AVAST und Malwarebytes melden mehrere Funde

Dragon79 · 19.04.2014, 21:55

Hallo zusammen ich habe ein Problem und zwar habe ich Gestern und Heute einen Scan mit den beiden oben genannten Programmen gemacht.

Es handelt sich zwar nur um PUP-Programme aber dennoch möchte ich die los werden.
Komischerweise sind diese Funde Gestern schon unter Quarantäne gestellt worden, aber jetzt tauchen sie wieder auf

.

Würde mich freuen wenn mir jemand bei der Bereinigung behilflich wäre.

Hier mal die Log-Dateien von Malewarebytes:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 18.04.2014
Suchlauf-Zeit: 21:05:12
Logdatei: 18.04.14.txt
Administrator: Nein

Version: 2.00.1.1004
Malware Datenbank: v2014.04.18.07
Rootkit Datenbank: v2014.03.27.01
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: DTM

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 208981
Verstrichene Zeit: 45 Min, 9 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 28
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, Löschen bei Neustart, [8e41ea415b201c1a84ca2fe8fd05e917], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0400EBCA-042C-4000-AA89-9713FBEDB671}, Löschen bei Neustart, [c00f30fb2853b68064b372da669c7090], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\TypeLib\{FBC322D5-407E-4854-8C0B-555B951FD8E3}, In Quarantäne, [c9062407fb8072c431e63913eb17e61a], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0BD19251-4B4B-4B94-AB16-617106245BB7}, Löschen bei Neustart, [c9062407fb8072c431e63913eb17e61a], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}, Löschen bei Neustart, [c9062407fb8072c431e63913eb17e61a], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}, Löschen bei Neustart, [c9062407fb8072c431e63913eb17e61a], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{44B29DDD-CF7A-454A-A275-A322A398D93F}, Löschen bei Neustart, [c9062407fb8072c431e63913eb17e61a], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}, Löschen bei Neustart, [c9062407fb8072c431e63913eb17e61a], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}, Löschen bei Neustart, [c9062407fb8072c431e63913eb17e61a], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B2DB115C-8278-4947-9A07-57B53D1C4215}, Löschen bei Neustart, [c9062407fb8072c431e63913eb17e61a], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B97FC455-DB33-431D-84DB-6F1514110BD5}, Löschen bei Neustart, [c9062407fb8072c431e63913eb17e61a], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}, Löschen bei Neustart, [c9062407fb8072c431e63913eb17e61a], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E72E9312-0367-4216-BFC7-21485FA8390B}, Löschen bei Neustart, [c9062407fb8072c431e63913eb17e61a], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}, Löschen bei Neustart, [c9062407fb8072c431e63913eb17e61a], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}, Löschen bei Neustart, [c9062407fb8072c431e63913eb17e61a], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0BD19251-4B4B-4B94-AB16-617106245BB7}, Löschen bei Neustart, [c9062407fb8072c431e63913eb17e61a], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}, Löschen bei Neustart, [c9062407fb8072c431e63913eb17e61a], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}, Löschen bei Neustart, [c9062407fb8072c431e63913eb17e61a], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{44B29DDD-CF7A-454A-A275-A322A398D93F}, Löschen bei Neustart, [c9062407fb8072c431e63913eb17e61a], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}, Löschen bei Neustart, [c9062407fb8072c431e63913eb17e61a], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}, Löschen bei Neustart, [c9062407fb8072c431e63913eb17e61a], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B2DB115C-8278-4947-9A07-57B53D1C4215}, Löschen bei Neustart, [c9062407fb8072c431e63913eb17e61a], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B97FC455-DB33-431D-84DB-6F1514110BD5}, Löschen bei Neustart, [c9062407fb8072c431e63913eb17e61a], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}, Löschen bei Neustart, [c9062407fb8072c431e63913eb17e61a], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E72E9312-0367-4216-BFC7-21485FA8390B}, Löschen bei Neustart, [c9062407fb8072c431e63913eb17e61a], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}, Löschen bei Neustart, [c9062407fb8072c431e63913eb17e61a], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}, Löschen bei Neustart, [c9062407fb8072c431e63913eb17e61a], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TypeLib\{FBC322D5-407E-4854-8C0B-555B951FD8E3}, In Quarantäne, [468974b7cfacce6832e539136f938e72], 

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 19.04.2014
Suchlauf-Zeit: 22:23:07
Logdatei: 19.04.14.txt
Administrator: Nein

Version: 2.00.1.1004
Malware Datenbank: v2014.04.19.09
Rootkit Datenbank: v2014.03.27.01
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: DTM

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 208675
Verstrichene Zeit: 16 Min, 10 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 33
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\APPID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}, Löschen bei Neustart, [94a1b77538431521f02de86460a2827e], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}, Löschen bei Neustart, [94a1b77538431521f02de86460a2827e], 
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, Löschen bei Neustart, [ab8a66c6c5b61422f4c6d740ea18d52b], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}, Löschen bei Neustart, [3005929a3546ee481aba3a11c83a20e0], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0400EBCA-042C-4000-AA89-9713FBEDB671}, Löschen bei Neustart, [1c19ed3f601b3204245f1537b151f907], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\TypeLib\{FBC322D5-407E-4854-8C0B-555B951FD8E3}, In Quarantäne, [80b558d4ceaded49176cd27a20e2b34d], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0BD19251-4B4B-4B94-AB16-617106245BB7}, Löschen bei Neustart, [80b558d4ceaded49176cd27a20e2b34d], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}, Löschen bei Neustart, [80b558d4ceaded49176cd27a20e2b34d], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}, Löschen bei Neustart, [80b558d4ceaded49176cd27a20e2b34d], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{44B29DDD-CF7A-454A-A275-A322A398D93F}, Löschen bei Neustart, [80b558d4ceaded49176cd27a20e2b34d], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}, Löschen bei Neustart, [80b558d4ceaded49176cd27a20e2b34d], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}, Löschen bei Neustart, [80b558d4ceaded49176cd27a20e2b34d], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B2DB115C-8278-4947-9A07-57B53D1C4215}, Löschen bei Neustart, [80b558d4ceaded49176cd27a20e2b34d], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B97FC455-DB33-431D-84DB-6F1514110BD5}, Löschen bei Neustart, [80b558d4ceaded49176cd27a20e2b34d], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}, Löschen bei Neustart, [80b558d4ceaded49176cd27a20e2b34d], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E72E9312-0367-4216-BFC7-21485FA8390B}, Löschen bei Neustart, [80b558d4ceaded49176cd27a20e2b34d], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}, Löschen bei Neustart, [80b558d4ceaded49176cd27a20e2b34d], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}, Löschen bei Neustart, [80b558d4ceaded49176cd27a20e2b34d], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0BD19251-4B4B-4B94-AB16-617106245BB7}, Löschen bei Neustart, [80b558d4ceaded49176cd27a20e2b34d], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}, Löschen bei Neustart, [80b558d4ceaded49176cd27a20e2b34d], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}, Löschen bei Neustart, [80b558d4ceaded49176cd27a20e2b34d], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{44B29DDD-CF7A-454A-A275-A322A398D93F}, Löschen bei Neustart, [80b558d4ceaded49176cd27a20e2b34d], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}, Löschen bei Neustart, [80b558d4ceaded49176cd27a20e2b34d], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}, Löschen bei Neustart, [80b558d4ceaded49176cd27a20e2b34d], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B2DB115C-8278-4947-9A07-57B53D1C4215}, Löschen bei Neustart, [80b558d4ceaded49176cd27a20e2b34d], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B97FC455-DB33-431D-84DB-6F1514110BD5}, Löschen bei Neustart, [80b558d4ceaded49176cd27a20e2b34d], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}, Löschen bei Neustart, [80b558d4ceaded49176cd27a20e2b34d], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E72E9312-0367-4216-BFC7-21485FA8390B}, Löschen bei Neustart, [80b558d4ceaded49176cd27a20e2b34d], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}, Löschen bei Neustart, [80b558d4ceaded49176cd27a20e2b34d], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}, Löschen bei Neustart, [80b558d4ceaded49176cd27a20e2b34d], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TypeLib\{FBC322D5-407E-4854-8C0B-555B951FD8E3}, In Quarantäne, [221371bbbcbfdd59354e5af2f50d6898], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLCORE\mysearchdial, Löschen bei Neustart, [94a1dd4ffa8133034a7ebdd75ba87f81], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\mysearchdial, Löschen bei Neustart, [66cf3eeeb8c3eb4b2d1d93cd2ad804fc], 

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 11
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\mysearchdial, In Quarantäne, [1c193eeee9922d0949964f0f3dc52ad6], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\mysearchdial\icons_2.20.1.0, In Quarantäne, [1c193eeee9922d0949964f0f3dc52ad6], 
PUP.Optional.MySearchDial.A, C:\Program Files (x86)\Mysearchdial, Löschen bei Neustart, [66cf3eeeb8c3eb4b2d1d93cd2ad804fc], 
PUP.Optional.MySearchDial.A, C:\Program Files (x86)\Mysearchdial\1.8.29.0, Löschen bei Neustart, [66cf3eeeb8c3eb4b2d1d93cd2ad804fc], 
PUP.Optional.MySearchDial.A, C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh, Löschen bei Neustart, [66cf3eeeb8c3eb4b2d1d93cd2ad804fc], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\components, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\META-INF, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 

Dateien: 162
PUP.Optional.MySearchDial.A, C:\Program Files (x86)\Mysearchdial\1.8.29.0\Sqlite3.dll, Löschen bei Neustart, [66cf3eeeb8c3eb4b2d1d93cd2ad804fc], 
PUP.Optional.MySearchDial.A, C:\Program Files (x86)\Mysearchdial\1.8.29.0\uninst.dat, Löschen bei Neustart, [66cf3eeeb8c3eb4b2d1d93cd2ad804fc], 
PUP.Optional.MySearchDial.A, C:\Program Files (x86)\Mysearchdial\1.8.29.0\uninstall.exe, Löschen bei Neustart, [66cf3eeeb8c3eb4b2d1d93cd2ad804fc], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\chrome.manifest, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\install.rdf, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\components\FFDisp.dll, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\dpk.htm, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\hlprs.js, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\loader.xul, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\mtstart.js, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\mysearchdial.css, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\mysearchdial.xul, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\serp.js, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\tmplt.js, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\arwDwn.gif, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\closeo.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\help_16.gif, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\home.gif, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\icon_seperator.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\logo.PNG, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\privecy_16_hot.gif, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\sign.jpg, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\specialoffer.gif, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\tellafriend.gif, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\ae.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\bg.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\ch.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\cn.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\cz.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\de.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\eg.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\en.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\es.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\fr.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\gr.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\he.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\il.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\it.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\ja.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\jp.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\nl.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\no.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\pl.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\pt.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\ro.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\ru.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\sa.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\se.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\sv.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\tr.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\ua.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\us.png, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\META-INF\manifest.mf, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\META-INF\zigbert.rsa, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\extensions\ffxtlbr@mysearchdial.com\META-INF\zigbert.sf, In Quarantäne, [c86dc16b9fdcdc5aef071351e022ad53], 
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.AL", 2);), Ersetzt,[39fc56d64f2ca5918b9e9eb6be4618e8]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.aflt", "dvd_14_16_ff");), Ersetzt,[c174f933c9b2e94dd653b4a040c4c23e]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");), Ersetzt,[57de0329bbc0300650d9d183d62e48b8]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzuyEzzyD0DyCtDzyyD0CyB0A0DtA0DzzyEtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0FtBzytBzztG0C0A0AtCtG0E0FzyzytGzyyEtAyDtGyCzytD0C0EtBzy0EzzyCtB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEzzzy0C0C0FzyyDtG0E0Dzy0AtGyEzzyEzztGtB0C0DzztGtB0EtDyD0CtB0B0C0BtD0DtA2Q");), Ersetzt,[36ff929a780383b351d8f55f38cc38c8]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.cntry", "DE");), Ersetzt,[0c29b379552653e310194d07a65e728e]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.cr", "959352483");), Ersetzt,[1d1835f78af1a393ea3f57fddd2723dd]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.dfltLng", "");), Ersetzt,[3df86ac22a514de98c9d84d053b1a45c]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.dfltSrch", false);), Ersetzt,[7bba0626bbc04beb9d8c9cb8da2a0df3]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.dnsErr", true);), Ersetzt,[8fa63cf0fe7d979f4fda144054b00df3]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,1828564131,3396905322,2787570089,1850357963,3855095921,1516386922,3836221436,2015489896,270173904,3729539987,424611005,965674394,609003582,2041931190,3874294282,2774755777,931959409,398575749,3999997753,1104451911,1233863968,4280856088,1554076246,1949401179,1770772786,3253391265,3778438159,1649478750,2848156272,2476712966,3103989719,475488147,1715867073,3594694113,3774606882,4036647035,1593922001,4110151693,2941033654,3206511613");), Ersetzt,[b67f7ab25724ee4872b7361eb84ccb35]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.excTlbr", false);), Ersetzt,[181de14b2259e353b475a6ae917358a8]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.hdrMd5", "46FBFBD1323B350BC59BF91E1CBF0D49");), Ersetzt,[70c5cc60b3c854e261c8a8ace51f18e8]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.hmpg", false);), Ersetzt,[42f34ede95e648ee86a314401aea4db3]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearchdial.com/?f=1&a=dvd_14_16_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtDzyyD0CyB0A0DtA0DzzyEtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0FtBzytBzztG0C0A0AtCtG0E0FzyzytGzyyEtAyDtGyCzytD0C0EtBzy0EzzyCtB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEzzzy0C0C0FzyyDtG0E0Dzy0AtGyEzzyEzztGtB0C0DzztGtB0EtDyD0CtB0B0C0BtD0DtA2Q&cr=959352483&ir=");), Ersetzt,[260fc8641269122497928fc5bc48d62a]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.id", "485D6095C7AD3D84");), Ersetzt,[e05585a71f5cdf578d9c76deca3a27d9]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.instlDay", "16178");), Ersetzt,[9e9778b423587bbbf33670e412f21ee2]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.instlRef", "140305_a");), Ersetzt,[54e174b825560234ee3b70e4956f9967]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.lastB", "chrome://branding/locale/browserconfig.properties");), Ersetzt,[5bda61cbbebda096af7a1d37f90bfd03]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.lastVrsnTs", "1.8.29.022:38:56");), Ersetzt,[b28371bb98e368ce3eeb183c49bb38c8]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.newTabUrl", "http://start.mysearchdial.com/?f=2&a=dvd_14_16_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtDzyyD0CyB0A0DtA0DzzyEtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0FtBzytBzztG0C0A0AtCtG0E0FzyzytGzyyEtAyDtGyCzytD0C0EtBzy0EzzyCtB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEzzzy0C0C0FzyyDtG0E0Dzy0AtGyEzzyEzztGtB0C0DzztGtB0EtDyD0CtB0B0C0BtD0DtA2Q&cr=959352483&ir=");), Ersetzt,[c1741c101b60fc3ab0793b19c73d0cf4]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"95\",\"lastVrsn\":\"95\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");), Ersetzt,[3ff6be6e572462d4c168401425df639d]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.prdct", "mysearchdial");), Ersetzt,[ab8a4ce0f48785b123069eb69b696b95]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");), Ersetzt,[b77e4ede86f58fa701286de7c242629e]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.sg", "none");), Ersetzt,[0233f13b87f485b183a6ed674cb8ff01]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");), Ersetzt,[260fef3db1ca1224b57486ce947053ad]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.tlbrId", "base");), Ersetzt,[c66ffa326615e650f0395cf858acee12]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.tlbrSrchUrl", "http://start.mysearchdial.com/?f=3&a=dvd_14_16_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtDzyyD0CyB0A0DtA0DzzyEtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0FtBzytBzztG0C0A0AtCtG0E0FzyzytGzyyEtAyDtGyCzytD0C0EtBzy0EzzyCtB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEzzzy0C0C0FzyyDtG0E0Dzy0AtGyEzzyEzztGtB0C0DzztGtB0EtDyD0CtB0B0C0BtD0DtA2Q&cr=959352483&ir=&q=");), Ersetzt,[9a9b7eae7b00a88ed455450f27ddc937]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.vrsn", "1.8.29.0");), Ersetzt,[c66f220a0774b185f6330c48d331d729]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.vrsni", "1.8.29.0");), Ersetzt,[aa8bd95374077fb7d257b69e020252ae]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial_i.newTab", false);), Ersetzt,[a98c0329b8c347efa8817dd7fc0818e8]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial_i.smplGrp", "none");), Ersetzt,[cb6a0b218af13afcc762e96ba55f7987]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.022:38:56");), Ersetzt,[6ec783a92b509a9c06232331ab591ae6]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.hmpg", false);), Ersetzt,[191cae7ebac1bd79eb3fc1935aaa39c7]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearchdial.com/?f=1&a=dvd_14_16_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtDzyyD0CyB0A0DtA0DzzyEtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0FtBzytBzztG0C0A0AtCtG0E0FzyzytGzyyEtAyDtGyCzytD0C0EtBzy0EzzyCtB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEzzzy0C0C0FzyyDtG0E0Dzy0AtGyEzzyEzztGtB0C0DzztGtB0EtDyD0CtB0B0C0BtD0DtA2Q&cr=959352483&ir=");), Ersetzt,[56dff03c03782d09dc4eef659b69cc34]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.dfltSrch", false);), Ersetzt,[f045c567c2b9d3639199a9ab56ae2fd1]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");), Ersetzt,[7abb022a5922082e0723fc5815ef60a0]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.dnsErr", true);), Ersetzt,[c3722dff0e6d7db994962331f212827e]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial_i.newTab", false);), Ersetzt,[75c098945922d16548e26be97f85a35d]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.newTabUrl", "http://start.mysearchdial.com/?f=2&a=dvd_14_16_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtDzyyD0CyB0A0DtA0DzzyEtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0FtBzytBzztG0C0A0AtCtG0E0FzyzytGzyyEtAyDtGyCzytD0C0EtBzy0EzzyCtB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEzzzy0C0C0FzyyDtG0E0Dzy0AtGyEzzyEzztGtB0C0DzztGtB0EtDyD0CtB0B0C0BtD0DtA2Q&cr=959352483&ir=");), Ersetzt,[ec4913195e1d7bbb63c792c254b0a25e]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.tlbrSrchUrl", "http://start.mysearchdial.com/?f=3&a=dvd_14_16_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtDzyyD0CyB0A0DtA0DzzyEtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0FtBzytBzztG0C0A0AtCtG0E0FzyzytGzyyEtAyDtGyCzytD0C0EtBzy0EzzyCtB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEzzzy0C0C0FzyyDtG0E0Dzy0AtGyEzzyEzztGtB0C0DzztGtB0EtDyD0CtB0B0C0BtD0DtA2Q&cr=959352483&ir=&q=");), Ersetzt,[8fa6ab818deefa3c62c85103fd079e62]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.id", "485D6095C7AD3D84");), Ersetzt,[fc3944e8abd03df92109fd57bf45ee12]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.instlDay", "16178");), Ersetzt,[4bea63c9532840f688a24c088b799e62]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.vrsn", "1.8.29.0");), Ersetzt,[83b217152e4d0c2ac36756fe9371e61a]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.vrsni", "1.8.29.0");), Ersetzt,[b87d0626710add598aa076de08fc8878]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.022:38:56");), Ersetzt,[9d986bc1205b5adcb476fd575ea6619f]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");), Ersetzt,[3df88d9f99e2a096121888ccfb095fa1]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.prdct", "mysearchdial");), Ersetzt,[bf76d15bd3a80234ef3bb1a324e0f40c]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.aflt", "dvd_14_16_ff");), Ersetzt,[9b9af03c14676acc44e6db7910f4b34d]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial_i.smplGrp", "none");), Ersetzt,[e0556fbdc1ba64d271b96ee619eb857b]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.tlbrId", "base");), Ersetzt,[999c1c10b9c2b185002a97bd49bb2ed2]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.instlRef", "140305_a");), Ersetzt,[e451ad7f413a1a1c35f594c01be902fe]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.dfltLng", "");), Ersetzt,[80b59b91c3b84bebba70ce86679df20e]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");), Ersetzt,[bb7ae4483a41eb4bac7eb4a0659f18e8]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.excTlbr", false);), Ersetzt,[5adbf735057664d26bbf81d3e2223dc3]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.cr", "959352483");), Ersetzt,[a491a3894c2fb87e44e6fe560004c040]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzuyEzzyD0DyCtDzyyD0CyB0A0DtA0DzzyEtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0FtBzytBzztG0C0A0AtCtG0E0FzyzytGzyyEtAyDtGyCzytD0C0EtBzy0EzzyCtB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEzzzy0C0C0FzyyDtG0E0Dzy0AtGyEzzyEzztGtB0C0DzztGtB0EtDyD0CtB0B0C0BtD0DtA2Q");), Ersetzt,[77be0725f18a51e5af7bc78d12f2e020]
PUP.Optional.MySearchDial.A, C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.AL", 2);), Ersetzt,[94a1b973b2c9e65062c8292b8e76ed13]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.AL", 2);), Ersetzt,[ba7bf6361e5d9c9afc2d0153cd37a759]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.aflt", "dvd_14_16_ff");), Ersetzt,[7db844e8265551e558d10a4a0df7f40c]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");), Ersetzt,[44f1c765ed8e9d99f53430243dc7cf31]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzuyEzzyD0DyCtDzyyD0CyB0A0DtA0DzzyEtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0FtBzytBzztG0C0A0AtCtG0E0FzyzytGzyyEtAyDtGyCzytD0C0EtBzy0EzzyCtB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEzzzy0C0C0FzyyDtG0E0Dzy0AtGyEzzyEzztGtB0C0DzztGtB0EtDyD0CtB0B0C0BtD0DtA2Q");), Ersetzt,[999c0d1fb9c242f4e04965ef11f3659b]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.cr", "959352483");), Ersetzt,[9d984ddf641720165acf0f454db740c0]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.dfltLng", "");), Ersetzt,[bb7a9597dba062d469c03b1946be2bd5]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.dfltSrch", false);), Ersetzt,[e35256d63d3e0f27e544064ee0241fe1]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.dnsErr", true);), Ersetzt,[181d9e8ee497a492ff2a68ec907410f0]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.excTlbr", false);), Ersetzt,[f0450b216615b581b475173d56ae3ac6]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.hmpg", false);), Ersetzt,[2c091c10d8a393a3270283d156aed927]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearchdial.com/?f=1&a=dvd_14_16_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtDzyyD0CyB0A0DtA0DzzyEtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0FtBzytBzztG0C0A0AtCtG0E0FzyzytGzyyEtAyDtGyCzytD0C0EtBzy0EzzyCtB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEzzzy0C0C0FzyyDtG0E0Dzy0AtGyEzzyEzztGtB0C0DzztGtB0EtDyD0CtB0B0C0BtD0DtA2Q&cr=959352483&ir=");), Ersetzt,[ad88ea42bac1bf774edbf95ba06414ec]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.id", "485D6095C7AD3D84");), Ersetzt,[43f286a6b3c83402c564a6aea65e966a]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.instlDay", "16178");), Ersetzt,[37fe80ac93e84bebce5b252f877d02fe]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.instlRef", "140305_a");), Ersetzt,[7fb6210b83f8ef47f336262efc08b64a]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.newTabUrl", "http://start.mysearchdial.com/?f=2&a=dvd_14_16_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtDzyyD0CyB0A0DtA0DzzyEtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0FtBzytBzztG0C0A0AtCtG0E0FzyzytGzyyEtAyDtGyCzytD0C0EtBzy0EzzyCtB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEzzzy0C0C0FzyyDtG0E0Dzy0AtGyEzzyEzztGtB0C0DzztGtB0EtDyD0CtB0B0C0BtD0DtA2Q&cr=959352483&ir=");), Ersetzt,[6fc695972358ef47a089450f867e7789]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.prdct", "mysearchdial");), Ersetzt,[b481d7556813f3439396272d6c9809f7]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");), Ersetzt,[0134f13b364567cf68c1153f22e2c53b]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");), Ersetzt,[2015dc50a1dabf7764c558fc45bf18e8]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.tlbrId", "base");), Ersetzt,[3bfa55d7bcbf5cda88a17cd84eb629d7]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.tlbrSrchUrl", "http://start.mysearchdial.com/?f=3&a=dvd_14_16_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtDzyyD0CyB0A0DtA0DzzyEtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0FtBzytBzztG0C0A0AtCtG0E0FzyzytGzyyEtAyDtGyCzytD0C0EtBzy0EzzyCtB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEzzzy0C0C0FzyyDtG0E0Dzy0AtGyEzzyEzztGtB0C0DzztGtB0EtDyD0CtB0B0C0BtD0DtA2Q&cr=959352483&ir=&q=");), Ersetzt,[67ce36f6b0cb191dc267450f50b4b14f]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.vrsn", "1.8.29.0");), Ersetzt,[c76e9f8d443733031a0ffa5a29dbe917]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.vrsni", "1.8.29.0");), Ersetzt,[77be3eeeb0cb270f25043f150bf950b0]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial_i.newTab", false);), Ersetzt,[8aab5dcf017a91a5f5345bf934d0916f]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial_i.smplGrp", "none");), Ersetzt,[072ed25a1d5e84b256d3e17323e18c74]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.022:38:56");), Ersetzt,[b48118146f0c4de9042583d1a460936d]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.hmpg", false);), Ersetzt,[c17414182f4c6accce5c8dc7689c6f91]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearchdial.com/?f=1&a=dvd_14_16_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtDzyyD0CyB0A0DtA0DzzyEtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0FtBzytBzztG0C0A0AtCtG0E0FzyzytGzyyEtAyDtGyCzytD0C0EtBzy0EzzyCtB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEzzzy0C0C0FzyyDtG0E0Dzy0AtGyEzzyEzztGtB0C0DzztGtB0EtDyD0CtB0B0C0BtD0DtA2Q&cr=959352483&ir=");), Ersetzt,[c76e51dba6d557dff634f85c1be922de]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.dfltSrch", false);), Ersetzt,[55e0ed3fee8dc6705ad0054f7193b947]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");), Ersetzt,[8fa605271665dd59e04a0450b54f27d9]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.dnsErr", true);), Ersetzt,[91a479b3314a082e4ddd60f4ae56cb35]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial_i.newTab", false);), Ersetzt,[3ff6d05c463552e488a2cc8810f4758b]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.newTabUrl", "http://start.mysearchdial.com/?f=2&a=dvd_14_16_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtDzyyD0CyB0A0DtA0DzzyEtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0FtBzytBzztG0C0A0AtCtG0E0FzyzytGzyyEtAyDtGyCzytD0C0EtBzy0EzzyCtB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEzzzy0C0C0FzyyDtG0E0Dzy0AtGyEzzyEzztGtB0C0DzztGtB0EtDyD0CtB0B0C0BtD0DtA2Q&cr=959352483&ir=");), Ersetzt,[3ef748e46714ad8988a258fcfd077d83]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.tlbrSrchUrl", "http://start.mysearchdial.com/?f=3&a=dvd_14_16_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtDzyyD0CyB0A0DtA0DzzyEtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0FtBzytBzztG0C0A0AtCtG0E0FzyzytGzyyEtAyDtGyCzytD0C0EtBzy0EzzyCtB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEzzzy0C0C0FzyyDtG0E0Dzy0AtGyEzzyEzztGtB0C0DzztGtB0EtDyD0CtB0B0C0BtD0DtA2Q&cr=959352483&ir=&q=");), Ersetzt,[78bd6ac2de9db3837caecd8727dd2dd3]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.id", "485D6095C7AD3D84");), Ersetzt,[bf7617150e6df1450228aea64bb9ed13]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.instlDay", "16178");), Ersetzt,[bf766ac24e2d999d3eec68ec4fb5738d]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.vrsn", "1.8.29.0");), Ersetzt,[00350b21a2d98da9ef3bd77d11f307f9]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.vrsni", "1.8.29.0");), Ersetzt,[83b2a6869ae1cf676ebc1044788c9868]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.022:38:56");), Ersetzt,[d560be6e9ae13bfb032778dc7391d52b]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");), Ersetzt,[86af4edec2b9b1851b0f73e16d97b947]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.prdct", "mysearchdial");), Ersetzt,[a1941814304b6dc939f12f259272da26]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.aflt", "dvd_14_16_ff");), Ersetzt,[55e0200c1566270f65c56fe524e08a76]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial_i.smplGrp", "none");), Ersetzt,[bf76929acdae6bcbfc2e3a1a0202cd33]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.tlbrId", "base");), Ersetzt,[86af131980fb0d29f8322430768e629e]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.instlRef", "140305_a");), Ersetzt,[2d08e3496c0f7fb7df4b5ef6db2954ac]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.dfltLng", "");), Ersetzt,[ee47ce5e92e94aecc3676ce81aeaa858]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");), Ersetzt,[55e03fed7209999d84a679dbcc38cc34]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.excTlbr", false);), Ersetzt,[ae87a98383f83303002a1c38c34105fb]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.cr", "959352483");), Ersetzt,[fd38aa82136865d18c9e8acad92bb34d]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzuyEzzyD0DyCtDzyyD0CyB0A0DtA0DzzyEtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0Czz0FtBzytBzztG0C0A0AtCtG0E0FzyzytGzyyEtAyDtGyCzytD0C0EtBzy0EzzyCtB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEzzzy0C0C0FzyyDtG0E0Dzy0AtGyEzzyEzztGtB0C0DzztGtB0EtDyD0CtB0B0C0BtD0DtA2Q");), Ersetzt,[e94c1a1280fb61d553d7441022e248b8]
PUP.Optional.MySearchDial.A, C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.AL", 2);), Ersetzt,[86af66c6176485b1131769eb0afa60a0]

Physische Sektoren: 0
(No malicious items detected)


(end)

AVAST:

Code:

ATTFilter

*
* avast! Protokolldatei
* Diese Protokolldatei wurde automatisch erstellt
*
* Prüfungsname: Schnelle Überprüfung
* Start: Samstag, 19. April 2014 22:10:38
* VPS: 140419-3, 19.04.2014
*

C:\Program Files (x86)\Mysearchdial\1.8.29.0\uninstall.exe [L] Win32:Dropper-gen [Drp] (0)
Datei erfolgreich in Container verschoben...
Infizierte Dateien: 1
Dateien gesamt: 34565
Ordner gesamt: 24787
Gesamtgröße: 19,1 GB

*
* Prüfung beendet: Samstag, 19. April 2014 22:29:42
* Laufzeit war 19 Minute(n), 19 Sekunde(n)
*

cosinus · 19.04.2014, 21:58

Adware/Junkware/Toolbars entfernen

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Dragon79 · 19.04.2014, 22:02

Hallo cosinius,

AdwCleaner habe ich letztens auch mal durchlaufen gelassen.

Dann habe ich auf "löschen" geklickt und nach dem Neustart musste ich feststellen, das ein paar Programme nicht mehr funktioniert haben.

Soll ich das jetzt trotzdem machen?

cosinus · 19.04.2014, 22:05

Anders bekommt man die Adware nicht weg.

Dragon79 · 19.04.2014, 23:14

adwCleaner:

Code:

ATTFilter

# AdwCleaner v3.024 - Bericht erstellt am 19/04/2014 um 23:07:35
# Aktualisiert 18/04/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Carsten - CARSTEN-PC
# Gestartet von : C:\Users\DTM\Desktop\Toolbars und ungewünschte Programme entfernen\adwcleaner.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js
Datei Gefunden : C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js
Ordner Gefunden C:\Program Files (x86)\Mysearchdial
Ordner Gefunden C:\Users\DTM\AppData\Local\CrashRpt

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\InstallCore
Schlüssel Gefunden : HKCU\Software\mysearchdial
Schlüssel Gefunden : HKCU\Software\mysearchdial.com
Schlüssel Gefunden : [x64] HKCU\Software\InstallCore
Schlüssel Gefunden : [x64] HKCU\Software\mysearchdial
Schlüssel Gefunden : [x64] HKCU\Software\mysearchdial.com
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Schlüssel Gefunden : HKLM\Software\InstallCore
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}

***** [ Browser ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js ]

Zeile gefunden : user_pref("extensions.enabledAddons", "ffxtlbr%40mysearchdial.com:1.6.0,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0");

[ Datei : C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1874 octets] - [16/10/2013 15:54:45]
AdwCleaner[R1].txt - [3052 octets] - [05/11/2013 21:32:05]
AdwCleaner[R2].txt - [14977 octets] - [03/12/2013 22:45:46]
AdwCleaner[R3].txt - [1569 octets] - [21/12/2013 23:41:42]
AdwCleaner[R4].txt - [1912 octets] - [07/01/2014 18:08:35]
AdwCleaner[R5].txt - [2322 octets] - [02/02/2014 17:21:02]
AdwCleaner[R6].txt - [3419 octets] - [15/02/2014 18:46:20]
AdwCleaner[R7].txt - [2928 octets] - [09/04/2014 13:57:04]
AdwCleaner[R8].txt - [2856 octets] - [15/04/2014 19:17:43]
AdwCleaner[R9].txt - [4897 octets] - [19/04/2014 23:07:35]
AdwCleaner[S0].txt - [1840 octets] - [16/10/2013 15:57:19]
AdwCleaner[S1].txt - [2920 octets] - [05/11/2013 21:33:26]
AdwCleaner[S2].txt - [13587 octets] - [03/12/2013 22:46:54]
AdwCleaner[S3].txt - [1630 octets] - [21/12/2013 23:42:40]
AdwCleaner[S4].txt - [2337 octets] - [02/02/2014 17:21:53]
AdwCleaner[S5].txt - [2923 octets] - [15/04/2014 20:15:08]

########## EOF - \AdwCleaner\AdwCleaner[R9].txt - [5318 octets] ##########

JRT:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Carsten on 19.04.2014 at 23:35:10,57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Carsten\AppData\Roaming\mozilla\firefox\profiles\i87wetys.default\minidumps [2 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.04.2014 at 23:54:16,24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-04-2014
Ran by Carsten (administrator) on CARSTEN-PC on 20-04-2014 00:07:16
Running from C:\Users\DTM\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
(mst software GmbH, Germany) C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfsdkS64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(O&O Software GmbH) C:\Program Files\OO Software\DiskImage\oodiag.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe
(O&O Software GmbH) C:\Program Files\OO Software\DiskImage\ooditray.exe
() C:\Program Files (x86)\FeedReader30\feedreader.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHJE.EXE
(Polenter - Software Solutions) C:\Program Files (x86)\Desktop-Reminder 2\DesktopReminder2.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(Secure Banking) C:\Program Files (x86)\Secure Banking\SecureBanking.exe
() C:\Program Files (x86)\Secure Banking\sbservice.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [391296 2010-08-21] (Acronis)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Ashampoo HDD-Control 2 Guard] => C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe [3783592 2012-07-30] (Ashampoo Development GmbH & Co. KG)
HKLM\...\Run: [OODITRAY.EXE] => C:\Program Files\OO Software\DiskImage\ooditray.exe [5059880 2014-01-10] (O&O Software GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5493736 2010-08-21] (Acronis)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-25] (AVAST Software)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-01-29] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-897203139-1112560925-3423631613-1000\...\Run: [SecureBanking] => C:\Program Files (x86)\Secure Banking\SecureBanking.exe [507904 2013-06-30] (Secure Banking)
HKU\S-1-5-21-897203139-1112560925-3423631613-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-897203139-1112560925-3423631613-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [831488 2013-12-13] (ZONER software)
HKU\S-1-5-21-897203139-1112560925-3423631613-1000\...\Run: [Zoner Photo Studio Service 16] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe [27648 2013-12-13] ()
HKU\S-1-5-21-897203139-1112560925-3423631613-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-01-29] (Samsung)
HKU\S-1-5-21-897203139-1112560925-3423631613-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-897203139-1112560925-3423631613-1000\...\Run: [DesktopReminder2ByPolenter] => C:\Program Files (x86)\Desktop-Reminder 2\DesktopReminder2.exe [2743344 2013-01-06] (Polenter - Software Solutions)
HKU\S-1-5-21-897203139-1112560925-3423631613-1000\...\MountPoints2: {93431013-6770-11e2-9859-806e6f6e6963} - D:\InstallNavi.exe
HKU\S-1-5-21-897203139-1112560925-3423631613-1001\...\Run: [feedreader.exe] => C:\Program Files (x86)\FeedReader30\feedreader.exe [2058240 2009-03-29] ()
HKU\S-1-5-21-897203139-1112560925-3423631613-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
HKU\S-1-5-21-897203139-1112560925-3423631613-1001\...\Run: [Aufgaben] => C:\Program Files (x86)\Holliesoft\Aufgaben\Aufgaben.exe
HKU\S-1-5-21-897203139-1112560925-3423631613-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-897203139-1112560925-3423631613-1001\...\Run: [DesktopReminder2ByPolenter] => C:\Program Files (x86)\Desktop-Reminder 2\DesktopReminder2.exe [2743344 2013-01-06] (Polenter - Software Solutions)
HKU\S-1-5-21-897203139-1112560925-3423631613-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [831488 2013-12-13] (ZONER software)
HKU\S-1-5-21-897203139-1112560925-3423631613-1001\...\MountPoints2: {70da489a-fec2-11e2-81e1-20cf30c6160e} - E:\IRDApp.exe http://www.iradiopop.com/IRD/pages/register.do?fx=visit
Startup: C:\Users\DTM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Secure Banking.lnk
ShortcutTarget: Secure Banking.lnk -> C:\Program Files (x86)\Secure Banking\SecureBanking.exe (Secure Banking)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2B7E588486FBCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM - DefaultScope value is missing.
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll ( )
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-01-26]

==================== Services (Whitelisted) =================

S4 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-02-10] (Adobe Systems)
R2 AHDDC2; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-25] (AVAST Software)
R2 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1876816 2014-04-09] (SurfRight B.V.)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2153792 2014-03-19] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-07-26] (Nitro PDF Software)
R2 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [6337832 2014-01-10] (O&O Software GmbH)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1657128 2014-01-24] (O&O Software GmbH)
S2 NitroDriverReadSpool9; "C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe" [X]
S2 nlsX86cc; C:\Windows\SysWOW64\NLSSRV32.EXE [X]

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-03-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-03-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-03-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-03-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-03-25] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-03-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-03-25] ()
R2 hmpalert; C:\Windows\System32\drivers\hmpalert.sys [93144 2014-04-09] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [255680 2013-11-05] (O&O Software GmbH)
R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44736 2013-11-05] (O&O Software GmbH)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-04-07] (Duplex Secure Ltd.)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-17] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-17] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon)
S3 cleanhlp; \??\F:\Emsisoft Emergency Kit (Viren Scanner portable)\Run\cleanhlp64.sys [X]
S3 keycrypt; system32\DRIVERS\KeyCrypt64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-20 00:07 - 2014-04-20 00:07 - 00014814 _____ () C:\Users\DTM\Desktop\FRST.txt
2014-04-20 00:06 - 2014-04-20 00:07 - 00000000 ____D () C:\FRST
2014-04-20 00:05 - 2014-04-20 00:06 - 02055680 _____ (Farbar) C:\Users\DTM\Desktop\FRST64.exe
2014-04-20 00:04 - 2014-04-19 23:36 - 00005464 _____ () C:\Users\DTM\Desktop\AdwCleaner[R9].txt
2014-04-20 00:03 - 2014-04-19 23:54 - 00000894 _____ () C:\Users\DTM\Desktop\JRT.txt
2014-04-20 00:02 - 2014-04-20 00:02 - 00000000 ____D () C:\Users\Carsten\AppData\Roaming\DesktopReminder
2014-04-20 00:01 - 2014-04-20 00:02 - 00000000 ____D () C:\Users\Carsten\Documents\DesktopReminder
2014-04-20 00:01 - 2014-04-20 00:01 - 00000000 ____D () C:\Users\Carsten\AppData\Local\Polenter_-_Software_Solut
2014-04-19 23:37 - 2014-04-19 23:37 - 00000000 ____D () C:\Users\DTM\AppData\Local\CrashRpt
2014-04-19 23:22 - 2014-04-19 23:22 - 01016261 _____ (Thisisu) C:\Users\DTM\Desktop\JRT.exe
2014-04-18 22:45 - 2014-04-18 22:45 - 00000000 ____D () C:\Users\DTM\Desktop\Bergehalde Himmel 18.04.14
2014-04-18 21:29 - 2014-04-18 21:29 - 00000000 ____D () C:\Users\DTM\Desktop\Wiederspruch ALG 2
2014-04-18 21:15 - 2014-04-19 22:32 - 00000000 ____D () C:\Users\DTM\Desktop\Malwarebytes Log Datei
2014-04-16 19:37 - 2014-04-20 00:01 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-16 19:37 - 2014-04-16 19:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-16 19:37 - 2014-04-16 19:37 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-16 19:37 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-16 19:37 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-16 19:37 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-13 21:25 - 2014-04-13 21:25 - 00000000 ____D () C:\Users\DTM\Downloads\Fotosoftware
2014-04-10 19:45 - 2014-04-10 19:45 - 00000000 ____D () C:\Users\DTM\Desktop\Ring Card
2014-04-09 13:44 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 13:44 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 13:44 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 13:44 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 13:44 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 13:44 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 13:44 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 13:44 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 13:44 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 13:44 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 13:44 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 13:44 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 13:44 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 13:44 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 13:44 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 13:44 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 13:44 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-08 13:45 - 2014-04-08 13:46 - 08940095 _____ () C:\Users\DTM\Desktop\Die Grüne Hölle.mp4
2014-04-07 21:39 - 2014-04-07 21:39 - 00000000 ____D () C:\Users\DTM\AppData\Local\AquaSoft
2014-04-07 16:05 - 2014-04-18 23:01 - 00000000 ____D () C:\Users\DTM\Downloads\Sonnenuntergänge Trauer
2014-04-05 20:25 - 2014-04-19 23:58 - 00002950 _____ () C:\Windows\System32\Tasks\OO DiskImage {71f57001-bbc8-4dd2-9f24-35d049457fb1}
2014-04-05 20:25 - 2014-04-19 23:58 - 00000476 _____ () C:\Windows\Tasks\OO DiskImage {71f57001-bbc8-4dd2-9f24-35d049457fb1}.job
2014-04-05 09:16 - 2014-04-05 09:22 - 00000000 ____D () C:\Users\DTM\Desktop\Lieder Mutti Stick
2014-03-31 21:35 - 2014-03-31 21:43 - 00000000 ____D () C:\Users\DTM\Downloads\Datenrettung
2014-03-30 20:08 - 2014-04-13 18:40 - 00000000 ____D () C:\Users\DTM\Desktop\VLN 2014 (Racing News)
2014-03-28 21:48 - 2014-04-07 21:02 - 00000000 ____D () C:\Users\DTM\Desktop\Video Doku (Angstdiagnose Krebs)
2014-03-26 01:14 - 2014-03-26 01:15 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-03-25 20:58 - 2014-03-25 21:32 - 220602368 _____ () C:\Users\DTM\Downloads\LibreOffice_4.2.2_Win_x86.msi
2014-03-25 01:18 - 2014-03-25 01:18 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-23 23:51 - 2014-03-23 23:51 - 01982184 _____ () C:\Users\DTM\Downloads\VLN Test- und Einstellfahrten Nordschleife Rowe Sls Heavy Cr.mp4
2014-03-23 23:44 - 2014-03-23 23:49 - 24936951 _____ () C:\Users\DTM\Downloads\VLN Test- und Einstellfahrten 2014.mp4
2014-03-21 23:01 - 2014-04-08 18:52 - 00000000 ____D () C:\Users\DTM\Desktop\VLN 2014
2014-03-21 22:56 - 2014-03-21 22:56 - 00000000 ____D () C:\Users\DTM\Desktop\VLN 2014 Boxenbelegungsplan

==================== One Month Modified Files and Folders =======

2014-04-20 00:07 - 2014-04-20 00:07 - 00014814 _____ () C:\Users\DTM\Desktop\FRST.txt
2014-04-20 00:07 - 2014-04-20 00:06 - 00000000 ____D () C:\FRST
2014-04-20 00:06 - 2014-04-20 00:05 - 02055680 _____ (Farbar) C:\Users\DTM\Desktop\FRST64.exe
2014-04-20 00:05 - 2009-07-14 06:45 - 00014928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-20 00:05 - 2009-07-14 06:45 - 00014928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-20 00:03 - 2013-01-26 19:48 - 00000000 ____D () C:\Users\DTM\AppData\Roaming\Macromedia
2014-04-20 00:02 - 2014-04-20 00:02 - 00000000 ____D () C:\Users\Carsten\AppData\Roaming\DesktopReminder
2014-04-20 00:02 - 2014-04-20 00:01 - 00000000 ____D () C:\Users\Carsten\Documents\DesktopReminder
2014-04-20 00:01 - 2014-04-20 00:01 - 00000000 ____D () C:\Users\Carsten\AppData\Local\Polenter_-_Software_Solut
2014-04-20 00:01 - 2014-04-16 19:37 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-20 00:01 - 2013-12-22 01:29 - 02082639 _____ () C:\Windows\WindowsUpdate.log
2014-04-19 23:59 - 2014-02-11 21:57 - 00000000 ____D () C:\Users\DTM\Documents\DesktopReminder
2014-04-19 23:58 - 2014-04-05 20:25 - 00002950 _____ () C:\Windows\System32\Tasks\OO DiskImage {71f57001-bbc8-4dd2-9f24-35d049457fb1}
2014-04-19 23:58 - 2014-04-05 20:25 - 00000476 _____ () C:\Windows\Tasks\OO DiskImage {71f57001-bbc8-4dd2-9f24-35d049457fb1}.job
2014-04-19 23:58 - 2014-02-10 23:07 - 00009007 _____ () C:\Windows\setupact.log
2014-04-19 23:58 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-19 23:54 - 2014-04-20 00:03 - 00000894 _____ () C:\Users\DTM\Desktop\JRT.txt
2014-04-19 23:37 - 2014-04-19 23:37 - 00000000 ____D () C:\Users\DTM\AppData\Local\CrashRpt
2014-04-19 23:36 - 2014-04-20 00:04 - 00005464 _____ () C:\Users\DTM\Desktop\AdwCleaner[R9].txt
2014-04-19 23:35 - 2013-01-26 19:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-19 23:22 - 2014-04-19 23:22 - 01016261 _____ (Thisisu) C:\Users\DTM\Desktop\JRT.exe
2014-04-19 23:08 - 2013-10-16 15:54 - 00000000 ____D () C:\AdwCleaner
2014-04-19 23:03 - 2013-01-27 21:28 - 00000000 ___RD () C:\Users\DTM\Desktop\Toolbars und ungewünschte Programme entfernen
2014-04-19 22:35 - 2013-01-26 20:04 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-19 22:32 - 2014-04-18 21:15 - 00000000 ____D () C:\Users\DTM\Desktop\Malwarebytes Log Datei
2014-04-19 22:23 - 2014-03-19 18:29 - 00000000 ____D () C:\Windows\CryptoGuard
2014-04-19 22:06 - 2013-01-26 19:01 - 00000000 ____D () C:\Users\DTM\AppData\Roaming\Nitro PDF
2014-04-19 22:06 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-04-18 23:10 - 2013-01-27 00:48 - 00000000 ____D () C:\Users\DTM\AppData\Roaming\vlc
2014-04-18 23:01 - 2014-04-07 16:05 - 00000000 ____D () C:\Users\DTM\Downloads\Sonnenuntergänge Trauer
2014-04-18 22:45 - 2014-04-18 22:45 - 00000000 ____D () C:\Users\DTM\Desktop\Bergehalde Himmel 18.04.14
2014-04-18 22:34 - 2014-02-02 05:11 - 00000000 ____D () C:\Users\DTM\Downloads\Youtube Downloader
2014-04-18 21:29 - 2014-04-18 21:29 - 00000000 ____D () C:\Users\DTM\Desktop\Wiederspruch ALG 2
2014-04-18 21:28 - 2013-01-26 19:06 - 00000000 ____D () C:\Users\DTM\Desktop\Handbücher
2014-04-18 19:51 - 2014-01-14 00:25 - 00000000 ____D () C:\Users\DTM\Desktop\Verkauf
2014-04-16 22:07 - 2013-04-26 14:23 - 00000000 ____D () C:\Users\DTM\AppData\Local\CrashDumps
2014-04-16 19:56 - 2013-01-26 07:23 - 00095288 _____ () C:\Users\Carsten\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-16 19:41 - 2014-03-16 15:40 - 00034500 _____ () C:\Windows\PFRO.log
2014-04-16 19:37 - 2014-04-16 19:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-16 19:37 - 2014-04-16 19:37 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-16 19:37 - 2009-07-14 19:58 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-04-16 19:37 - 2009-07-14 19:58 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-04-16 19:37 - 2009-07-14 07:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-16 19:34 - 2013-01-31 01:26 - 00001264 _____ () C:\Users\Carsten\Desktop\Revo Uninstaller.lnk
2014-04-16 19:34 - 2013-01-27 00:59 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-15 20:16 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-15 16:05 - 2013-11-15 00:26 - 00000000 ____D () C:\ProgramData\ProductData
2014-04-14 18:53 - 2013-08-07 23:18 - 00000000 ____D () C:\Users\DTM\Downloads\Sprüche Und Video
2014-04-13 21:25 - 2014-04-13 21:25 - 00000000 ____D () C:\Users\DTM\Downloads\Fotosoftware
2014-04-13 19:03 - 2013-02-05 21:00 - 00000000 ____D () C:\Users\DTM\AppData\Local\photoOptimizeHistoryDataBase
2014-04-13 18:40 - 2014-03-30 20:08 - 00000000 ____D () C:\Users\DTM\Desktop\VLN 2014 (Racing News)
2014-04-10 19:45 - 2014-04-10 19:45 - 00000000 ____D () C:\Users\DTM\Desktop\Ring Card
2014-04-09 20:09 - 2014-03-19 18:29 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-04-09 19:33 - 2014-03-19 18:29 - 00548424 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-04-09 19:33 - 2014-03-19 18:29 - 00477008 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-04-09 19:33 - 2014-03-19 18:29 - 00093144 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-04-08 20:26 - 2013-11-13 22:33 - 00000000 ____D () C:\Users\Carsten\AppData\Local\Adobe
2014-04-08 20:25 - 2013-01-26 19:48 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-08 20:25 - 2013-01-26 19:48 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-08 20:25 - 2013-01-26 19:48 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-08 18:52 - 2014-03-21 23:01 - 00000000 ____D () C:\Users\DTM\Desktop\VLN 2014
2014-04-08 13:46 - 2014-04-08 13:45 - 08940095 _____ () C:\Users\DTM\Desktop\Die Grüne Hölle.mp4
2014-04-07 21:39 - 2014-04-07 21:39 - 00000000 ____D () C:\Users\DTM\AppData\Local\AquaSoft
2014-04-07 21:39 - 2013-04-30 15:36 - 00386680 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2014-04-07 21:33 - 2013-01-26 06:32 - 00000000 ____D () C:\Users\Carsten
2014-04-07 21:02 - 2014-03-28 21:48 - 00000000 ____D () C:\Users\DTM\Desktop\Video Doku (Angstdiagnose Krebs)
2014-04-07 18:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-05 09:22 - 2014-04-05 09:16 - 00000000 ____D () C:\Users\DTM\Desktop\Lieder Mutti Stick
2014-04-03 09:51 - 2014-04-16 19:37 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-16 19:37 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-16 19:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 21:43 - 2014-03-31 21:35 - 00000000 ____D () C:\Users\DTM\Downloads\Datenrettung
2014-03-31 21:32 - 2013-01-28 02:14 - 00000000 ____D () C:\Users\DTM\Desktop\LibreOffice Vorlagen
2014-03-28 21:49 - 2014-03-17 21:36 - 00000000 ____D () C:\Users\DTM\Desktop\Unheilig noch auf stick
2014-03-28 21:44 - 2013-01-31 04:09 - 00000000 ____D () C:\FFOutput
2014-03-28 21:29 - 2013-01-29 02:12 - 00000000 ____D () C:\Users\DTM\Desktop\MozBackup´s
2014-03-28 21:00 - 2013-01-26 17:36 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-26 20:20 - 2013-01-26 21:15 - 00095288 _____ () C:\Users\DTM\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-26 20:19 - 2009-07-14 06:45 - 00392216 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-26 01:15 - 2014-03-26 01:14 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-03-25 21:32 - 2014-03-25 20:58 - 220602368 _____ () C:\Users\DTM\Downloads\LibreOffice_4.2.2_Win_x86.msi
2014-03-25 01:18 - 2014-03-25 01:18 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-25 01:18 - 2013-12-27 23:07 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-03-25 01:18 - 2013-02-28 20:11 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-25 01:18 - 2013-02-28 20:11 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-25 01:18 - 2013-01-26 20:04 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-25 01:18 - 2013-01-26 20:04 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-03-25 01:18 - 2013-01-26 20:04 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-25 01:18 - 2013-01-26 20:04 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-03-25 01:18 - 2013-01-26 20:04 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-23 23:51 - 2014-03-23 23:51 - 01982184 _____ () C:\Users\DTM\Downloads\VLN Test- und Einstellfahrten Nordschleife Rowe Sls Heavy Cr.mp4
2014-03-23 23:49 - 2014-03-23 23:44 - 24936951 _____ () C:\Users\DTM\Downloads\VLN Test- und Einstellfahrten 2014.mp4
2014-03-23 22:18 - 2013-08-11 16:46 - 00000000 ____D () C:\Users\DTM\Desktop\Ebay Autogrammkarten (Verkauf)
2014-03-21 22:56 - 2014-03-21 22:56 - 00000000 ____D () C:\Users\DTM\Desktop\VLN 2014 Boxenbelegungsplan
2014-03-21 22:32 - 2013-04-28 02:45 - 00000000 ____D () C:\ProgramData\ACD Systems
2014-03-21 22:30 - 2013-04-28 02:38 - 00000000 ____D () C:\Users\Carsten\AppData\Local\Downloaded Installations

Some content of TEMP:
====================
C:\Users\Carsten\AppData\Local\Temp\ICReinstall_FreeYouTubeDownload.exe
C:\Users\Carsten\AppData\Local\Temp\VSUSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-07 18:00

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-04-2014
Ran by Carsten at 2014-04-20 00:08:09
Running from C:\Users\DTM\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Acronis*True*Image*Home 2011 (HKLM-x32\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.5105 - Acronis)
Adobe Bridge 1.0 (x32 Version: 001.000.001 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.001 - Adobe System Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
AMD APP SDK Runtime (Version: 2.4.595.1 - Advanced Micro Devices Inc.) Hidden
Ashampoo Burning Studio 14 v.14.0.1 (HKLM-x32\...\{91B33C97-7BCF-CDFE-4321-58EBF3E8641C}_is1) (Version: 14.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo HDD Control 2 v.2.1.0 (HKLM-x32\...\Ashampoo HDD Control 2_is1) (Version: 2.1.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 11 v.11.0.1 (HKLM-x32\...\{0A11EA01-0F9C-8526-5DF1-0A2FD0FB33D9}_is1) (Version: 11.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer 5 v.5.0.2 (HKLM-x32\...\Ashampoo Photo Optimizer 5_is1) (Version: 5.0.2 - Ashampoo GmbH & Co. KG)
Ashampoo Slideshow Studio HD 2 v.2.0.6 (HKLM-x32\...\{91B33C97-C201-47CC-5004-C35C8472437F}_is1) (Version: 2.0.6 - Ashampoo GmbH & Co. KG)
Ashampoo Slideshow Studio HD 3 v.3.0.1 (HKLM-x32\...\{91B33C97-16DF-4A79-3990-449F9E068D76}_is1) (Version: 3.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo Slideshow Studio HD 3 v.3.0.2 (HKLM-x32\...\{91B33C97-0CE8-6ABD-1CF4-0DAF2CCF492A}_is1) (Version: 3.0.2 - Ashampoo GmbH & Co. KG)
ATI AVIVO64 Codecs (Version: 11.6.0.10309 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{363836F9-D52D-8976-EC20-8C6965A4D045}) (Version: 3.0.820.0 - ATI Technologies, Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0009 - ASUS)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2016 - Avast Software)
Azteca (HKLM-x32\...\Azteca_is1) (Version: 1.0 - Media Contact LLC)
Benutzerhandbuch EPSON SX130 Series (HKLM-x32\...\EPSON SX130 Series Useg) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center (x32 Version: 2011.0309.2206.39672 - Ihr Firmenname) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0309.2206.39672 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0309.2206.39672 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help English (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help French (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help German (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
ccc-utility64 (Version: 2011.0309.2206.39672 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.127.0.63 - Conexant)
Desktop-Reminder 2 (HKLM-x32\...\Desktop-Reminder 2) (Version: 2.56 - Polenter - Software Solutions)
Desktop-Reminder 2 (x32 Version: 2.56 - Polenter - Software Solutions) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX130 Series Printer Uninstall (HKLM\...\EPSON SX130 Series) (Version:  - SEIKO EPSON Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ETDWare PS/2-x64 7.0.5.11_WHQL (HKLM\...\Elantech) (Version: 7.0.5.11 - ELAN Microelectronics Corp.)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
FeedReader (HKLM-x32\...\FeedReader_is1) (Version:  - i-Systems Inc.)
FileWing (HKLM-x32\...\FileWing_is1) (Version: 2.3 - Abelssoft)
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
Free YouTube Download version 3.2.20.1230 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
Führerschein 2012-2013 Installation & Registrierung (HKLM-x32\...\{E0A5D44A-FBDD-449D-82DF-78273CB86D6D}_is1) (Version:  - Abamsoft, dadagoo GmbH)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.)
Inpaint 4.5 (HKLM-x32\...\{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1) (Version:  - Teorex)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.2.9.10 - IObit)
JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.27.6 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.)
LibreOffice 4.2.2.1 (HKLM-x32\...\{0ECDB550-79ED-4E9E-851B-19A8B2B4EBFA}) (Version: 4.2.2.1 - The Document Foundation)
Light Image Resizer 4.4.1.0 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.4.1.0 - ObviousIdea)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 24.0.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.0.1 (x86 de)) (Version: 24.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Multimedia-Führerschein & Verkehr 2012-13 (HKLM-x32\...\{EFE197C2-C6C7-47F9-A735-245D35D56E45}) (Version: 1.00.0000 - bhv)
Nitro Pro 7 (HKLM\...\{1FD29C34-110D-43E8-8261-8A358E4E7204}) (Version: 7.5.0.22 - Nitro PDF Software)
O&O Defrag Professional (HKLM\...\{253C418F-F466-4303-86C5-68E656A65551}) (Version: 17.0.504 - O&O Software GmbH)
O&O DiskImage Professional (HKLM\...\{E6B8311A-1E4B-4B47-83D3-57178800B8A6}) (Version: 8.0.78 - O&O Software GmbH)
Opera Stable 20.0.1387.91 (HKLM-x32\...\Opera 20.0.1387.91) (Version: 20.0.1387.91 - Opera Software ASA)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Paragon Backup & Recovery™ 2012 Free (HKLM-x32\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Perfect Effects 4.0.4 (HKLM-x32\...\{385E6A4D-A440-43E2-9BAF-A012FB5FC2E2}) (Version: 4.0.4 - onOne Software)
PhotoFiltre 7 (HKCU\...\PhotoFiltre 7) (Version:  - )
Photomatix Pro version 4.2.6 (HKLM-x32\...\PhotomatixPro42x32_is1) (Version: 4.2.6 - HDRsoft Ltd)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Secure Banking Version 1.5.1 (HKLM-x32\...\{207E9B74-F4D3-4FD7-8142-16FF41825BC4}_is1) (Version: 1.5.1 - Hopfgartner Niklas)
Steganos Safe 2012 (HKLM-x32\...\{FADC3DC0-BCD9-4F6A-BB9D-360D695C5791}) (Version: 13.0.5 - Steganos Software GmbH)
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
SugarBook 4.0 (HKLM-x32\...\SugarBook4_is1) (Version:  - Lars Lakomski)
TomTom HOME (HKLM-x32\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
VIS (HKLM-x32\...\VIS) (Version:  - ) <==== ATTENTION
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
waterMark V2 (HKLM-x32\...\waterMark V2) (Version:  - )
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_DE_is1) (Version: 16.0.1.5 - ZONER software)

==================== Restore Points  =========================

09-04-2014 11:45:06 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0851E440-191F-4ABB-B1CC-B75ABC498154} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-03-19] (IObit)
Task: {0E74798E-5787-40D6-9F0B-B42585A9A255} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {4F60C7ED-373B-437D-B6EA-9C99B4CA8023} - \MySearchDial ATTENTION ====> No Task File
Task: {52FC51D5-43FB-4DC2-BA1B-D9FA7563AC26} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-03-25] (AVAST Software)
Task: {9A05CB73-B915-476E-899A-7D6CBA114ADC} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {E3078653-27FC-43BD-A8E7-90817A57E47F} - System32\Tasks\OO DiskImage {71f57001-bbc8-4dd2-9f24-35d049457fb1} => C:\Program Files\OO Software\DiskImage\oodiag.exe [2014-01-10] (O&O Software GmbH)
Task: {FBA05D17-55FD-4098-9FFD-54851BD053D8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-08] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\OO DiskImage {71f57001-bbc8-4dd2-9f24-35d049457fb1}.job => C:\Program Files\OO Software\DiskImage\oodiag.exe

==================== Loaded Modules (whitelisted) =============

2013-01-30 23:37 - 2012-07-30 11:48 - 01518504 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
2014-01-10 19:55 - 2014-01-10 19:55 - 00344872 _____ () C:\Program Files\OO Software\DiskImage\oodishrs.dll
2012-10-29 17:45 - 2012-10-29 17:45 - 00220672 _____ () C:\Program Files (x86)\Steganos Safe 2012\ShellExtension.dll
2012-07-26 21:26 - 2012-07-26 21:26 - 00108040 _____ () C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NPShellExtension64.dll
2014-01-10 19:55 - 2014-01-10 19:55 - 00326440 _____ () C:\Program Files\OO Software\DiskImage\oodiagrs.dll
2014-01-10 19:56 - 2014-01-10 19:56 - 00069928 _____ () C:\Program Files\OO Software\DiskImage\oodiagpsx64.dll
2014-01-10 19:55 - 2014-01-10 19:55 - 00553768 _____ () C:\Program Files\OO Software\DiskImage\ooditrrs.dll
2013-02-02 21:12 - 2009-03-29 12:30 - 02058240 _____ () C:\Program Files (x86)\FeedReader30\feedreader.exe
2013-01-26 21:53 - 2013-06-30 17:54 - 00002560 _____ () C:\Program Files (x86)\Secure Banking\sbservice.exe
2011-03-14 15:21 - 2011-03-14 15:21 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-03-10 00:05 - 2011-03-10 00:05 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-04-19 22:06 - 2014-04-19 22:06 - 02215424 _____ () C:\Program Files\AVAST Software\Avast\defs\14041903\algo.dll
2012-01-23 23:00 - 2012-01-23 23:00 - 00015872 _____ () C:\Program Files (x86)\Desktop-Reminder 2\de\DevExpress.XtraBars.v11.1.resources.dll
2012-01-23 23:00 - 2012-01-23 23:00 - 00061440 _____ () C:\Program Files (x86)\Desktop-Reminder 2\de\DevExpress.XtraEditors.v11.1.resources.dll
2012-01-23 23:00 - 2012-01-23 23:00 - 00053248 _____ () C:\Program Files (x86)\Desktop-Reminder 2\de\DevExpress.XtraScheduler.v11.1.Core.resources.dll
2012-01-23 23:00 - 2012-01-23 23:00 - 00016384 _____ () C:\Program Files (x86)\Desktop-Reminder 2\de\DevExpress.XtraScheduler.v11.1.Extensions.resources.dll
2012-01-23 23:00 - 2012-01-23 23:00 - 00010240 _____ () C:\Program Files (x86)\Desktop-Reminder 2\de\DevExpress.XtraLayout.v11.1.resources.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2013-01-26 21:53 - 2013-06-30 17:54 - 00017920 _____ () C:\Program Files (x86)\Secure Banking\SecureBanking.dll
2013-01-26 21:53 - 2013-06-30 17:54 - 00008704 _____ () C:\Program Files (x86)\Secure Banking\funcs.dll
2013-10-15 17:49 - 2013-10-15 17:49 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-18 19:32 - 2014-03-18 19:32 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:nlsPreferences

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: ABBYY.Licensing.FineReader.Sprint.9.0 => 2
MSCONFIG\Services: Adobe LM Service => 3
MSCONFIG\Services: Video downloader Updater => 2
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WinDefend => 2
MSCONFIG\startupfolder: C:^Users^Carsten^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.Startup
MSCONFIG\startupreg: SAFE2012 File Redirection Starter => "C:\Program Files (x86)\Steganos Safe 2012\fredirstarter.exe"
MSCONFIG\startupreg: SAFE2012 HotKeys => "C:\Program Files (x86)\Steganos Safe 2012\SteganosHotKeyService.exe"
MSCONFIG\startupreg: WinPatrol => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
MSCONFIG\startupreg: Zoner Photo Studio Service 16 => "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe"

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/20/2014 00:04:39 AM) (Source: Windows Search Service) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-897203139-1112560925-3423631613-1001}/">.

Error: (04/19/2014 11:57:51 PM) (Source: AHDDC2_Service.exe) (User: )
Description: Cannot terminate an externally created thread


System errors:
=============
Error: (04/19/2014 11:58:34 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Nalpeiron Licensing Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/19/2014 11:58:34 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NitroPDFDriverCreatorReadSpool9" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/19/2014 11:57:41 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (04/19/2014 11:55:43 PM) (Source: DCOM) (User: )
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}


Microsoft Office Sessions:
=========================
Error: (04/20/2014 00:04:39 AM) (Source: Windows Search Service)(User: )
Description: 300x80040d07iehistory://{S-1-5-21-897203139-1112560925-3423631613-1001}/

Error: (04/19/2014 11:57:51 PM) (Source: AHDDC2_Service.exe)(User: )
Description: Cannot terminate an externally created thread


CodeIntegrity Errors:
===================================
  Date: 2014-04-19 23:58:23.026
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 23:53:04.705
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 23:40:07.875
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 23:31:45.605
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 23:31:04.944
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 23:09:37.853
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 23:07:13.402
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 22:33:58.025
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 22:23:33.402
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 22:13:23.722
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 44%
Total physical RAM: 3948.54 MB
Available physical RAM: 2191.05 MB
Total Pagefile: 7895.27 MB
Available Pagefile: 5684.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:278.47 GB) (Free:206.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 1B72BB33)
Partition 1: (Not Active) - (Size=20 GB) - (Type=1C)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=278 GB) - (Type=07 NTFS)

==================== End Of Log ============================

cosinus · 19.04.2014, 23:58

Funde mit adwCleaner auch entfernen lassen

Dragon79 · 20.04.2014, 16:56

Das habe ich gemacht und danach einen automatischen Neustart.

cosinus · 21.04.2014, 20:37

Dann auch bitte das richtige Log dazu posten. Du hast nur das Log gepostet, an den adwCleaner seine Funde zeigt, nicht aber das Log nach dem Löschen. Nur so sieht man, was es erfolgreich löschen konnte und was nicht.

Dragon79 · 21.04.2014, 21:54

Sorry ich finde die Textdatei irgendwie nicht, habe jetzt nochmals nachgeschaut.

Das einzige was ich noch finde ist was unter Quarantäne gestellt wurde, habe aber keine Ahnung ob das dir weiterhilft.

Code:

ATTFilter

C:\Users\Carsten\AppData\Roaming\Windows Net Data\id.dat->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Windows Net Data\id.dat.vir
C:\Users\Carsten\AppData\Roaming\Windows Net Data\uninstaller.exe->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Windows Net Data\uninstaller.exe.vir
C:\Users\DTM\AppData\Local\DownloadGuide\amazon.ico->\AdwCleaner\Quarantine\C\Users\DTM\AppData\Local\DownloadGuide\amazon.ico.vir
C:\Users\DTM\AppData\Local\DownloadGuide\Kalender.gadget->\AdwCleaner\Quarantine\C\Users\DTM\AppData\Local\DownloadGuide\Kalender.gadget.vir
C:\Users\DTM\AppData\Local\DownloadGuide\Offers\iminent.exe->\AdwCleaner\Quarantine\C\Users\DTM\AppData\Local\DownloadGuide\Offers\iminent.exe.vir
C:\Users\DTM\AppData\Local\DownloadGuide\Offers\plus-hd-3-8.exe->\AdwCleaner\Quarantine\C\Users\DTM\AppData\Local\DownloadGuide\Offers\plus-hd-3-8.exe.vir
C:\Users\DTM\AppData\Local\DownloadGuide\Offers\vis-freeware.exe->\AdwCleaner\Quarantine\C\Users\DTM\AppData\Local\DownloadGuide\Offers\vis-freeware.exe.vir
C:\Users\DTM\AppData\Local\DownloadGuide\Offers\Web%2BOptimizer.exe->\AdwCleaner\Quarantine\C\Users\DTM\AppData\Local\DownloadGuide\Offers\Web%2BOptimizer.exe.vir
C:\Program Files (x86)\lucky leap\luckyleap.ico->\AdwCleaner\Quarantine\C\Program Files (x86)\lucky leap\luckyleap.ico.vir
C:\Program Files (x86)\lucky leap\luckyleapBHO.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\lucky leap\luckyleapBHO.dll.vir
C:\Program Files (x86)\lucky leap\luckyleapUninstall.exe->\AdwCleaner\Quarantine\C\Program Files (x86)\lucky leap\luckyleapUninstall.exe.vir
C:\Program Files (x86)\lucky leap\updateluckyleap.exe->\AdwCleaner\Quarantine\C\Program Files (x86)\lucky leap\updateluckyleap.exe.vir
C:\Users\Carsten\AppData\Local\Temp\eIntaller\34757D123FA64dd688231F0AEFC84307\1.1.6.6.crx->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Local\Temp\eIntaller\34757D123FA64dd688231F0AEFC84307\1.1.6.6.crx.vir
C:\Users\Carsten\AppData\Local\Temp\eIntaller\34757D123FA64dd688231F0AEFC84307\c1e64bd431.exe->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Local\Temp\eIntaller\34757D123FA64dd688231F0AEFC84307\c1e64bd431.exe.vir
C:\Users\Carsten\AppData\Local\Temp\eIntaller\34757D123FA64dd688231F0AEFC84307\Config.ini->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Local\Temp\eIntaller\34757D123FA64dd688231F0AEFC84307\Config.ini.vir
C:\Users\Carsten\AppData\Local\Temp\eIntaller\34757D123FA64dd688231F0AEFC84307\ep.zip->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Local\Temp\eIntaller\34757D123FA64dd688231F0AEFC84307\ep.zip.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\firefox@luckyleap.net.xpi->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\firefox@luckyleap.net.xpi.vir
C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk.vir
C:\Users\Carsten\Desktop\MyPC Backup.lnk->\AdwCleaner\Quarantine\C\Users\Carsten\Desktop\MyPC Backup.lnk.vir
C:\Program Files (x86)\Mysearchdial\1.8.21.0\FavIcon.ico->\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\FavIcon.ico.vir
C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialApp.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialApp.dll.vir
C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialEng.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialEng.dll.vir
C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialsrv.exe->\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialsrv.exe.vir
C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll.vir
C:\Program Files (x86)\Mysearchdial\1.8.21.0\Sqlite3.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\Sqlite3.dll.vir
C:\Program Files (x86)\Mysearchdial\1.8.21.0\uninst.dat->\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\uninst.dat.vir
C:\Program Files (x86)\Mysearchdial\1.8.21.0\uninstall.exe->\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\uninstall.exe.vir
C:\Program Files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll.vir
C:\Users\Carsten\AppData\Local\Temp\OCS\deyhusyokwxzsqqv.dat->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Local\Temp\OCS\deyhusyokwxzsqqv.dat.vir
C:\Users\Carsten\AppData\Local\Temp\OCS\fvfahevmktjbclky.dat->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Local\Temp\OCS\fvfahevmktjbclky.dat.vir
C:\Users\Carsten\AppData\Local\Temp\OCS\ICSharpCode.SharpZipLib.dll->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Local\Temp\OCS\ICSharpCode.SharpZipLib.dll.vir
C:\Users\Carsten\AppData\Local\Temp\OCS\ocs_v71a.exe->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Local\Temp\OCS\ocs_v71a.exe.vir
C:\Users\Carsten\AppData\Local\Temp\OCS\Downloads\705f49176579a643660bff5ff6ae3956\ee2ba1607628fd1416f6551ec738d009\BatteryInfoSetup12021.exe->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Local\Temp\OCS\Downloads\705f49176579a643660bff5ff6ae3956\ee2ba1607628fd1416f6551ec738d009\BatteryInfoSetup12021.exe.vir
C:\Users\Carsten\AppData\Roaming\Mysearchdial\UpdateProc\config.dat->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mysearchdial\UpdateProc\config.dat.vir
C:\Users\Carsten\AppData\Roaming\Mysearchdial\UpdateProc\UpdateTask.exe->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mysearchdial\UpdateProc\UpdateTask.exe.vir
C:\Users\Carsten\AppData\Roaming\Mysearchdial\icons_2.2.14.1379\62.ico->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mysearchdial\icons_2.2.14.1379\62.ico.vir
C:\Users\Carsten\AppData\Roaming\Mysearchdial\icons_2.2.14.1379\80.ico->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mysearchdial\icons_2.2.14.1379\80.ico.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\chrome.manifest->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\chrome.manifest.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\install.rdf->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\install.rdf.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\_locales\en-US\translations.dtd->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\_locales\en-US\translations.dtd.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\resources\activetabs.html->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\resources\activetabs.html.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\resources\favorites.html->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\resources\favorites.html.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\resources\layout.html->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\resources\layout.html.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\resources\modal-fav-add.html->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\resources\modal-fav-add.html.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\resources\modal-fav-edit.html->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\resources\modal-fav-edit.html.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\resources\modal-fav-group.html->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\resources\modal-fav-group.html.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\resources\recentlyclosed.html->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\resources\recentlyclosed.html.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\resources\theme.html->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\resources\theme.html.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\info\contactus.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\info\contactus.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\info\facebook.ico->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\info\facebook.ico.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\info\rateus.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\info\rateus.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\info\twitter.ico->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\info\twitter.ico.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\favorites\empty.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\favorites\empty.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\favorites\error.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\favorites\error.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\favorites\shadow.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\favorites\shadow.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\chrome\bookmarks.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\chrome\bookmarks.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\chrome\download.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\chrome\download.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\chrome\downloads.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\chrome\downloads.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\chrome\downloas.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\chrome\downloas.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\chrome\extensions.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\chrome\extensions.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\chrome\history.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\chrome\history.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\chrome\settings.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\chrome\settings.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\chrome\trash.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\images\chrome\trash.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\css\activetabs.css->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\css\activetabs.css.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\css\favorites.css->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\css\favorites.css.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\css\layout.css->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\css\layout.css.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\css\modal-fav-add.css->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\css\modal-fav-add.css.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\css\modal-fav-edit.css->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\css\modal-fav-edit.css.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\css\modal-fav-group.css->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\css\modal-fav-group.css.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\css\recentlyclosed.css->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\css\recentlyclosed.css.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\css\theme.css->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\plugins\css\theme.css.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\resources\list.html->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\resources\list.html.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\resources\menu.html->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\resources\menu.html.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\ajax-loader-2.gif->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\ajax-loader-2.gif.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\ajax-loader-bar.gif->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\ajax-loader-bar.gif.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\ajax-loader-medium.gif->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\ajax-loader-medium.gif.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\ajax-loader-small.gif->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\ajax-loader-small.gif.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\ajax-loader.gif->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\ajax-loader.gif.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\arrow-footer.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\arrow-footer.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\arrow-header.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\arrow-header.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\attachment.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\attachment.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\close.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\close.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\edit-button.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\edit-button.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\icon-chrome.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\icon-chrome.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\icon-edit.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\icon-edit.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\icon-layout.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\icon-layout.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\icon-plus.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\icon-plus.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\icon-theme.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\icon-theme.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\menu_v.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\menu_v.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\provider.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\provider.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\Thumbs.db->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\Thumbs.db.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\x-button.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\x-button.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\arab_tile.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\arab_tile.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\batthern_@2X.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\batthern_@2X.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\bo_play_pattern_@2X.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\bo_play_pattern_@2X.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\dark_wood_@2X.jpg->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\dark_wood_@2X.jpg.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\diagonal_striped_brick.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\diagonal_striped_brick.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\escheresque_ste_@2X.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\escheresque_ste_@2X.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\gold_scale.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\gold_scale.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\purty_wood_@2X.jpg->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\purty_wood_@2X.jpg.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\readme.txt->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\readme.txt.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\starring_@2X.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\starring_@2X.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\tileable_wood_texture_@2X.jpg->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\tileable_wood_texture_@2X.jpg.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\weave_@2X.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\weave_@2X.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\wild_oliva_@2X.jpg->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\wild_oliva_@2X.jpg.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\woven.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\images\patterns\woven.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\css\buttons.css->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\css\buttons.css.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\css\footer.css->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\css\footer.css.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\css\header.css->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\css\header.css.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\css\list.css->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\css\list.css.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\css\newtab.css->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\css\newtab.css.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\css\search.css->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\css\search.css.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\css\themes.css->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\newtab\css\themes.css.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\icons\128.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\icons\128.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\icons\16.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\icons\16.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\icons\48.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\icons\48.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\icons\Thumbs.db->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\icons\Thumbs.db.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\gallery\arrow-gallery-cat-selected.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\gallery\arrow-gallery-cat-selected.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\gallery\arrow.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\gallery\arrow.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\gallery\emptyArea.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\gallery\emptyArea.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\gallery\gallery.css->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\gallery\gallery.css.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\gallery\gallery_templates.html->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\gallery\gallery_templates.html.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\gallery\icon-gallery-search.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\gallery\icon-gallery-search.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\gallery\not_available_32.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\gallery\not_available_32.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\gallery\plus.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\gallery\plus.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\gallery\Thumbs.db->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\gallery\Thumbs.db.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\gallery\X.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\gallery\X.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\external\foundation.min.css->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\external\foundation.min.css.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\external\indicator.gif->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\external\indicator.gif.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\external\Jcrop.gif->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\external\Jcrop.gif.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\external\jquery.autocomplete.css->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\external\jquery.autocomplete.css.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\external\jquery.Jcrop.min.css->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\external\jquery.Jcrop.min.css.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\external\jquery.simplecolorpicker.css->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\external\jquery.simplecolorpicker.css.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\external\normalize.css->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\skin\external\normalize.css.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\defaults\preferences\prefs-sys.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\defaults\preferences\prefs-sys.js.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\defaults\preferences\prefs.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\defaults\preferences\prefs.js.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\.DS_Store->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\.DS_Store.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\newtab\gallery.html->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\newtab\gallery.html.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\newtab\gallery.min.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\newtab\gallery.min.js.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\newtab\newtab.html->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\newtab\newtab.html.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\newtab\newtab.min.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\newtab\newtab.min.js.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\newtab\search.html->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\newtab\search.html.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\newtab\search.min.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\newtab\search.min.js.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\external\crypto-js.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\external\crypto-js.js.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\external\jquery-2.0.2.min.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\external\jquery-2.0.2.min.js.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\external\jquery.autocomplete.min.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\external\jquery.autocomplete.min.js.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\external\jquery.balloon.min.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\external\jquery.balloon.min.js.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\external\jquery.fittext.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\external\jquery.fittext.js.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\external\jquery.Jcrop.min.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\external\jquery.Jcrop.min.js.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\external\jquery.simplecolorpicker.min.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\external\jquery.simplecolorpicker.min.js.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\external\mustache.min.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\external\mustache.min.js.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\external\string.min.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\external\string.min.js.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\external\underscore-min.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\external\underscore-min.js.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\data\favorites_de.json->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\data\favorites_de.json.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\data\favorites_en-gb.json->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\data\favorites_en-gb.json.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\data\favorites_en_us.json->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\data\favorites_en_us.json.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\data\favorites_fr.json->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\data\favorites_fr.json.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\data\favorites_he.json->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\data\favorites_he.json.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\data\favorites_it.json->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\data\favorites_it.json.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\data\favorites_pt-br.json->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\data\favorites_pt-br.json.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\data\favorites_ru.json->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\data\favorites_ru.json.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\data\favorites_tr.json->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\data\favorites_tr.json.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\browser\.background.jsm.swp->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\browser\.background.jsm.swp.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\browser\background.jsm->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\browser\background.jsm.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\browser\bg.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\browser\bg.js.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\browser\browser.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\browser\browser.js.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\browser\browser.xul->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\browser\browser.xul.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\browser\timer.jsm->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}\content\browser\timer.jsm.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM\chrome.manifest->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM\chrome.manifest.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM\install.rdf->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM\install.rdf.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM\chrome\skin\pricealarm.css->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM\chrome\skin\pricealarm.css.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM\chrome\content\background.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM\chrome\content\background.js.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM\chrome\content\background.xul->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM\chrome\content\background.xul.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\chrome.manifest->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\chrome.manifest.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\install.rdf->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\install.rdf.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\META-INF\manifest.mf->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\META-INF\manifest.mf.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\META-INF\zigbert.rsa->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\META-INF\zigbert.rsa.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\META-INF\zigbert.sf->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\META-INF\zigbert.sf.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\dpk.htm->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\dpk.htm.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\hlprs.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\hlprs.js.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\loader.xul->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\loader.xul.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\mtstart.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\mtstart.js.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\mysearchdial.css->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\mysearchdial.css.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\mysearchdial.xul->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\mysearchdial.xul.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\serp.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\serp.js.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\tmplt.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\tmplt.js.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\arwDwn.gif->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\arwDwn.gif.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\closeo.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\closeo.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\help_16.gif->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\help_16.gif.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\home.gif->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\home.gif.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\icon_seperator.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\icon_seperator.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\logo.PNG->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\logo.PNG.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\privecy_16_hot.gif->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\privecy_16_hot.gif.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\sign.jpg->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\sign.jpg.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\specialoffer.gif->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\specialoffer.gif.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\tellafriend.gif->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\tellafriend.gif.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\ae.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\ae.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\bg.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\bg.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\ch.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\ch.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\cn.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\cn.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\cz.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\cz.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\de.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\de.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\eg.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\eg.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\en.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\en.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\es.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\es.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\fr.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\fr.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\gr.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\gr.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\he.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\he.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\il.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\il.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\it.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\it.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\ja.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\ja.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\jp.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\jp.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\nl.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\nl.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\no.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\no.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\pl.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\pl.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\pt.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\pt.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\ro.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\ro.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\ru.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\ru.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\sa.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\sa.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\se.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\se.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\sv.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\sv.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\tr.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\tr.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\ua.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\ua.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\us.png->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\us.png.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\components\FFDisp.dll->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\ffxtlbr@mysearchdial.com\components\FFDisp.dll.vir
C:\Users\Carsten\AppData\Local\mysearchdial-speeddial.crx->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Local\mysearchdial-speeddial.crx.vir
C:\Users\Carsten\Desktop\MySearchDial.url->\AdwCleaner\Quarantine\C\Users\Carsten\Desktop\MySearchDial.url.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\searchplugins\Mysearchdial.xml->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\searchplugins\Mysearchdial.xml.vir
C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\searchplugins\Mysearchdial.xml->\AdwCleaner\Quarantine\C\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\searchplugins\Mysearchdial.xml.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js.vir
C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js->\AdwCleaner\Quarantine\C\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js.vir
C:\Windows\Tasks\MySearchDial.job->\AdwCleaner\Quarantine\C\Windows\Tasks\MySearchDial.job.vir
C:\Windows\System32\Tasks\MySearchDial->\AdwCleaner\Quarantine\C\Windows\System32\Tasks\MySearchDial.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\COPYING.Apachev2->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\COPYING.Apachev2.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\COPYING.LGPLv2->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\COPYING.LGPLv2.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\COPYING.LGPLv3->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\COPYING.LGPLv3.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\FFMPEG.EXE->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\FFMPEG.EXE.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\librtmp.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\librtmp.dll.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\libvlc.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\libvlc.dll.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\libvlccore.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\libvlccore.dll.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\LICENSE->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\LICENSE.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\manual.bat->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\manual.bat.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\scripts.yds->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\scripts.yds.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Uninstall.exe->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Uninstall.exe.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\ytd.exe->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\ytd.exe.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libdirect3d_plugin.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libdirect3d_plugin.dll.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libdrawable_plugin.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libdrawable_plugin.dll.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libvmem_plugin.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libvmem_plugin.dll.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libwingdi_plugin.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libwingdi_plugin.dll.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\.svn\all-wcprops->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\.svn\all-wcprops.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\.svn\entries->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\.svn\entries.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\.svn\text-base\libdirect3d_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\.svn\text-base\libdirect3d_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\.svn\text-base\libdrawable_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\.svn\text-base\libdrawable_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\.svn\text-base\libvmem_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\.svn\text-base\libvmem_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\.svn\text-base\libwingdi_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\.svn\text-base\libwingdi_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\.svn\prop-base\libdirect3d_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\.svn\prop-base\libdirect3d_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\.svn\prop-base\libdrawable_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\.svn\prop-base\libdrawable_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\.svn\prop-base\libvmem_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\.svn\prop-base\libvmem_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\.svn\prop-base\libwingdi_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\.svn\prop-base\libwingdi_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_filter\libswscale_plugin.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_filter\libswscale_plugin.dll.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_filter\.svn\all-wcprops->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_filter\.svn\all-wcprops.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_filter\.svn\entries->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_filter\.svn\entries.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_filter\.svn\text-base\libswscale_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_filter\.svn\text-base\libswscale_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_filter\.svn\prop-base\libswscale_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_filter\.svn\prop-base\libswscale_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\codec\libavcodec_plugin.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\codec\libavcodec_plugin.dll.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\codec\.svn\all-wcprops->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\codec\.svn\all-wcprops.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\codec\.svn\entries->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\codec\.svn\entries.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\codec\.svn\text-base\libavcodec_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\codec\.svn\text-base\libavcodec_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\codec\.svn\prop-base\libavcodec_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\codec\.svn\prop-base\libavcodec_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_output\libdirectsound_plugin.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_output\libdirectsound_plugin.dll.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_output\.svn\all-wcprops->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_output\.svn\all-wcprops.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_output\.svn\entries->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_output\.svn\entries.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_output\.svn\text-base\libdirectsound_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_output\.svn\text-base\libdirectsound_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_output\.svn\prop-base\libdirectsound_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_output\.svn\prop-base\libdirectsound_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\libfloat_mixer_plugin.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\libfloat_mixer_plugin.dll.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\libinteger_mixer_plugin.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\libinteger_mixer_plugin.dll.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\.svn\all-wcprops->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\.svn\all-wcprops.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\.svn\entries->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\.svn\entries.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\.svn\text-base\libfloat_mixer_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\.svn\text-base\libfloat_mixer_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\.svn\text-base\libinteger_mixer_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\.svn\text-base\libinteger_mixer_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\.svn\prop-base\libfloat_mixer_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\.svn\prop-base\libfloat_mixer_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\.svn\prop-base\libinteger_mixer_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\.svn\prop-base\libinteger_mixer_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\libaudio_format_plugin.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\libaudio_format_plugin.dll.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\libugly_resampler_plugin.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\libugly_resampler_plugin.dll.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\.svn\all-wcprops->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\.svn\all-wcprops.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\.svn\entries->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\.svn\entries.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\.svn\text-base\libaudio_format_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\.svn\text-base\libaudio_format_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\.svn\text-base\libtrivial_channel_mixer_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\.svn\text-base\libtrivial_channel_mixer_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\.svn\text-base\libugly_resampler_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\.svn\text-base\libugly_resampler_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\.svn\prop-base\libaudio_format_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\.svn\prop-base\libaudio_format_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\.svn\prop-base\libtrivial_channel_mixer_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\.svn\prop-base\libtrivial_channel_mixer_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\.svn\prop-base\libugly_resampler_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\.svn\prop-base\libugly_resampler_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\access\libfilesystem_plugin.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\access\libfilesystem_plugin.dll.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\access\.svn\all-wcprops->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\access\.svn\all-wcprops.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\access\.svn\entries->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\access\.svn\entries.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\access\.svn\text-base\libfilesystem_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\access\.svn\text-base\libfilesystem_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\access\.svn\prop-base\libfilesystem_plugin.dll.svn-base->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\access\.svn\prop-base\libfilesystem_plugin.dll.svn-base.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1025.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1025.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1026.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1026.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1029.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1029.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1030.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1030.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1031.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1031.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1032.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1032.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1033.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1033.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1034.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1034.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1035.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1035.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1036.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1036.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1038.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1038.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1040.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1040.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1043.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1043.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1044.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1044.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1045.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1045.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1048.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1048.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1049.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1049.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1050.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1050.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1051.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1051.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1052.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1052.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1053.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1053.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1055.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1055.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1059.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1059.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1060.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1060.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1061.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1061.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res2052.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res2052.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res2070.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res2070.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res2074.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res2074.ini.vir
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res9999.ini->\AdwCleaner\Quarantine\C\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res9999.ini.vir
C:\Users\Carsten\Documents\PC Speed Maximizer\CookiesException.txt->\AdwCleaner\Quarantine\C\Users\Carsten\Documents\PC Speed Maximizer\CookiesException.txt.vir
C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab\background.html->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab\background.html.vir
C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab\background.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab\background.js.vir
C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab\fire.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab\fire.js.vir
C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab\manifest.json->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab\manifest.json.vir
C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab\refire.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab\refire.js.vir
C:\Program Files (x86)\Mysearchdial\1.8.29.0\Sqlite3.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\Sqlite3.dll.vir
C:\Program Files (x86)\Mysearchdial\1.8.29.0\uninst.dat->\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\uninst.dat.vir
C:\Users\DTM\AppData\Local\CrashRpt\UnsentCrashReports\Ashampoo Photo Commander 11_11.1.1\~CrashRpt.ini->\AdwCleaner\Quarantine\C\Users\DTM\AppData\Local\CrashRpt\UnsentCrashReports\Ashampoo Photo Commander 11_11.1.1\~CrashRpt.ini.vir
C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js->\AdwCleaner\Quarantine\C\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\user.js.vir
C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js->\AdwCleaner\Quarantine\C\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\user.js.vir

cosinus · 22.04.2014, 07:49

Dann einfach den adwCleaner nochmal ausführen, aber richtig. Das Tool gleich neu runterladen, es gibt ne neue Version davon.

Dragon79 · 22.04.2014, 20:04

Code:

ATTFilter

# AdwCleaner v3.201 - Bericht erstellt am 22/04/2014 um 20:57:19
# Aktualisiert 22/04/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Carsten - CARSTEN-PC
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\DTM\AppData\Local\CrashRpt

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2830488C-079B-45C2-88B6-AFE4EAA2DF85}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VIS

***** [ Browser ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\prefs.js ]


[ Datei : C:\Users\DTM\AppData\Roaming\Mozilla\Firefox\Profiles\juns1ahh.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1874 octets] - [16/10/2013 15:54:45]
AdwCleaner[R10].txt - [2018 octets] - [20/04/2014 17:49:23]
AdwCleaner[R11].txt - [2525 octets] - [22/04/2014 20:55:46]
AdwCleaner[R1].txt - [3052 octets] - [05/11/2013 21:32:05]
AdwCleaner[R2].txt - [14977 octets] - [03/12/2013 22:45:46]
AdwCleaner[R3].txt - [1569 octets] - [21/12/2013 23:41:42]
AdwCleaner[R4].txt - [1912 octets] - [07/01/2014 18:08:35]
AdwCleaner[R5].txt - [2322 octets] - [02/02/2014 17:21:02]
AdwCleaner[R6].txt - [3419 octets] - [15/02/2014 18:46:20]
AdwCleaner[R7].txt - [2928 octets] - [09/04/2014 13:57:04]
AdwCleaner[R8].txt - [2856 octets] - [15/04/2014 19:17:43]
AdwCleaner[R9].txt - [5464 octets] - [19/04/2014 23:07:35]
AdwCleaner[S0].txt - [1840 octets] - [16/10/2013 15:57:19]
AdwCleaner[S1].txt - [2920 octets] - [05/11/2013 21:33:26]
AdwCleaner[S2].txt - [13587 octets] - [03/12/2013 22:46:54]
AdwCleaner[S3].txt - [1630 octets] - [21/12/2013 23:42:40]
AdwCleaner[S4].txt - [2337 octets] - [02/02/2014 17:21:53]
AdwCleaner[S5].txt - [2923 octets] - [15/04/2014 20:15:08]
AdwCleaner[S6].txt - [5361 octets] - [19/04/2014 23:08:44]
AdwCleaner[S7].txt - [2081 octets] - [20/04/2014 17:51:04]
AdwCleaner[S8].txt - [2441 octets] - [22/04/2014 20:57:19]

########## EOF - \AdwCleaner\AdwCleaner[S8].txt - [2501 octets] ##########

cosinus · 22.04.2014, 21:17

Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken

Dragon79 · 23.04.2014, 18:52

Guten Abend cosinus,

hier die angeforderten Logs.

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014
Ran by Carsten (administrator) on CARSTEN-PC on 23-04-2014 19:40:37
Running from C:\Users\DTM\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
(mst software GmbH, Germany) C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfsdkS64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(O&O Software GmbH) C:\Program Files\OO Software\DiskImage\ooditray.exe
() C:\Program Files (x86)\FeedReader30\feedreader.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHJE.EXE
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Polenter - Software Solutions) C:\Program Files (x86)\Desktop-Reminder 2\DesktopReminder2.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(Secure Banking) C:\Program Files (x86)\Secure Banking\SecureBanking.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Secure Banking\sbservice.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(O&O Software GmbH) C:\Program Files\OO Software\DiskImage\oodiag.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [391296 2010-08-21] (Acronis)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Ashampoo HDD-Control 2 Guard] => C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe [3783592 2012-07-30] (Ashampoo Development GmbH & Co. KG)
HKLM\...\Run: [OODITRAY.EXE] => C:\Program Files\OO Software\DiskImage\ooditray.exe [5059880 2014-01-10] (O&O Software GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5493736 2010-08-21] (Acronis)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-25] (AVAST Software)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-01-29] (Samsung Electronics Co., Ltd.)
HKLM\...\RunOnce: [*Restore] - C:\Windows\System32\rstrui.exe /runonce [296960 2010-11-20] (Microsoft Corporation)
HKLM-x32\...\RunOnce: [20131224] - C:\Program Files\AVAST Software\Avast\setup\emupdate\7b1ea85d-f382-4f74-ae61-04b3806313e3.exe /check [181136 2014-03-31] (AVAST Software)
HKU\S-1-5-21-897203139-1112560925-3423631613-1000\...\Run: [SecureBanking] => C:\Program Files (x86)\Secure Banking\SecureBanking.exe [507904 2013-06-30] (Secure Banking)
HKU\S-1-5-21-897203139-1112560925-3423631613-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-897203139-1112560925-3423631613-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [831488 2013-12-13] (ZONER software)
HKU\S-1-5-21-897203139-1112560925-3423631613-1000\...\Run: [Zoner Photo Studio Service 16] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe [27648 2013-12-13] ()
HKU\S-1-5-21-897203139-1112560925-3423631613-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-01-29] (Samsung)
HKU\S-1-5-21-897203139-1112560925-3423631613-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-897203139-1112560925-3423631613-1000\...\Run: [DesktopReminder2ByPolenter] => C:\Program Files (x86)\Desktop-Reminder 2\DesktopReminder2.exe [2743344 2013-01-06] (Polenter - Software Solutions)
HKU\S-1-5-21-897203139-1112560925-3423631613-1000\...\MountPoints2: {93431013-6770-11e2-9859-806e6f6e6963} - D:\InstallNavi.exe
HKU\S-1-5-21-897203139-1112560925-3423631613-1001\...\Run: [feedreader.exe] => C:\Program Files (x86)\FeedReader30\feedreader.exe [2058240 2009-03-29] ()
HKU\S-1-5-21-897203139-1112560925-3423631613-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
HKU\S-1-5-21-897203139-1112560925-3423631613-1001\...\Run: [Aufgaben] => C:\Program Files (x86)\Holliesoft\Aufgaben\Aufgaben.exe
HKU\S-1-5-21-897203139-1112560925-3423631613-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-897203139-1112560925-3423631613-1001\...\Run: [DesktopReminder2ByPolenter] => C:\Program Files (x86)\Desktop-Reminder 2\DesktopReminder2.exe [2743344 2013-01-06] (Polenter - Software Solutions)
HKU\S-1-5-21-897203139-1112560925-3423631613-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [831488 2013-12-13] (ZONER software)
HKU\S-1-5-21-897203139-1112560925-3423631613-1001\...\MountPoints2: {70da489a-fec2-11e2-81e1-20cf30c6160e} - E:\IRDApp.exe http://www.iradiopop.com/IRD/pages/register.do?fx=visit
Startup: C:\Users\DTM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Secure Banking.lnk
ShortcutTarget: Secure Banking.lnk -> C:\Program Files (x86)\Secure Banking\SecureBanking.exe (Secure Banking)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2B7E588486FBCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM - DefaultScope value is missing.
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll ( )
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\i87wetys.default\Extensions\support@websteroidsapp.com [2014-01-22]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-01-26]

==================== Services (Whitelisted) =================

S4 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-02-10] (Adobe Systems)
R2 AHDDC2; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-25] (AVAST Software)
R2 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1876816 2014-04-23] (SurfRight B.V.)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2153792 2014-03-19] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-07-26] (Nitro PDF Software)
R2 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [6337832 2014-01-10] (O&O Software GmbH)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1657128 2014-01-24] (O&O Software GmbH)
S2 NitroDriverReadSpool9; "C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe" [X]
S2 nlsX86cc; C:\Windows\SysWOW64\NLSSRV32.EXE [X]

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-03-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-03-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-03-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-03-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-03-25] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-03-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-03-25] ()
R2 hmpalert; C:\Windows\System32\drivers\hmpalert.sys [93144 2014-04-23] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [255680 2013-11-05] (O&O Software GmbH)
R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44736 2013-11-05] (O&O Software GmbH)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-04-07] (Duplex Secure Ltd.)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-17] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-17] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon)
S3 cleanhlp; \??\F:\Emsisoft Emergency Kit (Viren Scanner portable)\Run\cleanhlp64.sys [X]
S3 keycrypt; system32\DRIVERS\KeyCrypt64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-23 19:40 - 2014-04-23 19:40 - 00015067 _____ () C:\Users\DTM\Desktop\FRST.txt
2014-04-23 19:39 - 2014-04-23 19:39 - 02061312 _____ (Farbar) C:\Users\DTM\Desktop\FRST64.exe
2014-04-23 19:16 - 2014-04-23 19:16 - 00000000 ____D () C:\Users\Carsten\AppData\Roaming\Malwarebytes
2014-04-20 00:06 - 2014-04-23 19:40 - 00000000 ____D () C:\FRST
2014-04-20 00:02 - 2014-04-20 00:02 - 00000000 ____D () C:\Users\Carsten\AppData\Roaming\DesktopReminder
2014-04-20 00:01 - 2014-04-20 00:02 - 00000000 ____D () C:\Users\Carsten\Documents\DesktopReminder
2014-04-20 00:01 - 2014-04-20 00:01 - 00000000 ____D () C:\Users\Carsten\AppData\Local\Polenter_-_Software_Solut
2014-04-18 21:29 - 2014-04-18 21:29 - 00000000 ____D () C:\Users\DTM\Desktop\Wiederspruch ALG 2
2014-04-16 19:37 - 2014-04-23 18:32 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-10 19:45 - 2014-04-10 19:45 - 00000000 ____D () C:\Users\DTM\Desktop\Ring Card
2014-04-09 13:44 - 2014-03-04 11:44 - 01163264 ____N (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 13:44 - 2014-03-04 11:44 - 00362496 ____N (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 13:44 - 2014-03-04 11:44 - 00243712 ____N (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 13:44 - 2014-03-04 11:44 - 00013312 ____N (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 13:44 - 2014-03-04 11:16 - 01114112 ____N (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-08 20:25 - 2014-04-23 18:33 - 00000000 ____D () C:\Users\DTM\Desktop\Fotosoftware
2014-04-08 13:45 - 2014-04-08 13:46 - 08940095 _____ () C:\Users\DTM\Desktop\Die Grüne Hölle.mp4
2014-04-07 21:39 - 2014-04-07 21:39 - 00000000 ____D () C:\Users\DTM\AppData\Local\AquaSoft
2014-04-07 16:05 - 2014-04-21 23:02 - 00000000 ____D () C:\Users\DTM\Downloads\Sonnenuntergänge Trauer
2014-04-05 20:25 - 2014-04-23 19:31 - 00002950 _____ () C:\Windows\System32\Tasks\OO DiskImage {71f57001-bbc8-4dd2-9f24-35d049457fb1}
2014-04-05 20:25 - 2014-04-23 19:31 - 00000476 _____ () C:\Windows\Tasks\OO DiskImage {71f57001-bbc8-4dd2-9f24-35d049457fb1}.job
2014-04-05 09:16 - 2014-04-05 09:22 - 00000000 ____D () C:\Users\DTM\Desktop\Lieder Mutti Stick
2014-03-31 21:35 - 2014-03-31 21:43 - 00000000 ____D () C:\Users\DTM\Downloads\Datenrettung
2014-03-30 20:08 - 2014-04-13 18:40 - 00000000 ____D () C:\Users\DTM\Desktop\VLN 2014 (Racing News)
2014-03-28 21:48 - 2014-04-07 21:02 - 00000000 ____D () C:\Users\DTM\Desktop\Video Doku (Angstdiagnose Krebs)
2014-03-26 01:14 - 2014-03-26 01:15 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-03-25 20:58 - 2014-03-25 21:32 - 220602368 _____ () C:\Users\DTM\Downloads\LibreOffice_4.2.2_Win_x86.msi
2014-03-25 01:18 - 2014-03-25 01:18 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

==================== One Month Modified Files and Folders =======

2014-04-23 19:40 - 2014-04-23 19:40 - 00015067 _____ () C:\Users\DTM\Desktop\FRST.txt
2014-04-23 19:40 - 2014-04-20 00:06 - 00000000 ____D () C:\FRST
2014-04-23 19:39 - 2014-04-23 19:39 - 02061312 _____ (Farbar) C:\Users\DTM\Desktop\FRST64.exe
2014-04-23 19:38 - 2009-07-14 06:45 - 00014928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-23 19:38 - 2009-07-14 06:45 - 00014928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-23 19:35 - 2013-12-22 01:29 - 01526600 _____ () C:\Windows\WindowsUpdate.log
2014-04-23 19:35 - 2013-01-26 19:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-23 19:31 - 2014-04-05 20:25 - 00002950 _____ () C:\Windows\System32\Tasks\OO DiskImage {71f57001-bbc8-4dd2-9f24-35d049457fb1}
2014-04-23 19:31 - 2014-04-05 20:25 - 00000476 _____ () C:\Windows\Tasks\OO DiskImage {71f57001-bbc8-4dd2-9f24-35d049457fb1}.job
2014-04-23 19:31 - 2014-02-11 21:57 - 00000000 ____D () C:\Users\DTM\Documents\DesktopReminder
2014-04-23 19:31 - 2013-01-26 19:48 - 00000000 ____D () C:\Users\DTM\AppData\Roaming\Macromedia
2014-04-23 19:29 - 2014-03-19 18:29 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-04-23 19:29 - 2014-02-10 23:07 - 00007551 _____ () C:\Windows\setupact.log
2014-04-23 19:29 - 2009-07-14 19:58 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-04-23 19:29 - 2009-07-14 19:58 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-04-23 19:29 - 2009-07-14 07:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-23 19:29 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-23 19:27 - 2014-03-19 18:29 - 00548424 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-04-23 19:27 - 2014-03-19 18:29 - 00477008 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-04-23 19:27 - 2014-03-19 18:29 - 00093144 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-04-23 19:25 - 2013-04-26 14:23 - 00000000 ____D () C:\Users\DTM\AppData\Local\CrashDumps
2014-04-23 19:16 - 2014-04-23 19:16 - 00000000 ____D () C:\Users\Carsten\AppData\Roaming\Malwarebytes
2014-04-23 19:16 - 2013-01-26 19:01 - 00000000 ____D () C:\Users\DTM\AppData\Roaming\Nitro PDF
2014-04-23 19:16 - 2013-01-26 06:32 - 00000000 ____D () C:\Users\Carsten
2014-04-23 19:16 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-04-23 19:15 - 2013-01-26 07:17 - 00000000 ____D () C:\Users\DTM
2014-04-23 18:36 - 2013-01-26 20:04 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-23 18:33 - 2014-04-08 20:25 - 00000000 ____D () C:\Users\DTM\Desktop\Fotosoftware
2014-04-23 18:33 - 2014-02-11 21:54 - 00000000 ____D () C:\Program Files (x86)\Desktop-Reminder 2
2014-04-23 18:33 - 2014-02-06 21:05 - 00000000 ____D () C:\Users\DTM\AppData\Local\CrashRpt
2014-04-23 18:33 - 2014-02-04 21:22 - 00000000 ____D () C:\Users\DTM\AppData\Roaming\ProductData
2014-04-23 18:33 - 2014-02-03 23:27 - 00000000 ____D () C:\Users\Carsten\AppData\Roaming\ProductData
2014-04-23 18:33 - 2014-02-02 05:11 - 00000000 ____D () C:\Users\DTM\Downloads\Youtube Downloader
2014-04-23 18:33 - 2013-11-15 00:26 - 00000000 ____D () C:\ProgramData\ProductData
2014-04-23 18:33 - 2013-07-17 22:44 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2
2014-04-23 18:33 - 2013-02-02 21:12 - 00000000 ____D () C:\Users\DTM\AppData\Roaming\Feedreader
2014-04-23 18:33 - 2013-02-02 21:12 - 00000000 ____D () C:\Program Files (x86)\FeedReader30
2014-04-23 18:33 - 2013-01-27 21:28 - 00000000 ___RD () C:\Users\DTM\Desktop\Toolbars und ungewünschte Programme entfernen
2014-04-23 18:33 - 2013-01-27 02:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-23 18:33 - 2013-01-27 02:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-04-23 18:33 - 2013-01-27 00:48 - 00000000 ____D () C:\Users\DTM\AppData\Roaming\vlc
2014-04-23 18:33 - 2013-01-26 21:53 - 00000000 ____D () C:\Program Files (x86)\Secure Banking
2014-04-23 18:33 - 2013-01-26 21:03 - 00000000 ____D () C:\Program Files\Elantech
2014-04-23 18:33 - 2013-01-26 07:17 - 00000000 ___RD () C:\Users\DTM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-23 18:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-04-23 18:32 - 2014-04-16 19:37 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-23 18:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-23 18:31 - 2013-01-27 00:59 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-23 18:31 - 2013-01-26 17:50 - 00000000 ____D () C:\Users\Carsten\AppData\Roaming\Mozilla
2014-04-23 18:31 - 2013-01-26 17:32 - 00000000 ____D () C:\Users\DTM\AppData\Local\Mozilla
2014-04-23 18:30 - 2013-10-16 15:54 - 00000000 ____D () C:\AdwCleaner
2014-04-21 23:02 - 2014-04-07 16:05 - 00000000 ____D () C:\Users\DTM\Downloads\Sonnenuntergänge Trauer
2014-04-21 22:02 - 2013-08-07 23:18 - 00000000 ____D () C:\Users\DTM\Downloads\Sprüche Und Video
2014-04-21 21:47 - 2014-03-21 23:01 - 00000000 ____D () C:\Users\DTM\Desktop\VLN 2014
2014-04-21 21:34 - 2013-05-21 23:01 - 00000000 ____D () C:\Users\DTM\Desktop\Riester Rente (Union Investment)
2014-04-20 21:24 - 2013-10-04 19:57 - 00000000 ____D () C:\Users\DTM\Desktop\Klingelton
2014-04-20 19:50 - 2014-01-14 00:25 - 00000000 ____D () C:\Users\DTM\Desktop\Verkauf
2014-04-20 00:02 - 2014-04-20 00:02 - 00000000 ____D () C:\Users\Carsten\AppData\Roaming\DesktopReminder
2014-04-20 00:02 - 2014-04-20 00:01 - 00000000 ____D () C:\Users\Carsten\Documents\DesktopReminder
2014-04-20 00:01 - 2014-04-20 00:01 - 00000000 ____D () C:\Users\Carsten\AppData\Local\Polenter_-_Software_Solut
2014-04-18 21:29 - 2014-04-18 21:29 - 00000000 ____D () C:\Users\DTM\Desktop\Wiederspruch ALG 2
2014-04-18 21:28 - 2013-01-26 19:06 - 00000000 ____D () C:\Users\DTM\Desktop\Handbücher
2014-04-16 19:56 - 2013-01-26 07:23 - 00095288 _____ () C:\Users\Carsten\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-15 20:16 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-13 19:03 - 2013-02-05 21:00 - 00000000 ____D () C:\Users\DTM\AppData\Local\photoOptimizeHistoryDataBase
2014-04-13 18:40 - 2014-03-30 20:08 - 00000000 ____D () C:\Users\DTM\Desktop\VLN 2014 (Racing News)
2014-04-10 19:45 - 2014-04-10 19:45 - 00000000 ____D () C:\Users\DTM\Desktop\Ring Card
2014-04-09 19:33 - 2014-03-19 18:29 - 00548424 _____ (SurfRight) C:\Windows\system32\hmpalert(38).dll
2014-04-09 19:33 - 2014-03-19 18:29 - 00477008 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert(39).dll
2014-04-08 20:26 - 2013-11-13 22:33 - 00000000 ____D () C:\Users\Carsten\AppData\Local\Adobe
2014-04-08 20:25 - 2013-01-26 19:48 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-08 20:25 - 2013-01-26 19:48 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-08 20:25 - 2013-01-26 19:48 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-08 17:08 - 2014-03-19 18:29 - 00000000 ____D () C:\Windows\CryptoGuard
2014-04-08 13:46 - 2014-04-08 13:45 - 08940095 _____ () C:\Users\DTM\Desktop\Die Grüne Hölle.mp4
2014-04-07 21:39 - 2014-04-07 21:39 - 00000000 ____D () C:\Users\DTM\AppData\Local\AquaSoft
2014-04-07 21:39 - 2013-04-30 15:36 - 00386680 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2014-04-07 21:02 - 2014-03-28 21:48 - 00000000 ____D () C:\Users\DTM\Desktop\Video Doku (Angstdiagnose Krebs)
2014-04-07 18:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-05 09:22 - 2014-04-05 09:16 - 00000000 ____D () C:\Users\DTM\Desktop\Lieder Mutti Stick
2014-03-31 21:43 - 2014-03-31 21:35 - 00000000 ____D () C:\Users\DTM\Downloads\Datenrettung
2014-03-31 21:32 - 2013-01-28 02:14 - 00000000 ____D () C:\Users\DTM\Desktop\LibreOffice Vorlagen
2014-03-28 21:49 - 2014-03-17 21:36 - 00000000 ____D () C:\Users\DTM\Desktop\Unheilig noch auf stick
2014-03-28 21:44 - 2013-01-31 04:09 - 00000000 ____D () C:\FFOutput
2014-03-28 21:29 - 2013-01-29 02:12 - 00000000 ____D () C:\Users\DTM\Desktop\MozBackup´s
2014-03-28 21:00 - 2013-01-26 17:36 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-26 20:20 - 2013-01-26 21:15 - 00095288 _____ () C:\Users\DTM\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-26 20:19 - 2009-07-14 06:45 - 00392216 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-26 01:15 - 2014-03-26 01:14 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-03-25 21:32 - 2014-03-25 20:58 - 220602368 _____ () C:\Users\DTM\Downloads\LibreOffice_4.2.2_Win_x86.msi
2014-03-25 01:19 - 2014-03-16 15:40 - 00000970 _____ () C:\Windows\PFRO.log
2014-03-25 01:18 - 2014-03-25 01:18 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-25 01:18 - 2013-12-27 23:07 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-03-25 01:18 - 2013-02-28 20:11 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-25 01:18 - 2013-02-28 20:11 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-25 01:18 - 2013-01-26 20:04 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-25 01:18 - 2013-01-26 20:04 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-03-25 01:18 - 2013-01-26 20:04 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-25 01:18 - 2013-01-26 20:04 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-03-25 01:18 - 2013-01-26 20:04 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

Some content of TEMP:
====================
C:\Users\Carsten\AppData\Local\Temp\VSUSetup.exe
C:\Users\DTM\AppData\Local\Temp\hmpalert_update.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-07 18:00

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2014
Ran by Carsten at 2014-04-23 19:41:14
Running from C:\Users\DTM\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Acronis*True*Image*Home 2011 (HKLM-x32\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.5105 - Acronis)
Adobe Bridge 1.0 (x32 Version: 001.000.001 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.001 - Adobe System Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
AMD APP SDK Runtime (Version: 2.4.595.1 - Advanced Micro Devices Inc.) Hidden
Ashampoo Burning Studio 14 v.14.0.1 (HKLM-x32\...\{91B33C97-7BCF-CDFE-4321-58EBF3E8641C}_is1) (Version: 14.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo HDD Control 2 v.2.1.0 (HKLM-x32\...\Ashampoo HDD Control 2_is1) (Version: 2.1.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 11 v.11.0.1 (HKLM-x32\...\{0A11EA01-0F9C-8526-5DF1-0A2FD0FB33D9}_is1) (Version: 11.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer 5 v.5.0.2 (HKLM-x32\...\Ashampoo Photo Optimizer 5_is1) (Version: 5.0.2 - Ashampoo GmbH & Co. KG)
Ashampoo Slideshow Studio HD 2 v.2.0.6 (HKLM-x32\...\{91B33C97-C201-47CC-5004-C35C8472437F}_is1) (Version: 2.0.6 - Ashampoo GmbH & Co. KG)
Ashampoo Slideshow Studio HD 3 v.3.0.1 (HKLM-x32\...\{91B33C97-16DF-4A79-3990-449F9E068D76}_is1) (Version: 3.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo Slideshow Studio HD 3 v.3.0.2 (HKLM-x32\...\{91B33C97-0CE8-6ABD-1CF4-0DAF2CCF492A}_is1) (Version: 3.0.2 - Ashampoo GmbH & Co. KG)
ATI AVIVO64 Codecs (Version: 11.6.0.10309 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{363836F9-D52D-8976-EC20-8C6965A4D045}) (Version: 3.0.820.0 - ATI Technologies, Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0009 - ASUS)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2016 - Avast Software)
Azteca (HKLM-x32\...\Azteca_is1) (Version: 1.0 - Media Contact LLC)
Benutzerhandbuch EPSON SX130 Series (HKLM-x32\...\EPSON SX130 Series Useg) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center (x32 Version: 2011.0309.2206.39672 - Ihr Firmenname) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0309.2206.39672 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0309.2206.39672 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help English (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help French (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help German (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0309.2205.39672 - ATI) Hidden
ccc-utility64 (Version: 2011.0309.2206.39672 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.127.0.63 - Conexant)
Desktop-Reminder 2 (HKLM-x32\...\Desktop-Reminder 2) (Version: 2.56 - Polenter - Software Solutions)
Desktop-Reminder 2 (x32 Version: 2.56 - Polenter - Software Solutions) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX130 Series Printer Uninstall (HKLM\...\EPSON SX130 Series) (Version:  - SEIKO EPSON Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ETDWare PS/2-x64 7.0.5.11_WHQL (HKLM\...\Elantech) (Version: 7.0.5.11 - ELAN Microelectronics Corp.)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
FeedReader (HKLM-x32\...\FeedReader_is1) (Version:  - i-Systems Inc.)
FileWing (HKLM-x32\...\FileWing_is1) (Version: 2.3 - Abelssoft)
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
Free YouTube Download version 3.2.20.1230 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
Führerschein 2012-2013 Installation & Registrierung (HKLM-x32\...\{E0A5D44A-FBDD-449D-82DF-78273CB86D6D}_is1) (Version:  - Abamsoft, dadagoo GmbH)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.)
Inpaint 4.5 (HKLM-x32\...\{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1) (Version:  - Teorex)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.2.9.10 - IObit)
JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.27.6 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.)
LibreOffice 4.2.2.1 (HKLM-x32\...\{0ECDB550-79ED-4E9E-851B-19A8B2B4EBFA}) (Version: 4.2.2.1 - The Document Foundation)
Light Image Resizer 4.4.1.0 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.4.1.0 - ObviousIdea)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 24.0.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.0.1 (x86 de)) (Version: 24.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Multimedia-Führerschein & Verkehr 2012-13 (HKLM-x32\...\{EFE197C2-C6C7-47F9-A735-245D35D56E45}) (Version: 1.00.0000 - bhv)
Nitro Pro 7 (HKLM\...\{1FD29C34-110D-43E8-8261-8A358E4E7204}) (Version: 7.5.0.22 - Nitro PDF Software)
O&O Defrag Professional (HKLM\...\{253C418F-F466-4303-86C5-68E656A65551}) (Version: 17.0.504 - O&O Software GmbH)
O&O DiskImage Professional (HKLM\...\{E6B8311A-1E4B-4B47-83D3-57178800B8A6}) (Version: 8.0.78 - O&O Software GmbH)
Opera Stable 20.0.1387.82 (HKLM-x32\...\Opera 20.0.1387.82) (Version: 20.0.1387.82 - Opera Software ASA)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Paragon Backup & Recovery™ 2012 Free (HKLM-x32\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Perfect Effects 4.0.4 (HKLM-x32\...\{385E6A4D-A440-43E2-9BAF-A012FB5FC2E2}) (Version: 4.0.4 - onOne Software)
PhotoFiltre 7 (HKCU\...\PhotoFiltre 7) (Version:  - )
Photomatix Pro version 4.2.6 (HKLM-x32\...\PhotomatixPro42x32_is1) (Version: 4.2.6 - HDRsoft Ltd)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Secure Banking Version 1.5.1 (HKLM-x32\...\{207E9B74-F4D3-4FD7-8142-16FF41825BC4}_is1) (Version: 1.5.1 - Hopfgartner Niklas)
Steganos Safe 2012 (HKLM-x32\...\{FADC3DC0-BCD9-4F6A-BB9D-360D695C5791}) (Version: 13.0.5 - Steganos Software GmbH)
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
SugarBook 4.0 (HKLM-x32\...\SugarBook4_is1) (Version:  - Lars Lakomski)
TomTom HOME (HKLM-x32\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
VIS (HKLM-x32\...\VIS) (Version:  - ) <==== ATTENTION
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
waterMark V2 (HKLM-x32\...\waterMark V2) (Version:  - )
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_DE_is1) (Version: 16.0.1.5 - ZONER software)

==================== Restore Points  =========================

09-04-2014 11:45:06 Windows Update
23-04-2014 16:25:49 Wiederherstellungsvorgang
23-04-2014 16:34:55 avast! antivirus system restore point

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0851E440-191F-4ABB-B1CC-B75ABC498154} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-03-19] (IObit)
Task: {0E74798E-5787-40D6-9F0B-B42585A9A255} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {4F60C7ED-373B-437D-B6EA-9C99B4CA8023} - \MySearchDial No Task File <==== ATTENTION
Task: {9A05CB73-B915-476E-899A-7D6CBA114ADC} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {9A7A1A19-D8BC-4B3C-82CA-81E7D43F0419} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-03-25] (AVAST Software)
Task: {E3078653-27FC-43BD-A8E7-90817A57E47F} - System32\Tasks\OO DiskImage {71f57001-bbc8-4dd2-9f24-35d049457fb1} => C:\Program Files\OO Software\DiskImage\oodiag.exe [2014-01-10] (O&O Software GmbH)
Task: {FBA05D17-55FD-4098-9FFD-54851BD053D8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-08] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\OO DiskImage {71f57001-bbc8-4dd2-9f24-35d049457fb1}.job => C:\Program Files\OO Software\DiskImage\oodiag.exe

==================== Loaded Modules (whitelisted) =============

2013-01-30 23:37 - 2012-07-30 11:48 - 01518504 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
2014-01-10 19:55 - 2014-01-10 19:55 - 00344872 _____ () C:\Program Files\OO Software\DiskImage\oodishrs.dll
2012-10-29 17:45 - 2012-10-29 17:45 - 00220672 _____ () C:\Program Files (x86)\Steganos Safe 2012\ShellExtension.dll
2012-07-26 21:26 - 2012-07-26 21:26 - 00108040 _____ () C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NPShellExtension64.dll
2014-01-10 19:55 - 2014-01-10 19:55 - 00553768 _____ () C:\Program Files\OO Software\DiskImage\ooditrrs.dll
2014-01-10 19:56 - 2014-01-10 19:56 - 00069928 _____ () C:\Program Files\OO Software\DiskImage\oodiagpsx64.dll
2013-02-02 21:12 - 2009-03-29 12:30 - 02058240 _____ () C:\Program Files (x86)\FeedReader30\feedreader.exe
2013-01-26 21:53 - 2013-06-30 17:54 - 00002560 _____ () C:\Program Files (x86)\Secure Banking\sbservice.exe
2011-03-14 15:21 - 2011-03-14 15:21 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-03-10 00:05 - 2011-03-10 00:05 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-01-10 19:55 - 2014-01-10 19:55 - 00326440 _____ () C:\Program Files\OO Software\DiskImage\oodiagrs.dll
2014-04-23 18:39 - 2014-04-23 18:39 - 02215936 _____ () C:\Program Files\AVAST Software\Avast\defs\14042300\algo.dll
2012-01-23 23:00 - 2012-01-23 23:00 - 00015872 _____ () C:\Program Files (x86)\Desktop-Reminder 2\de\DevExpress.XtraBars.v11.1.resources.dll
2012-01-23 23:00 - 2012-01-23 23:00 - 00061440 _____ () C:\Program Files (x86)\Desktop-Reminder 2\de\DevExpress.XtraEditors.v11.1.resources.dll
2012-01-23 23:00 - 2012-01-23 23:00 - 00053248 _____ () C:\Program Files (x86)\Desktop-Reminder 2\de\DevExpress.XtraScheduler.v11.1.Core.resources.dll
2012-01-23 23:00 - 2012-01-23 23:00 - 00016384 _____ () C:\Program Files (x86)\Desktop-Reminder 2\de\DevExpress.XtraScheduler.v11.1.Extensions.resources.dll
2012-01-23 23:00 - 2012-01-23 23:00 - 00010240 _____ () C:\Program Files (x86)\Desktop-Reminder 2\de\DevExpress.XtraLayout.v11.1.resources.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2013-10-15 17:49 - 2013-10-15 17:49 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-01-26 21:53 - 2013-06-30 17:54 - 00017920 _____ () C:\Program Files (x86)\Secure Banking\SecureBanking.dll
2013-01-26 21:53 - 2013-06-30 17:54 - 00008704 _____ () C:\Program Files (x86)\Secure Banking\funcs.dll
2014-03-18 19:32 - 2014-03-18 19:32 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:nlsPreferences

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: ABBYY.Licensing.FineReader.Sprint.9.0 => 2
MSCONFIG\Services: Adobe LM Service => 3
MSCONFIG\Services: Video downloader Updater => 2
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WinDefend => 2
MSCONFIG\startupfolder: C:^Users^Carsten^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.Startup
MSCONFIG\startupreg: SAFE2012 File Redirection Starter => "C:\Program Files (x86)\Steganos Safe 2012\fredirstarter.exe"
MSCONFIG\startupreg: SAFE2012 HotKeys => "C:\Program Files (x86)\Steganos Safe 2012\SteganosHotKeyService.exe"
MSCONFIG\startupreg: WinPatrol => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
MSCONFIG\startupreg: Zoner Photo Studio Service 16 => "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe"

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/23/2014 07:25:21 PM) (Source: Windows Search Service) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-897203139-1112560925-3423631613-1001}/">.

Error: (04/23/2014 07:21:45 PM) (Source: AHDDC2_Service.exe) (User: )
Description: Cannot terminate an externally created thread

Error: (04/23/2014 06:24:03 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbamscheduler.exe, Version: 2.0.23.0, Zeitstempel: 0x52f2947e
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x898
Startzeit der fehlerhaften Anwendung: 0xmbamscheduler.exe0
Pfad der fehlerhaften Anwendung: mbamscheduler.exe1
Pfad des fehlerhaften Moduls: mbamscheduler.exe2
Berichtskennung: mbamscheduler.exe3

Error: (04/23/2014 06:21:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.500, Zeitstempel: 0x533d8de2
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x10a8
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (04/23/2014 06:19:58 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbamscheduler.exe, Version: 2.0.23.0, Zeitstempel: 0x52f2947e
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x85c
Startzeit der fehlerhaften Anwendung: 0xmbamscheduler.exe0
Pfad der fehlerhaften Anwendung: mbamscheduler.exe1
Pfad des fehlerhaften Moduls: mbamscheduler.exe2
Berichtskennung: mbamscheduler.exe3

Error: (04/23/2014 06:17:58 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.500, Zeitstempel: 0x533d8de2
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x10a4
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (04/23/2014 06:16:51 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbamscheduler.exe, Version: 2.0.23.0, Zeitstempel: 0x52f2947e
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x88c
Startzeit der fehlerhaften Anwendung: 0xmbamscheduler.exe0
Pfad der fehlerhaften Anwendung: mbamscheduler.exe1
Pfad des fehlerhaften Moduls: mbamscheduler.exe2
Berichtskennung: mbamscheduler.exe3

Error: (04/22/2014 09:24:11 PM) (Source: AHDDC2_Service.exe) (User: )
Description: Cannot terminate an externally created thread

Error: (04/22/2014 09:23:43 PM) (Source: Windows Search Service) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-897203139-1112560925-3423631613-1001}/">.

Error: (04/22/2014 09:03:14 PM) (Source: Windows Search Service) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-897203139-1112560925-3423631613-1001}/">.


System errors:
=============
Error: (04/23/2014 07:30:09 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Nalpeiron Licensing Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/23/2014 07:30:09 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NitroPDFDriverCreatorReadSpool9" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/23/2014 07:28:57 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (04/23/2014 07:23:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Nalpeiron Licensing Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/23/2014 07:23:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NitroPDFDriverCreatorReadSpool9" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/23/2014 07:21:35 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (04/23/2014 06:34:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Nalpeiron Licensing Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/23/2014 06:34:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NitroPDFDriverCreatorReadSpool9" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/23/2014 06:26:29 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (04/23/2014 06:24:07 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Nalpeiron Licensing Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (04/23/2014 07:25:21 PM) (Source: Windows Search Service)(User: )
Description: 300x80040d07iehistory://{S-1-5-21-897203139-1112560925-3423631613-1001}/

Error: (04/23/2014 07:21:45 PM) (Source: AHDDC2_Service.exe)(User: )
Description: Cannot terminate an externally created thread

Error: (04/23/2014 06:24:03 PM) (Source: Application Error)(User: )
Description: mbamscheduler.exe2.0.23.052f2947eMSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd89801cf5f106f955360C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dllae93791a-cb03-11e3-b2c1-20cf30c6160e

Error: (04/23/2014 06:21:37 PM) (Source: Application Error)(User: )
Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd10a801cf5f1018f4fa59C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dll57847e24-cb03-11e3-89a3-20cf30c6160e

Error: (04/23/2014 06:19:58 PM) (Source: Application Error)(User: )
Description: mbamscheduler.exe2.0.23.052f2947eMSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd85c01cf5f0fde20e995C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dll1cb9e364-cb03-11e3-89a3-20cf30c6160e

Error: (04/23/2014 06:17:58 PM) (Source: Application Error)(User: )
Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd10a401cf5f0f96d44ad1C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dlld52bf4ec-cb02-11e3-9100-20cf30c6160e

Error: (04/23/2014 06:16:51 PM) (Source: Application Error)(User: )
Description: mbamscheduler.exe2.0.23.052f2947eMSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd88c01cf5f0f6ea80b0bC:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dllad242d9e-cb02-11e3-9100-20cf30c6160e

Error: (04/22/2014 09:24:11 PM) (Source: AHDDC2_Service.exe)(User: )
Description: Cannot terminate an externally created thread

Error: (04/22/2014 09:23:43 PM) (Source: Windows Search Service)(User: )
Description: 300x80040d07iehistory://{S-1-5-21-897203139-1112560925-3423631613-1001}/

Error: (04/22/2014 09:03:14 PM) (Source: Windows Search Service)(User: )
Description: 300x80040d07iehistory://{S-1-5-21-897203139-1112560925-3423631613-1001}/


CodeIntegrity Errors:
===================================
  Date: 2014-04-23 19:40:19.412
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-23 19:29:51.384
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-23 19:23:14.552
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-23 19:15:28.524
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-23 18:34:16.992
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-23 18:23:54.477
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-23 18:19:50.288
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-23 18:16:37.363
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-23 18:15:07.056
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-23 18:14:26.449
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 47%
Total physical RAM: 3948.54 MB
Available physical RAM: 2071.94 MB
Total Pagefile: 7895.27 MB
Available Pagefile: 5689.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:278.47 GB) (Free:205.15 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 1B72BB33)
Partition 1: (Not Active) - (Size=20 GB) - (Type=1C)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=278 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Übrigens Malwarebytes funktioniert nicht mehr es lässt sich weder starten noch denistallieren und auch nicht neu installieren.

Wenn ich das Programm starten möchte kommt folgendes:

Laufzeitfehler 383 Texeigenschaft ist schreibgeschützt

cosinus · 23.04.2014, 19:23

Neu installieren auch nicht? Setup zu MBAM komplett neu runtergeladen?

Dragon79 · 23.04.2014, 21:29

Nein neu installieren geht auch nicht komischerweise ist das Symbol in der Task leiste noch zu sehen und wenn man drauf klickt kommt der erwähnte Fehler.

Ich habe jetzt versucht es neu zu installieren dann kommt aber folgendes:

Interner Fehler: Expression error Runtime Error (at 57:177)
External exception E06D7363

Wollte nur nochmal eine Rückmeldung geben Malwarebytes funktioniert wieder, habe im Admin Konto versucht es komplett zu deinstallieren dies hat funktioniert und dann wieder neu installiert.

19.04.2014, 22:05	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	AVAST und Malwarebytes melden mehrere Funde Anders bekommt man die Adware nicht weg. __________________ Logfiles bitte immer in CODE-Tags posten

19.04.2014, 23:58	#6
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	AVAST und Malwarebytes melden mehrere Funde Funde mit adwCleaner auch entfernen lassen __________________ --> AVAST und Malwarebytes melden mehrere Funde

21.04.2014, 20:37	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	AVAST und Malwarebytes melden mehrere Funde Dann auch bitte das richtige Log dazu posten. Du hast nur das Log gepostet, an den adwCleaner seine Funde zeigt, nicht aber das Log nach dem Löschen. Nur so sieht man, was es erfolgreich löschen konnte und was nicht. __________________ Logfiles bitte immer in CODE-Tags posten

22.04.2014, 07:49	#10
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	AVAST und Malwarebytes melden mehrere Funde Dann einfach den adwCleaner nochmal ausführen, aber richtig. Das Tool gleich neu runterladen, es gibt ne neue Version davon. __________________ Logfiles bitte immer in CODE-Tags posten

22.04.2014, 21:17	#12
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	AVAST und Malwarebytes melden mehrere Funde Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken __________________ Logfiles bitte immer in CODE-Tags posten

AVAST und Malwarebytes melden mehrere Funde

Plagegeister aller Art und deren Bekämpfung: AVAST und Malwarebytes melden mehrere Funde