686c96d6b511c2bb35046ba],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent, In Quarantäne, [083bd43e93e9b185f719551d31d3e818],
PUP.Optional.Incredibar.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dlnembnfbcpjnepmfjmngjenhhajpdfd, In Quarantäne, [fb4819f9c7b55bdb840458dc897a867a],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DatamngrCoordinator.exe, In Quarantäne, [6bd8b35fa5d7d5611a4b4bd4c04359a7],
PUP.Optional.MySafeProxy.A, HKLM\SOFTWARE\WOW6432NODE\XTRM GROUP LTD.\MySafeProxy, In Quarantäne, [4ff4868c700cb185927759b73ac96799],
PUP.Optional.PriceGong.A, HKU\S-1-5-21-106921944-1459413208-1379297083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, In Quarantäne, [82c159b95f1dc4724cfdff42cd3655ab],
PUP.Optional.Softonic.A, HKU\S-1-5-21-106921944-1459413208-1379297083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, In Quarantäne, [b093da381c606fc7e82150e659aa9e62],
PUP.Optional.IBUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1, In Quarantäne, [81c243cfbbc146f0f23bdf1939c9c937],

Registrierungswerte: 10
PUP.Optional.StartPage.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{336D0C35-8A85-403A-B9D2-65C292C39087}, C:\Program Files\IB Updater\Firefox, In Quarantäne, [c38070a28def80b6bf5e6a2d31d1cf31]
PUP.Optional.StartPage.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{336D0C35-8A85-403A-B9D2-65C292C39087}, C:\Program Files\IB Updater\Firefox, In Quarantäne, [c38070a28def80b6bf5e6a2d31d1cf31]
PUP.Optional.Iminent.A, HKU\S-1-5-21-106921944-1459413208-1379297083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, In Quarantäne, [46fd6ca6205ce84e4b78458b42c04fb1],
PUP.Optional.Iminent.A, HKU\S-1-5-21-106921944-1459413208-1379297083-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, In Quarantäne, [8eb5050d68142f079b28e8e8cb371de3],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS\{336D0C35-8A85-403a-B9D2-65C292C39087}, In Quarantäne, [b3909181e09ceb4bc5587720738f5fa1],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS\{336D0C35-8A85-403a-B9D2-65C292C39087}, In Quarantäne, [1c27cf43fd7fd75fa37a1780db27fc04],
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In Quarantäne, [ab9869a983f946f0f8c5a0756b98e818]
PUP.Optional.Incredibar, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}, C:\Program Files\IB Updater\Firefox, In Quarantäne, [3f04080a027ab87ee1a2a3c54abae020]
PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In Quarantäne, [e16237dbbfbd73c328954cc9cf34c13f]
PUP.Optional.Incredibar, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}, C:\Program Files\IB Updater\Firefox, In Quarantäne, [251ef919631965d1651e016751b301ff]

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 30
PUP.Optional.SweetIM.A, C:\Windows\SysWOW64\jmdp, In Quarantäne, [1f24ec26067686b0f300f62fb64d9868],
PUP.Optional.OpenCandy, C:\Users\Hubert\AppData\Roaming\OpenCandy, In Quarantäne, [400310021c601f174e0936ae669c8e72],
PUP.Optional.OpenCandy, C:\Users\Hubert\AppData\Roaming\OpenCandy\50F79FE2AA58433F8C5C52A87B9CDE43, In Quarantäne, [400310021c601f174e0936ae669c8e72],
PUP.Optional.Iminent.A, C:\Users\Hubert\AppData\Local\Temp\Iminent, In Quarantäne, [c47f5ab88bf1e74f1060a93b6999d030],
PUP.Optional.Conduit.A, C:\Users\Hubert\AppData\Local\Temp\ct3288691, In Quarantäne, [c0838d852a52a1955f6dde06fc068878],
PUP.Optional.Conduit.A, C:\Users\Hubert\AppData\Local\Temp\ct3297265, In Quarantäne, [51f2b16184f85dd978547d6745bd738d],
PUP.Optional.Conduit.A, C:\Users\Hubert\AppData\Local\Temp\ct3297861, In Quarantäne, [0340b75bafcd290dfbd135afd82a5da3],
PUP.Optional.Conduit.A, C:\Users\Hubert\AppData\Local\Temp\CT3314932, In Quarantäne, [7fc4759da4d82b0b04c86b79d72bf40c],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox, In Quarantäne, [d56e8290fa82ac8adbbecf169c6605fb],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome, In Quarantäne, [d56e8290fa82ac8adbbecf169c6605fb],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome\content, In Quarantäne, [d56e8290fa82ac8adbbecf169c6605fb],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome\content\libraries, In Quarantäne, [d56e8290fa82ac8adbbecf169c6605fb],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome\content\resources, In Quarantäne, [d56e8290fa82ac8adbbecf169c6605fb],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome\locale, In Quarantäne, [d56e8290fa82ac8adbbecf169c6605fb],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome\locale\en-US, In Quarantäne, [d56e8290fa82ac8adbbecf169c6605fb],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome\skin, In Quarantäne, [d56e8290fa82ac8adbbecf169c6605fb],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\defaults, In Quarantäne, [d56e8290fa82ac8adbbecf169c6605fb],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\defaults\preferences, In Quarantäne, [d56e8290fa82ac8adbbecf169c6605fb],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.Incredibar.A, C:\Users\Hubert\AppData\Local\Temp\mt_ffx\Incredibar.com, In Quarantäne, [9ca72fe348349d9968d7c825f90952ae],
PUP.Optional.Incredibar.A, C:\Users\Hubert\AppData\Local\Temp\mt_ffx\Incredibar.com\incredibar, In Quarantäne, [9ca72fe348349d9968d7c825f90952ae],
PUP.Optional.Incredibar.A, C:\Users\Hubert\AppData\Local\Temp\mt_ffx\Incredibar.com\incredibar\1.5.11.14, In Quarantäne, [9ca72fe348349d9968d7c825f90952ae],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater, In Quarantäne, [81c243cfbbc146f0f23bdf1939c9c937],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\libraries, In Quarantäne, [81c243cfbbc146f0f23bdf1939c9c937],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\resources, In Quarantäne, [81c243cfbbc146f0f23bdf1939c9c937],
PUP.Optional.MySafeProxy.A, C:\Windows\Temp\XTRM Group Ltd, In Quarantäne, [380ba969502cd561e0650806996a13ed],
PUP.Optional.MySafeProxy.A, C:\Windows\Temp\XTRM Group Ltd\MySafeProxy, In Quarantäne, [380ba969502cd561e0650806996a13ed],
PUP.Optional.MySafeProxy.A, C:\Windows\Temp\XTRM Group Ltd\MySafeProxy\1.0.7.0, In Quarantäne, [380ba969502cd561e0650806996a13ed],
PUP.Optional.MySafeProxy.A, C:\Windows\Temp\XTRM Group Ltd\MySafeProxy\1.0.7.0\rollback, In Quarantäne, [380ba969502cd561e0650806996a13ed],

Dateien: 80
PUP.Optional.StartPage.A, C:\Program Files\IB Updater\Extension64.dll, In Quarantäne, [c38070a28def80b6bf5e6a2d31d1cf31],
PUP.Optional.StartPage.A, C:\Program Files\IB Updater\Extension32.dll, In Quarantäne, [c38070a28def80b6bf5e6a2d31d1cf31],
PUP.Optional.Somoto, C:\Program Files (x86)\SARDU_2.0.6.3\SARDU_1, In Quarantäne, [ea5923ef1f5d1620d1d5e95218ed3cc4],
PUP.Optional.SearchProtect.A, C:\Users\Hubert\AppData\Local\Temp\nshEAFA.tmp, In Quarantäne, [2d16b55d82faa4920a83bfe0639ef50b],
PUP.Optional.Conduit.A, C:\Users\Hubert\AppData\Local\Temp\nsn8E21.exe, In Quarantäne, [70d380926c10a492e38a4a4b0cf51de3],
PUP.Optional.Conduit.A, C:\Users\Hubert\AppData\Local\Temp\nsn9A04.exe, In Quarantäne, [212271a1106c9f97c8a58f0635cc9e62],
PUP.Optional.Conduit.A, C:\Users\Hubert\AppData\Local\Temp\nss2212.exe, In Quarantäne, [271c5db5e399979f4d20068f6f9223dd],
PUP.Optional.Conduit.A, C:\Users\Hubert\AppData\Local\Temp\nsv8EE1.exe, In Quarantäne, [5be8a46e205c1f17482531643ac751af],
PUP.Optional.Conduit.A, C:\Users\Hubert\AppData\Local\Temp\nsx258C.exe, In Quarantäne, [043ffe14730975c18de0c3d253ae837d],
PUP.Optional.Iminent.A, C:\Users\Hubert\AppData\Local\Temp\IminentSetup.exe, In Quarantäne, [c182f41e0f6d71c52a89d36de0219a66],
PUP.Optional.Wajam.A, C:\Users\Hubert\AppData\Local\Temp\InstallShare12518\wajam.exe, In Quarantäne, [da692ee4c9b3e84ee248c97ed0300df3],
PUP.Optional.Conduit.A, C:\Users\Hubert\AppData\Local\Temp\ct3297265\ism.exe, In Quarantäne, [5de6e72b522a8fa70cc9900a49b8b54b],
PUP.Optional.ClientConnect, C:\Users\Hubert\AppData\Local\Temp\nsxF787.tmp\DownloadACC.dll, In Quarantäne, [2122878b91ebf73f6e08efc361a07789],
PUP.Optional.ClientConnect, C:\Users\Hubert\AppData\Local\Temp\nsxF787.tmp\webapphost.dll, In Quarantäne, [cb78967c34487eb8cbab832f43be26da],
PUP.Optional.ClientConnect, C:\Users\Hubert\AppData\Local\Temp\nsxF787.tmp\ProxyInstallerDir\ProxyInstaller.exe, In Quarantäne, [a0a371a1adcfd5614b2bf5bd54ad1de3],
PUP.Optional.Inredibar.A, C:\Windows\Temp\INJ001\ExtensionUpdate.exe, In Quarantäne, [b2911ff3304cda5c0fc5f88e0ff2ee12],
PUP.Optional.Softonic, C:\Users\Hubert\Downloads\SoftonicDownloader_for_likno-web-button-maker.exe, In Quarantäne, [c083a969522a0333183b279313eefc04],
PUP.Optional.SweetIM.A, C:\Windows\SysWOW64\jmdp\SweetNT.crx, In Quarantäne, [1f24ec26067686b0f300f62fb64d9868],
PUP.Optional.SweetIM.A, C:\Windows\SysWOW64\jmdp\lmrn.dll, In Quarantäne, [1f24ec26067686b0f300f62fb64d9868],
PUP.Optional.SweetIM.A, C:\Windows\SysWOW64\jmdp\msvcp100.dll, In Quarantäne, [1f24ec26067686b0f300f62fb64d9868],
PUP.Optional.SweetIM.A, C:\Windows\SysWOW64\jmdp\msvcr100.dll, In Quarantäne, [1f24ec26067686b0f300f62fb64d9868],
PUP.Optional.SweetIM.A, C:\Windows\SysWOW64\jmdp\pnte.crx, In Quarantäne, [1f24ec26067686b0f300f62fb64d9868],
PUP.Optional.SweetIM.A, C:\Windows\SysWOW64\jmdp\sqlite3.dll, In Quarantäne, [1f24ec26067686b0f300f62fb64d9868],
PUP.Optional.SweetIM.A, C:\Windows\SysWOW64\jmdp\stij.exe, In Quarantäne, [1f24ec26067686b0f300f62fb64d9868],
PUP.Optional.Iminent.A, C:\Program Files (x86)\Mozilla Firefox\defaults\pref\all-iminent.js, In Quarantäne, [d46f16fc2557ad896023ed6df4105aa6],
PUP.Optional.CrossRider.A, C:\Windows\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633, In Quarantäne, [76cd52c0bdbfbb7b72b8e0a0c3413dc3],
PUP.Optional.OpenCandy, C:\Users\Hubert\AppData\Roaming\OpenCandy\50F79FE2AA58433F8C5C52A87B9CDE43\winzip180mul-64.msi, In Quarantäne, [400310021c601f174e0936ae669c8e72],
PUP.Optional.OpenCandy, C:\Users\Hubert\AppData\Roaming\OpenCandy\50F79FE2AA58433F8C5C52A87B9CDE43\wzstarter.exe, In Quarantäne, [400310021c601f174e0936ae669c8e72],
PUP.Optional.Conduit.A, C:\Users\Hubert\AppData\Local\Temp\ct3288691\chromeid.txt, In Quarantäne, [c0838d852a52a1955f6dde06fc068878],
PUP.Optional.Conduit.A, C:\Users\Hubert\AppData\Local\Temp\ct3288691\setup.ini.txt, In Quarantäne, [c0838d852a52a1955f6dde06fc068878],
PUP.Optional.Conduit.A, C:\Users\Hubert\AppData\Local\Temp\ct3297861\chromeid.txt, In Quarantäne, [0340b75bafcd290dfbd135afd82a5da3],
PUP.Optional.Conduit.A, C:\Users\Hubert\AppData\Local\Temp\ct3297861\setup.ini.txt, In Quarantäne, [0340b75bafcd290dfbd135afd82a5da3],
PUP.Optional.Conduit.A, C:\Users\Hubert\AppData\Local\Temp\CT3314932\ddt.csf, In Quarantäne, [7fc4759da4d82b0b04c86b79d72bf40c],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome.manifest, In Quarantäne, [d56e8290fa82ac8adbbecf169c6605fb],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\install.rdf, In Quarantäne, [d56e8290fa82ac8adbbecf169c6605fb],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome\content\main.js, In Quarantäne, [d56e8290fa82ac8adbbecf169c6605fb],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome\content\main.xul, In Quarantäne, [d56e8290fa82ac8adbbecf169c6605fb],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome\content\libraries\DataExchangeScript.js, In Quarantäne, [d56e8290fa82ac8adbbecf169c6605fb],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome\content\resources\localscript.js, In Quarantäne, [d56e8290fa82ac8adbbecf169c6605fb],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome\locale\en-US\overlay.dtd, In Quarantäne, [d56e8290fa82ac8adbbecf169c6605fb],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome\skin\overlay.css, In Quarantäne, [d56e8290fa82ac8adbbecf169c6605fb],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\defaults\preferences\defaults.js, In Quarantäne, [d56e8290fa82ac8adbbecf169c6605fb],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\1.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\16175.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\2229.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\2365.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\a.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\b.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\c.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\d.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\e.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\f.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\g.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\h.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\i.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\j.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\k.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\l.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\m.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\mru.xml, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\n.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\o.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\p.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\q.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\r.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\s.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\t.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\u.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\v.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\w.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\wlu.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\x.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\y.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.PriceGong.A, C:\Users\Hubert\AppData\LocalLow\PriceGong\Data\z.txt, In Quarantäne, [142fc949abd1989ed2ffd215ce34ed13],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\DGChrome.exe, In Quarantäne, [81c243cfbbc146f0f23bdf1939c9c937],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\InstallerHelper.dll, In Quarantäne, [81c243cfbbc146f0f23bdf1939c9c937],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\unins000.dat, In Quarantäne, [81c243cfbbc146f0f23bdf1939c9c937],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\unins000.exe, In Quarantäne, [81c243cfbbc146f0f23bdf1939c9c937],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\libraries\DataExchangeScript.js, In Quarantäne, [81c243cfbbc146f0f23bdf1939c9c937],
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\resources\localscript.js, In Quarantäne, [81c243cfbbc146f0f23bdf1939c9c937],

Physische Sektoren: 0
(No malicious items detected)


(end)


2. AdwCleanerAdwCleaner Logfile:
--- --- ---

3. JRT.txt
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.1 (10.06.2014:1)
OS: Windows 7 Professional x64
Ran by Hubert on 08.10.2014 at 19:36:15,47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\baidu"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted the following from C:\Users\Hubert\AppData\Roaming\mozilla\firefox\profiles\uaa5oomv.default-1406201691444\prefs.js

user_pref("browser.search.useDBForOrder", "false");
Emptied folder: C:\Users\Hubert\AppData\Roaming\mozilla\firefox\profiles\uaa5oomv.default-1406201691444\minidumps [9 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.10.2014 at 19:40:25,99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


4. frisches FRST
FRST Logfile:

FRST Logfile:
--- --- ---

--- --- ---

Ich hoffe, das war alles richtig, was ich gemacht habe!?
Vielen Dank schon mal für die Hilfe.
Gruß
Hubert

ESET Online Scanner

• Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
• Lade und starte Eset Online Scanner
• Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
• Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
• Klicke auf Starten.
• Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Klicke am Ende des Suchlaufs auf Fertig stellen.
• Schließe das Fenster von ESET.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte SecurityCheck und:

• Speichere es auf dem Desktop.
• Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
• Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Feedback nach Eset und Sec.check
 

1. Eset
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=1befd254a29f92458ec9c3373eacadef
# engine=20514
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-10-09 12:36:45
# local_time=2014-10-09 02:36:45 (+0100, Mitteleuropäische Sommerzeit )
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 164488055 0 0
# compatibility_mode_1='Baidu Antivirus'
# compatibility_mode=15105 16777213 100 99 8179 23241375 0 0
# scanned=435764
# found=14
# cleaned=0
# scan_time=7904
sh=67A75BAA7A5BBB2EEEBB99D490F00F82D0BB1E09 ft=1 fh=5d5a0ac2ab2c0a85 vn="Variante von Win32/Systweak evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe"
sh=ABA32A0BF4960B1AB88953C36CF160625C78AC9B ft=1 fh=47eacc88b34b8f30 vn="MSIL/AdvancedSystemProtector.D evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\CPUID\PC Wizard 2012\systweakasp_c.exe"
sh=4913E0F9EDA9B9C39B019445A84D65892CB1AFE8 ft=1 fh=9ae7f7a1d7f35279 vn="Variante von Win32/InstallShare.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Hubert\AppData\Local\InstallShare\2_14128_installer.exe"
sh=843A425231EE9364C6EF6FA859E252F30809E388 ft=1 fh=01b038883fb048b7 vn="Variante von Win32/Toolbar.Iminent.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Hubert\AppData\Local\Temp\IminentSoftonicReady.exe"
sh=2E521200ADA9DA5D36C0581D3F501604313B46CD ft=1 fh=070b7b4e75471fe4 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Hubert\AppData\Local\Temp\UpdateCheckerSetup.exe"
sh=94808FCF0748C437F4D7FFA4D540E054CB014FAB ft=1 fh=70ddbdf0d299bc56 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Hubert\AppData\Local\Temp\nsxF787.tmp\System.dll"
sh=CAC3F5217C8FEB6BDC25AE772C94D751FA90A8E5 ft=1 fh=94d2ec36ff7da8ba vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Hubert\AppData\Local\Temp\RarSFX0\Binaries\IExploreInstaller.exe"
sh=13287F94C77CE22E0C11855F6DD07512CC74C105 ft=1 fh=080273d70ec48dd3 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Hubert\Documents\Tools\DVDFreeStudio590.exe"
sh=7F0A0674E9522BFCF7CBA33DED49AAEBAF36F614 ft=1 fh=2f70aa409cdbff5b vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Hubert\Documents\Tools\HSS-2.90.exe"
sh=5543317AB6CC3C84B018F7262CD7F6048CA22C4B ft=1 fh=1b57474b1411cddc vn="Win32/InstallMonetizer.AH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Hubert\Documents\Tools\MyPhoneExplorer_Setup_1.8.4.exe"
sh=7B2237C35AD29E31A729CC19A081EE77F87C4F09 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\HUES-Win7-old\AppData\Roaming\Thunderbird\Profiles\klcfq0fq.default\extensions\{94817c02-feac-4aa8-99d8-1cb47bf4d4c0}\chrome\spesoft.jar"
sh=23A8AD9A547A04515A095AD30A92081316A9BEC3 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\673322e.msi"
sh=FA6B38AAAC213F1FBB6D46BC286C5AF66048C392 ft=1 fh=a5f88c48a94033ea vn="Variante von Win32/Toolbar.Perion.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KPTZNJWD\update[1]"
sh=FA6B38AAAC213F1FBB6D46BC286C5AF66048C392 ft=1 fh=a5f88c48a94033ea vn="Variante von Win32/Toolbar.Perion.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KPTZNJWD\update[1]"



2. SecurityCheck
läuft nicht mit folgender Meldung: UNSUPPORTED OPERATING SYSTEM! ABORTED!



3. FRST
FRST Logfile:

FRST Logfile:
--- --- ---

--- --- ---


Die Meldung: "Warten auf grevolutionstore.it" ist immer noch da.
Habe FF mal im privaten Modus gestartet, da kommt die Meldung nicht.
Sollte das ganze an FF hängen?

Gruß
Hubert

Hab den Rechner mal neu gestartet und nochmal Securitycheck probiert, jetzt gings, hier den Inhalt der checkup.txt

Results of screen317's Security Check version 0.99.87
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Ad-Aware Antivirus
Baidu Antivirus
Antivirus out of date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 51
Java version out of Date!
Adobe Flash Player 14.0.0.179
Mozilla Firefox (32.0.3)
````````Process Check: objlist.exe by Laurent````````
Baidu Security Baidu Antivirus BAVSvc.exe
Baidu Security Baidu Antivirus BHipsSvc.exe
Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.3.6321.0\AdAwareTray.exe
Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.3.6321.0\AdAwareService.exe
Baidu Security Baidu Antivirus bavhm.exe
Baidu Security Baidu Antivirus BavTray.exe
StarMoney Business 6.0 ouservice StarMoneyOnlineUpdate.exe
onlinebrief24.de ebdhelper.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

Java updaten.

Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

• Starte nun FRST erneut und klicke den Entfernen Button.
• Das Tool erstellt eine Fixlog.txt.
• Poste mir deren Inhalt.

fixlog.txt
 

Hallo schrauber,
hier der Inhalt:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-10-2014 01
Ran by Hubert at 2014-10-10 09:22:05 Run:1
Running from C:\Users\Hubert\Desktop\Sicherheits-Tools
Loaded Profile: Hubert (Available profiles: Hubert)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM\...\Run: [snp325] => C:\Windows\vsnp325.exe [835584 2007-05-10] ()
HKLM\...\Run: [] => [X]
Emptytemp:

*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\snp325 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
EmptyTemp: => Removed 8.1 GB temporary data.


The system needed a reboot.

==== End of Fixlog ====

Gruß
Hubert

Fertig :)

Die Reihenfolge ist hier entscheidend.

1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
   • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
   • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
   • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
3. Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
   • Schließe alle offenen Programme.
   • Starte die delfix.exe mit einem Doppelklick.
   • Setze vor jede Funktion ein Häkchen.
   • Klicke auf Start.
   • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
   • Starte deinen Rechner abschließend neu.
4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

• Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
• Windows Updates
  • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
  • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
• Gehe sicher das die automatischen Updates aktiviert sind.
• Software Updates
  Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
  Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

• Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

• MalwareBytes Anti Malware
  Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
  Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
  Ein Tutorial zur Verwendung findest Du hier.
• WinPatrol
  Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

• SpywareBlaster
  Eine kurze Einführung findest du Hier
• MVPs hosts file
  Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
• WOT (Web of trust)
  Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

• Opera
• Mozilla Firefox.
  • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
  • NoScript
    Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    
  • AdblockPlus
    Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
    Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts

• Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
• verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
• Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
• Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.