Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: blau unterstrichenes Wort mit grünem Pfeil rechts oben

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 20.10.2015, 12:48   #1
stoandl
 
blau unterstrichenes Wort mit grünem Pfeil rechts oben - Standard

blau unterstrichenes Wort mit grünem Pfeil rechts oben



Hallo!
Danke, dass ich mich wieder an euch wenden darf!
Problemstellung: mein Laptop (Windows 7), Mozilla Firefox, läuft extrem langsam. Wenn ich Webseiten besuche, sind viele Wörter blau und blau unterstrichen mit einem grünen Pfeil rechts oben.

Falls ich mich z.Bsp einloggen will, dann geht irgendeine Werbe Seite, oder eine Pseudowindows Seite auf.

Habe adwcleaner heruntergeladen und das System 1x gescannt.

Hat nichts genützt. Bitte um eure Hilfe, Danke, Rainer

Alt 20.10.2015, 13:06   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
blau unterstrichenes Wort mit grünem Pfeil rechts oben - Standard

blau unterstrichenes Wort mit grünem Pfeil rechts oben



Hi,

wieso denn "wieder"? Das hier ist dein erstes Posting gewesen

Log von adwCleaner bitte posten.In CODE-Tags.

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 20.10.2015, 14:44   #3
stoandl
 
blau unterstrichenes Wort mit grünem Pfeil rechts oben - Standard

blau unterstrichenes Wort mit grünem Pfeil rechts oben



Hi, habe mich damals wahrscheinlich mit dNamen eines Kollegen eingeloggt!
Danke für die Antwort.

Code:
ATTFilter
C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir
C:\Program Files (x86)\fbphotozoom\fbphotozoom16.crx->C:\AdwCleaner\Quarantine\C\Program Files (x86)\fbphotozoom\fbphotozoom16.crx.vir
C:\Program Files (x86)\fbphotozoom\fbphotozoomtemp.xpi->C:\AdwCleaner\Quarantine\C\Program Files (x86)\fbphotozoom\fbphotozoomtemp.xpi.vir
C:\Program Files (x86)\Gophoto.it\gophotoit14.crx->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Gophoto.it\gophotoit14.crx.vir
C:\Program Files (x86)\Red Sky\DownTango\DownTangoSetupFiles-TlbrFree.7z->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Red Sky\DownTango\DownTangoSetupFiles-TlbrFree.7z.vir
C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com\defaults\preferences\babylon.js->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com\defaults\preferences\babylon.js.vir
C:\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir
C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnIC.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnIC.dll.vir
C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnStub.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnStub.exe.vir
C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnToolbarInstaller.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnToolbarInstaller.exe.vir
C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\DVDVideoSoftToolbar.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\DVDVideoSoftToolbar.exe.vir
C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\00->C:\AdwCleaner\Quarantine\C\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\00.vir
C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\01->C:\AdwCleaner\Quarantine\C\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\01.vir
C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\02->C:\AdwCleaner\Quarantine\C\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\02.vir
C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\10->C:\AdwCleaner\Quarantine\C\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\10.vir
C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\11->C:\AdwCleaner\Quarantine\C\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\11.vir
C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\12->C:\AdwCleaner\Quarantine\C\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\12.vir
C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\20->C:\AdwCleaner\Quarantine\C\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\20.vir
C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\21->C:\AdwCleaner\Quarantine\C\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\21.vir
C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\22->C:\AdwCleaner\Quarantine\C\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\22.vir
C:\Users\Rainer\AppData\Local\apn\GoogleCRXs\aaaangaohdajkgeopjhpbnlpkehbhmbj_7.15.4.0.crx->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\apn\GoogleCRXs\aaaangaohdajkgeopjhpbnlpkehbhmbj_7.15.4.0.crx.vir
C:\Users\Rainer\AppData\Local\Conduit\CT2849855\BittorrentBar_DEAutoUpdateHelper.exe->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Conduit\CT2849855\BittorrentBar_DEAutoUpdateHelper.exe.vir
C:\Users\Rainer\AppData\Local\DownTango\initial_links.txt->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\DownTango\initial_links.txt.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\manifest.json->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\manifest.json.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\tb_ux\email.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\tb_ux\email.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\tb_ux\feeds.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\tb_ux\feeds.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\tb_ux\new-tab.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\tb_ux\new-tab.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\tb_ux\options.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\tb_ux\options.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\tb_ux\search-suggestion.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\tb_ux\search-suggestion.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\tb_ux\toolbar.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\tb_ux\toolbar.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\lib\constant.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\lib\constant.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\lib\default-config.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\lib\default-config.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\lib\jquery.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\lib\jquery.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\lib\tb-message.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\lib\tb-message.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\content_script\injector.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\content_script\injector.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\content_script\toolbar.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\content_script\toolbar.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\content_script\widget.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\content_script\widget.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\content_script\hack\facebook.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\content_script\hack\facebook.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\content_script\hack\relative.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\content_script\hack\relative.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\content_script\hack\static.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\content_script\hack\static.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\build.json->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\build.json.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\tb-config.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\tb-config.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\email.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\email.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\feeds.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\feeds.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\new-tab.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\new-tab.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\options.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\options.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\partner-popup.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\partner-popup.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\search-suggestion.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\search-suggestion.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\toolbar.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\toolbar.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\arrow-down.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\arrow-down.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\arrow-right.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\arrow-right.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\ask-toolbar-icons.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\ask-toolbar-icons.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\ask_logo_128x.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\ask_logo_128x.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\ask_logo_19x.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\ask_logo_19x.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\ask_logo_grey_19x.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\ask_logo_grey_19x.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\IDR_WEBSTORE_ICON.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\IDR_WEBSTORE_ICON.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\sr-toolbar-icons.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\sr-toolbar-icons.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\sr_logo_128x.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\sr_logo_128x.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\sr_logo_19x.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\sr_logo_19x.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\sr_logo_grey_19x.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\sr_logo_grey_19x.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\toolbar-icon-amazon.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\toolbar-icon-amazon.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\toolbar-icon-ask.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\toolbar-icon-ask.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\toolbar-icon-cnn.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\toolbar-icon-cnn.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\toolbar-icon-dictionary.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\toolbar-icon-dictionary.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\toolbar-icon-facebook.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\toolbar-icon-facebook.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\toolbar-icon-games.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\toolbar-icon-games.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\toolbar-icon-mail.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\toolbar-icon-mail.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\toolbar-icon-sr.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\toolbar-icon-sr.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\toolbar-icon-star.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\toolbar-icon-star.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\toolbar-icon-weather.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\toolbar-icon-weather.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\toolbar-icon-youtube.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\images\toolbar-icon-youtube.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\css\containers.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\css\containers.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\css\menu.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\css\menu.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\css\new-tab.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\css\new-tab.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\css\options.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\css\options.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\css\search-suggestion.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\css\search-suggestion.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\css\toolbar.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\config\skin\css\toolbar.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\background.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\background.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\background.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\background.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\browser-action.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\browser-action.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\cookies.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\cookies.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\custom-cmd.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\custom-cmd.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\event.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\event.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\feeds.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\feeds.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\history.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\history.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\lifecycle.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\lifecycle.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\localStorage.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\localStorage.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\log.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\log.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\logger.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\logger.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\popup.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\popup.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\preference.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\preference.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\pub-sub.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\pub-sub.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\registry.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\registry.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\registryAccess.dll->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\registryAccess.dll.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\reporting.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\reporting.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\search.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\search.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\sideByside.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\sideByside.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\tabs.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\tabs.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\toolbar-manager.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\toolbar-manager.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\utils.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\utils.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\webSQL.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background\webSQL.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\background.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\background.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\dropdown.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\dropdown.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\manifest.json->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\manifest.json.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\style\funmoods_chrome_1.0.1.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\style\funmoods_chrome_1.0.1.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\js\FMLoader.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\js\FMLoader.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\js\mtrprt.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\js\mtrprt.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\img\128.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\img\128.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\img\16.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\img\16.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\img\32.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\img\32.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\img\48.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\img\48.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\img\64.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\img\64.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\img\ajax-loader.gif->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\img\ajax-loader.gif.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\128.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\128.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\634220815653506250.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\634220815653506250.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Controller.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Controller.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\CT2849855.txt->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\CT2849855.txt.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\icon.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\icon.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\initData.json->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\initData.json.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\manifest.json->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\manifest.json.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Options.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Options.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Thumbs.db->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Thumbs.db.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\translation_fallback.json->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\translation_fallback.json.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Options\additional_settings.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Options\additional_settings.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Options\alerts_setting.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Options\alerts_setting.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Options\personal_components.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Options\personal_components.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Options\predefined_components.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Options\predefined_components.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Options\useful_components.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Options\useful_components.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\128.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\128.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\128g.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\128g.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\ajax-loader.gif->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\ajax-loader.gif.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\arrow_down.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\arrow_down.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\colapse.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\colapse.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\Collapse.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\Collapse.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\endSeperator.gif->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\endSeperator.gif.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\expend.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\expend.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icon.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icon.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\options_acc_collapse.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\options_acc_collapse.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\options_acc_expand.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\options_acc_expand.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\options_acc_item_bg.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\options_acc_item_bg.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\options_acc_item_bg_hover.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\options_acc_item_bg_hover.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\options_button_bg_green.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\options_button_bg_green.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\options_button_bg_orange.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\options_button_bg_orange.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\overBtn.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\overBtn.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\pixelon.gif->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\pixelon.gif.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\seperator.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\seperator.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\shadow_list.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\shadow_list.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\shadow_list_.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\shadow_list_.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\Thumbs.db->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\Thumbs.db.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\rssItem\noImage.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\rssItem\noImage.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\popup\main_menu_about.gif->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\popup\main_menu_about.gif.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\popup\main_menu_contact.gif->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\popup\main_menu_contact.gif.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\popup\main_menu_help.gif->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\popup\main_menu_help.gif.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\popup\main_menu_hide.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\popup\main_menu_hide.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\popup\main_menu_privacy.gif->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\popup\main_menu_privacy.gif.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\popup\main_menu_refresh.gif->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\popup\main_menu_refresh.gif.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\popup\main_menu_show.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\popup\main_menu_show.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\popup\main_menu_tell_a_friend.gif->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\popup\main_menu_tell_a_friend.gif.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\popup\main_menu_upgrade.gif->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\popup\main_menu_upgrade.gif.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\addApp.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\addApp.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\delete.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\delete.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\delete_blue.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\delete_blue.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\delete_grey.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\delete_grey.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\delete_hover.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\delete_hover.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\delete_press.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\delete_press.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\read.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\read.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\read_hover.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\read_hover.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\read_press.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\read_press.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\read_reg.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\read_reg.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\refresh.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\refresh.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\refresh_hover.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\refresh_hover.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\refresh_press.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\refresh_press.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\refresh_reg.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\refresh_reg.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\small_arrow.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\small_arrow.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\small_arrowRTL.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\small_arrowRTL.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\trans.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\trans.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\unread.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\unread.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\unread_hover.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\unread_hover.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\unread_press.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\unread_press.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\unread_reg.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\unread_reg.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\0.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\0.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\1.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\1.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\10.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\10.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\11.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\11.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\12.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\12.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\2.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\2.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\3.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\3.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\4.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\4.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\5.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\5.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\6.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\6.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\7.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\7.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\8.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\8.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\9.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\useful_components\9.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\urlGadget\close_hover.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\urlGadget\close_hover.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\urlGadget\close_normal.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\urlGadget\close_normal.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\urlGadget\info_hover.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\urlGadget\info_hover.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\urlGadget\info_normal.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\urlGadget\info_normal.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\urlGadget\minimize_hover.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\urlGadget\minimize_hover.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\urlGadget\minimize_normal.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\urlGadget\minimize_normal.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\urlGadget\snap_hover.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\urlGadget\snap_hover.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\urlGadget\snap_normal.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\icons\urlGadget\snap_normal.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\bak.gif->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\bak.gif.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\searchBox\searchMe.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\searchBox\searchMe.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\searchBox\searchMe_rtl.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\searchBox\searchMe_rtl.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\searchBox\search_center_over.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\searchBox\search_center_over.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\searchBox\search_left_over.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\searchBox\search_left_over.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\searchBox\search_right_over.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\searchBox\search_right_over.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\down_active.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\down_active.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\down_disable.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\down_disable.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\down_over_on.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\down_over_on.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\image_box.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\image_box.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\noimage_box.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\noimage_box.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\option_layer.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\option_layer.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\point_select.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\point_select.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\scroll_back.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\scroll_back.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\scroll_bar_center.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\scroll_bar_center.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\scroll_bar_end.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\scroll_bar_end.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\scroll_bar_start.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\scroll_bar_start.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\scroll_down.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\scroll_down.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\scroll_down_on.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\scroll_down_on.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\scroll_up.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\scroll_up.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\scroll_up_on.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\scroll_up_on.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\shadow_list.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\shadow_list.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\up_active.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\up_active.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\up_disable.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\up_disable.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\up_over_on.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\rssItem\up_over_on.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\ifarme\blackToWhite.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\ifarme\blackToWhite.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\ifarme\whiteToBlack.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\ifarme\whiteToBlack.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\icons\about_icon.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\icons\about_icon.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\icons\delete_s.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\icons\delete_s.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\icons\read_s.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\icons\read_s.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\icons\shevronLeft.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\icons\shevronLeft.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\icons\shevronRight.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\icons\shevronRight.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\icons\unread_s.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\icons\unread_s.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\dyamincMenu\backstrip.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\dyamincMenu\backstrip.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\dyamincMenu\overstrip.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Media\base64\dyamincMenu\overstrip.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\clicksHandler.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\clicksHandler.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\contentScript.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\contentScript.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\everypage_early.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\everypage_early.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\options.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\options.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\services\translation\translation_fallback.json->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\services\translation\translation_fallback.json.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\services\alerts\alerts.view.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\services\alerts\alerts.view.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\services\alerts\alerts.view.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\services\alerts\alerts.view.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\services\alerts\alerts.view.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\services\alerts\alerts.view.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\popup\view\popup.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\popup\view\popup.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\popup\view\popup.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\popup\view\popup.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\popup\view\popup.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\popup\view\popup.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\popup\view\popupShow.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\popup\view\popupShow.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\model\model.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\model\model.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\lib\jquery-ui-accordion.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\lib\jquery-ui-accordion.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\lib\jquery-ui.custom.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\lib\jquery-ui.custom.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\lib\jquery.additions.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\lib\jquery.additions.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\lib\jquery.batchImageLoad.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\lib\jquery.batchImageLoad.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\lib\jquery.bdc.ddmenu.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\lib\jquery.bdc.ddmenu.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\lib\jquery.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\lib\jquery.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\lib\jquery.mousewheel.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\lib\jquery.mousewheel.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\lib\jsonStringify.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\lib\jsonStringify.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\lib\pure.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\lib\pure.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\lib\xml2json.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\lib\xml2json.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\xmlMenu\view\xmlMenu.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\xmlMenu\view\xmlMenu.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\xmlMenu\view\xmlMenu.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\xmlMenu\view\xmlMenu.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\xmlMenu\view\xmlMenu.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\xmlMenu\view\xmlMenu.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\urlGadget\view\urlGadget.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\urlGadget\view\urlGadget.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\urlGadget\view\urlGadget.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\urlGadget\view\urlGadget.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\urlGadget\view\urlGadget.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\urlGadget\view\urlGadget.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\multiRssItem\view\MultiRssItem.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\multiRssItem\view\MultiRssItem.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\multiRssItem\view\MultiRssItem.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\multiRssItem\view\MultiRssItem.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\multiRssItem\view\multiRssItem.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\multiRssItem\view\multiRssItem.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\menuPanel\view\menuPanel.htm->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\menuPanel\view\menuPanel.htm.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\menuPanel\view\menuPanel.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\menuPanel\view\menuPanel.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\dynamicMenu\view\dynamicMenu.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\dynamicMenu\view\dynamicMenu.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\dynamicMenu\view\dynamicMenu.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\dynamicMenu\view\dynamicMenu.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\dynamicMenu\view\dynamicMenu.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\dynamicMenu\view\dynamicMenu.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\contextMenu\view\contextMenu.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\contextMenu\view\contextMenu.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\container\container.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\container\container.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\container\container.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\container\container.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\container\container.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\container\container.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\components\view\InjectScript\ticker.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\components\view\InjectScript\ticker.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\about\about.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\about\about.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\about\about.htm->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\about\about.htm.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\about\about.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\items\about\about.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\css\ctbmain.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\css\ctbmain.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\controller\controller.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\controller\controller.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\API\component\view\BrowserCompApi.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\js\API\component\view\BrowserCompApi.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Css\about.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Css\about.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Css\chromeMain.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Css\chromeMain.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Css\ctbMain.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Css\ctbMain.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Css\ddmenu.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Css\ddmenu.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Css\gmail.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Css\gmail.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Css\logoMenu.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Css\logoMenu.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Css\options.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Css\options.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Css\safariMain.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Css\safariMain.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Css\searchEngine.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Css\searchEngine.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Css\searchHistory.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.2.4_0\Css\searchHistory.css.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\manifest.json->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\manifest.json.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\background.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\background.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\cExtensionData.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\cExtensionData.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\Creative.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\Creative.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\delegate.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\delegate.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\EventLog.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\EventLog.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\jquery-1.7.1.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\jquery-1.7.1.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\Main.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\Main.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\settings.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\settings.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\Storage.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\Storage.js.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\images\back.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\images\back.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\images\icon.128.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\images\icon.128.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\images\icon.16.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\images\icon.16.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\images\icon.48.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\images\icon.48.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\images\icon.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\images\icon.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\images\logo.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\images\logo.png.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\html\background.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\html\background.html.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\css\style.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\css\style.css.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Toolbar\Facebook\http___facebook_conduit-services_com_Settings_ashx_locale=de&browserType=IE&toolbarVersion=6_8_2_0.xml->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Toolbar\Facebook\http___facebook_conduit-services_com_Settings_ashx_locale=de&browserType=IE&toolbarVersion=6_8_2_0.xml.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Toolbar\Facebook\http___facebook_conduit-services_com_Settings_ashx_locale=de&browserType=IE&toolbarVersion=6_8_5_1.xml->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Toolbar\Facebook\http___facebook_conduit-services_com_Settings_ashx_locale=de&browserType=IE&toolbarVersion=6_8_5_1.xml.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\LanguagePacks\en.xml->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\LanguagePacks\en.xml.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_1241896_1237569_AT.xml->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_1241896_1237569_AT.xml.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\DialogsAPI.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\DialogsAPI.js.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\PIE.htc->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\PIE.htc.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\settings.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\settings.js.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\version.txt->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\version.txt.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\AppNotification.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\AppNotification.js.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\initialNotification.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\initialNotification.html.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\main.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\main.html.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyle.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyle.css.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyleIE9.css->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyleIE9.css.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\sampleNotification.html->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\sampleNotification.html.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\close.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\close.png.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\like.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\like.png.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next.png.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next_hover.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next_hover.png.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\powered-by.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\powered-by.png.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev.png.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev_hover.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev_hover.png.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\settings.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\settings.png.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Thumbs.db->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Thumbs.db.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\close.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\close.png.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Next.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Next.png.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Next_hover.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Next_hover.png.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\powered-by.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\powered-by.png.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Prev.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Prev.png.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Prev_hover.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Prev_hover.png.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\settings.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\settings.png.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Thumbs.db->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Thumbs.db.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\close.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\close.png.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\Next.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\Next.png.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\Next_hover.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\Next_hover.png.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\powered-by.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\powered-by.png.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\Prev.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\Prev.png.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\Prev_hover.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\Prev_hover.png.vir
C:\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\settings.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\settings.png.vir
C:\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\1367551239.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\1367551239.png.vir
C:\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\1453404897.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\1453404897.png.vir
C:\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\152609663.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\152609663.png.vir
C:\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\18040907.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\18040907.png.vir
C:\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\335139844.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\335139844.png.vir
C:\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\424297506.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\424297506.png.vir
C:\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\713105003.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\713105003.png.vir
C:\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\796272953.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\796272953.png.vir
C:\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\839246668.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\839246668.png.vir
C:\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\contact.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\contact.png.vir
C:\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\default_search_button.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\default_search_button.png.vir
C:\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\default_search_provider12.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\default_search_provider12.png.vir
C:\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\default_search_provider16.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\default_search_provider16.png.vir
C:\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\default_seperator.ico->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\default_seperator.ico.vir
C:\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\help.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\help.png.vir
C:\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\home.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\home.png.vir
C:\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\refresh.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\refresh.png.vir
C:\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\settings.ini->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\settings.ini.vir
C:\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\shrink.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\shrink.png.vir
C:\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\stbcfg.bin->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\stbcfg.bin.vir
C:\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\upgrade.png->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar\upgrade.png.vir
C:\Users\Rainer\AppData\LocalLow\SimplyTech\Toolbar\settings.ini->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\LocalLow\SimplyTech\Toolbar\settings.ini.vir
C:\Users\Rainer\AppData\Roaming\DownTangoFTToolbar\DownTangoFTToolbar.dll->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Roaming\DownTangoFTToolbar\DownTangoFTToolbar.dll.vir
C:\Users\Rainer\AppData\Roaming\OpenCandy\C1963857A8F54418B60CA236E3BAA02A\driverscannerROE.exe->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Roaming\OpenCandy\C1963857A8F54418B60CA236E3BAA02A\driverscannerROE.exe.vir
C:\Users\Rainer\AppData\Roaming\OpenCandy\9389B1F0C9EC44FEB5465CFB8E568E2A\5151.ico->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Roaming\OpenCandy\9389B1F0C9EC44FEB5465CFB8E568E2A\5151.ico.vir
C:\Users\Rainer\AppData\Roaming\OpenCandy\9389B1F0C9EC44FEB5465CFB8E568E2A\EBB77268-338F-4C6A-8590-AD88FED26F4A->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Roaming\OpenCandy\9389B1F0C9EC44FEB5465CFB8E568E2A\EBB77268-338F-4C6A-8590-AD88FED26F4A.vir
C:\Users\Rainer\AppData\Roaming\OpenCandy\9389B1F0C9EC44FEB5465CFB8E568E2A\findr.xml->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Roaming\OpenCandy\9389B1F0C9EC44FEB5465CFB8E568E2A\findr.xml.vir
C:\Users\Rainer\AppData\Roaming\OpenCandy\9389B1F0C9EC44FEB5465CFB8E568E2A\OCBrowserHelper_1.0.4.106.dll->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Roaming\OpenCandy\9389B1F0C9EC44FEB5465CFB8E568E2A\OCBrowserHelper_1.0.4.106.dll.vir
C:\END->C:\AdwCleaner\Quarantine\C\END.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaangaohdajkgeopjhpbnlpkehbhmbj_0.localstorage-journal->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaangaohdajkgeopjhpbnlpkehbhmbj_0.localstorage-journal.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fdloijijlkoblmigdofommgnheckmaki_0.localstorage->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fdloijijlkoblmigdofommgnheckmaki_0.localstorage.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fdloijijlkoblmigdofommgnheckmaki_0.localstorage-journal->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fdloijijlkoblmigdofommgnheckmaki_0.localstorage-journal.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hempmfkijmahkaddljkmchcmjbojoedl_0.localstorage->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hempmfkijmahkaddljkmchcmjbojoedl_0.localstorage.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hempmfkijmahkaddljkmchcmjbojoedl_0.localstorage-journal->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hempmfkijmahkaddljkmchcmjbojoedl_0.localstorage-journal.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mpieaakhacmfleokhjcjnpcnmnmpfkid_0.localstorage->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mpieaakhacmfleokhjcjnpcnmnmpfkid_0.localstorage.vir
C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mpieaakhacmfleokhjcjnpcnmnmpfkid_0.localstorage-journal->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mpieaakhacmfleokhjcjnpcnmnmpfkid_0.localstorage-journal.vir
C:\Users\Rainer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Goodgame Empire.lnk->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Goodgame Empire.lnk.vir
C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\findr.xml->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\findr.xml.vir
C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\Web Search.xml->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\Web Search.xml.vir
C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\Web Search.xml->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\Web Search.xml.vir
C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\yahoo_ff.xml->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\yahoo_ff.xml.vir
C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js.vir
C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js.vir
C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\browsermngr_extensions.sqlite->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\browsermngr_extensions.sqlite.vir
C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\browsermngr_prefs.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\browsermngr_prefs.js.vir
C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\searchplugins\trovi-search.xml->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\searchplugins\trovi-search.xml.vir
C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\searchplugins\Web Search.xml->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\searchplugins\Web Search.xml.vir
C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\searchplugins\Web Search.xml->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\searchplugins\Web Search.xml.vir
C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\user.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\user.js.vir
C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\user.js->C:\AdwCleaner\Quarantine\C\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\user.js.vir
         
__________________

Alt 20.10.2015, 14:47   #4
stoandl
 
blau unterstrichenes Wort mit grünem Pfeil rechts oben - Standard

blau unterstrichenes Wort mit grünem Pfeil rechts oben



Code:
ATTFilter
# AdwCleaner v5.014 - Bericht erstellt am 20/10/2015 um 11:29:00
# Aktualisiert am 18/10/2015 von Xplode
# Datenbank : 2015-10-18.5 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Rainer - RAINER-LT
# Gestartet von : D:\Rainer\Downloads\adwcleaner_5.014.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files (x86)\Conduit
[-] Ordner Gelöscht : C:\Program Files (x86)\fbphotozoom
[-] Ordner Gelöscht : C:\Program Files (x86)\Gophoto.it
[-] Ordner Gelöscht : C:\Program Files (x86)\Red Sky
[-] Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
[-] Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
[-] Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB
[-] Ordner Gelöscht : C:\ProgramData\Browser Manager
[-] Ordner Gelöscht : C:\Users\Rainer\AppData\Local\apn
[-] Ordner Gelöscht : C:\Users\Rainer\AppData\Local\Conduit
[-] Ordner Gelöscht : C:\Users\Rainer\AppData\Local\DownTango
[-] Ordner Gelöscht : C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj
[-] Ordner Gelöscht : C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki
[-] Ordner Gelöscht : C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl
[-] Ordner Gelöscht : C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid
[-] Ordner Gelöscht : C:\Users\Rainer\AppData\LocalLow\Conduit
[-] Ordner Gelöscht : C:\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar
[-] Ordner Gelöscht : C:\Users\Rainer\AppData\LocalLow\Funmoods
[-] Ordner Gelöscht : C:\Users\Rainer\AppData\LocalLow\SimplyTech
[-] Ordner Gelöscht : C:\Users\Rainer\AppData\Roaming\DownTangoFTToolbar
[-] Ordner Gelöscht : C:\Users\Rainer\AppData\Roaming\GrabPro
[-] Ordner Gelöscht : C:\Users\Rainer\AppData\Roaming\OpenCandy
[-] Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\END
[-] Datei Gelöscht : C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaangaohdajkgeopjhpbnlpkehbhmbj_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fdloijijlkoblmigdofommgnheckmaki_0.localstorage
[-] Datei Gelöscht : C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fdloijijlkoblmigdofommgnheckmaki_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hempmfkijmahkaddljkmchcmjbojoedl_0.localstorage
[-] Datei Gelöscht : C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hempmfkijmahkaddljkmchcmjbojoedl_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mpieaakhacmfleokhjcjnpcnmnmpfkid_0.localstorage
[-] Datei Gelöscht : C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mpieaakhacmfleokhjcjnpcnmnmpfkid_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Rainer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Goodgame Empire.lnk
[-] Datei Gelöscht : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\findr.xml
[-] Datei Gelöscht : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\Web Search.xml
[-] Datei Gelöscht : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\Web Search.xml
[-] Datei Gelöscht : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\yahoo_ff.xml
[-] Datei Gelöscht : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js
[-] Datei Gelöscht : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js
[-] Datei Gelöscht : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\browsermngr_extensions.sqlite
[-] Datei Gelöscht : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\browsermngr_prefs.js
[-] Datei Gelöscht : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\searchplugins\trovi-search.xml
[-] Datei Gelöscht : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\searchplugins\Web Search.xml
[-] Datei Gelöscht : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\searchplugins\Web Search.xml
[-] Datei Gelöscht : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\user.js
[-] Datei Gelöscht : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\user.js

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****


***** [ Registrierungsdatenbank ] *****

[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
[-] Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Search Protection]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\hempmfkijmahkaddljkmchcmjbojoedl
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{363F46BE-27B4-4C8D-99E7-B1E049B84376}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{90A9B7D2-3794-45EA-9E23-140E3938D2D9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A753A1EC-973E-4718-AF8E-A3F554D45C44}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02AFA80F-4BEE-41FD-8572-214B58A9EF90}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{03aef176-6207-4c74-9044-eaf653cd7041}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}]
[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
[-] Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
[-] Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{71588120-FC17-4463-B07D-2C71FE6E057B}
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\APN
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\Ask.com
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AskToolbar
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\BrowserMngr
[-] Schlüssel Gelöscht : HKCU\Software\1ClickDownload
[-] Schlüssel Gelöscht : HKCU\Software\APN PIP
[-] Schlüssel Gelöscht : HKCU\Software\Ciuvo
[-] Schlüssel Gelöscht : HKCU\Software\Conduit
[-] Schlüssel Gelöscht : HKCU\Software\InstallCore
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\ProtectedSearch
[-] Schlüssel Gelöscht : HKCU\Software\SearchProtectINT
[-] Schlüssel Gelöscht : HKCU\Software\Softonic
[-] Schlüssel Gelöscht : HKCU\Software\SweetIM
[-] Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Search Protection
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\simplytech
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Video-Saver-1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\BrowserMngr
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\DownTango
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\SweetIM
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Protection
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\1ClickDownload
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\APN PIP
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Ciuvo
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Conduit
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\InstallCore
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\OCS
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\ProtectedSearch
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\SearchProtectINT
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Softonic
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\SweetIM
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\YahooPartnerToolbar
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\AppDataLow\Toolbar
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\AppDataLow\Software\Conduit
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\AppDataLow\Software\ConduitSearchScopes
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\AppDataLow\Software\Search Protection
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\AppDataLow\Software\simplytech
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\AppDataLow\Software\Video-Saver-1
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]
[-] Daten Wiederhergestellt : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Search [Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Search [Search Bar]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Search [Search Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
[-] Daten Wiederhergestellt : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main [Start Page]
[!] Schlüssel Nicht Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
[!] Schlüssel Nicht Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
[!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{71588120-FC17-4463-B07D-2C71FE6E057B}
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}

***** [ Internetbrowser ] *****

[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultengine", "Web Search");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js] [Preference] Gelöscht : user_pref("browser.search.order.1", "Web Search");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js] [Preference] Gelöscht : user_pref("browser.startup.homepage", "hxxps://at.search.yahoo.com/?type=903578&fr=spigot-yhp-ff");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("DownTangoFTToolbar_2937.global.CurrentLanguageSelection", "English");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("DownTangoFTToolbar_2937.global.CurrentNavigationSelection", "Current window");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("DownTangoFTToolbar_2937.global.CurrentSearchEngineSelection", "US: United States of America");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("DownTangoFTToolbar_2937.global.UpdateTime", "1354117208950");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("DownTangoFTToolbar_2937.global.userEnable", true);
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("DownTangoFTToolbar_2937.global.userID", "fa550e7f137e5703ace5f9d1b6101a5f");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultthis.engineName", "BittorrentBar_DE Customized Web Search");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2849855&SearchSource=3&q={searchTerms}");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.BabylonToolbar.admin", false);
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.BabylonToolbar.aflt", "babsst");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.BabylonToolbar.dfltLng", "en");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.BabylonToolbar.excTlbr", false);
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.BabylonToolbar.id", "5611f8ee000000000000904ce5d0ecb8");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.BabylonToolbar.instlDay", "15566");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.BabylonToolbar.instlRef", "sst");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://www.google.com/search?babsrc=TB_ggl&q=");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.BabylonToolbar.vrsn", "1.6.4.6");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.BabylonToolbar.vrsni", "1.6.4.6");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.BabylonToolbar_i.babExt", "");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=113480&tt=120812_bandext_3312_7");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.4.621:00:07");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.enabledItems", "{dfd152f0-c8a6-4f64-b718-447478d15496}:1.0,helperbar@helperbar.com:1.0,{b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"[...]
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.SimilarSitesStorage-pid2", "c0b88a4145b9e11f");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.admin", false);
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.aflt", "nv1");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.brwsrsrc", "ietlbr");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.cntry", "AT");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.cv", "cv5");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.dfltLng", "EN");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.dfltSrch", true);
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.dfltlng", "EN");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.dfltsrch", true);
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.excTlbr", false);
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.hdrMd5", "1A12F84DEC51DFD53922C7D8196315AE");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.hmpg", true);
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.hrdid", "5611f8ee000000000000904ce5d0ecb8");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.id", "5611f8ee000000000000904ce5d0ecb8");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.instlDay", "15446");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.instlRef", "");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.instlday", "15446");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.instlref", "");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.isDcmntCmplt", false);
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.keywordurl", "");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.lastVrsnTs", "1.5.11.1622:09:00");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.newTab", true);
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=nv1");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.newtab", true);
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.newtaburl", "hxxp://start.funmoods.com/?f=2&a=nv1");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.noFFXTlbr", false);
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.prdct", "funmoods");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.prtnrId", "funmoods");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.prtnrid", "funmoods");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.sg", "none");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.smplGrp", "none");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.smplgrp", "none");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.srch", "");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.srchPrvdr", "Search");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.srchprvdr", "Search");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.tlbrId", "base");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=nv1&q=");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.tlbrid", "base");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.tlbrsrchurl", "hxxp://start.funmoods.com/results.php?f=3&a=nv1&q=");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.vrsn", "1.5.11.16");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.vrsnTs", "1.5.11.1622:09:00");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.vrsni", "1.5.11.16");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods.vrsnts", "1.5.11.1622:09:00");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods_i.aflt", "nv1");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods_i.dfltLng", "");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods_i.dfltSrch", true);
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods_i.dnsErr", true);
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods_i.excTlbr", false);
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods_i.hmpg", true);
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods_i.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=nv1");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods_i.id", "5611f8ee000000000000904ce5d0ecb8");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods_i.instlDay", "15446");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods_i.instlRef", "");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods_i.newTab", true);
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods_i.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=nv1");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods_i.prdct", "funmoods");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods_i.prtnrId", "funmoods");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods_i.smplGrp", "none");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods_i.srchPrvdr", "Search");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods_i.tlbrId", "base");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods_i.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=nv1&q=");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods_i.vrsn", "1.5.11.16");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods_i.vrsnTs", "1.5.11.1622:09:00");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.funmoods_i.vrsni", "1.5.11.16");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.BackPageActive", true);
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.Country", "Austria");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.DOWNLOADPROVIDER", "QuickOC");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.LastHiddenTime", 22799112);
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.PUBLISHER", "QuickOC");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", true);
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.UserID", "dfd152f0-c8a6-4f64-b718-447478d15496");
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.Visibility", false);
[-] [C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.helperbar.installationID", "dfd152f0-c8a6-4f64-b718-447478d15496");
[-] [C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : search.conduit.com
[-] [C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : Funmoods
[-] [C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : babylon.com

*************************

:: Winsock Einstellungen zurückgesetzt

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [37054 Bytes] ##########
         
Code:
ATTFilter
# AdwCleaner v5.014 - Bericht erstellt am 20/10/2015 um 11:27:01
# Aktualisiert am 18/10/2015 von Xplode
# Datenbank : 2015-10-18.5 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Rainer - RAINER-LT
# Gestartet von : D:\Rainer\Downloads\adwcleaner_5.014.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

Ordner Gefunden : C:\Program Files (x86)\Conduit
Ordner Gefunden : C:\Program Files (x86)\fbphotozoom
Ordner Gefunden : C:\Program Files (x86)\Gophoto.it
Ordner Gefunden : C:\Program Files (x86)\Red Sky
Ordner Gefunden : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Ordner Gefunden : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gefunden : C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB
Ordner Gefunden : C:\ProgramData\Browser Manager
Ordner Gefunden : C:\Users\Rainer\AppData\Local\apn
Ordner Gefunden : C:\Users\Rainer\AppData\Local\Conduit
Ordner Gefunden : C:\Users\Rainer\AppData\Local\DownTango
Ordner Gefunden : C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj
Ordner Gefunden : C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki
Ordner Gefunden : C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl
Ordner Gefunden : C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid
Ordner Gefunden : C:\Users\Rainer\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Rainer\AppData\LocalLow\DownTangoFTToolbar
Ordner Gefunden : C:\Users\Rainer\AppData\LocalLow\Funmoods
Ordner Gefunden : C:\Users\Rainer\AppData\LocalLow\SimplyTech
Ordner Gefunden : C:\Users\Rainer\AppData\Roaming\DownTangoFTToolbar
Ordner Gefunden : C:\Users\Rainer\AppData\Roaming\GrabPro
Ordner Gefunden : C:\Users\Rainer\AppData\Roaming\OpenCandy
Ordner Gefunden : C:\Windows\SysWOW64\SearchProtect

***** [ Dateien ] *****

Datei Gefunden : C:\END
Datei Gefunden : C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaangaohdajkgeopjhpbnlpkehbhmbj_0.localstorage-journal
Datei Gefunden : C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fdloijijlkoblmigdofommgnheckmaki_0.localstorage
Datei Gefunden : C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fdloijijlkoblmigdofommgnheckmaki_0.localstorage-journal
Datei Gefunden : C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hempmfkijmahkaddljkmchcmjbojoedl_0.localstorage
Datei Gefunden : C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hempmfkijmahkaddljkmchcmjbojoedl_0.localstorage-journal
Datei Gefunden : C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mpieaakhacmfleokhjcjnpcnmnmpfkid_0.localstorage
Datei Gefunden : C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mpieaakhacmfleokhjcjnpcnmnmpfkid_0.localstorage-journal
Datei Gefunden : C:\Users\Rainer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Goodgame Empire.lnk
Datei Gefunden : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\findr.xml
Datei Gefunden : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\Web Search.xml
Datei Gefunden : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\Web Search.xml
Datei Gefunden : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\yahoo_ff.xml
Datei Gefunden : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js
Datei Gefunden : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js
Datei Gefunden : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\browsermngr_extensions.sqlite
Datei Gefunden : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\browsermngr_prefs.js
Datei Gefunden : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\searchplugins\trovi-search.xml
Datei Gefunden : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\searchplugins\Web Search.xml
Datei Gefunden : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\searchplugins\Web Search.xml
Datei Gefunden : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\user.js
Datei Gefunden : C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\user.js

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Search Protection]
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\hempmfkijmahkaddljkmchcmjbojoedl
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{363F46BE-27B4-4C8D-99E7-B1E049B84376}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{90A9B7D2-3794-45EA-9E23-140E3938D2D9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{A753A1EC-973E-4718-AF8E-A3F554D45C44}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{02AFA80F-4BEE-41FD-8572-214B58A9EF90}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{03aef176-6207-4c74-9044-eaf653cd7041}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{71588120-FC17-4463-B07D-2C71FE6E057B}
Schlüssel Gefunden : HKU\.DEFAULT\Software\APN
Schlüssel Gefunden : HKU\.DEFAULT\Software\Ask.com
Schlüssel Gefunden : HKU\.DEFAULT\Software\AskToolbar
Schlüssel Gefunden : HKU\.DEFAULT\Software\BrowserMngr
Schlüssel Gefunden : HKCU\Software\1ClickDownload
Schlüssel Gefunden : HKCU\Software\APN PIP
Schlüssel Gefunden : HKCU\Software\Ciuvo
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\InstallCore
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\ProtectedSearch
Schlüssel Gefunden : HKCU\Software\SearchProtectINT
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\SweetIM
Schlüssel Gefunden : HKCU\Software\YahooPartnerToolbar
Schlüssel Gefunden : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gefunden : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Search Protection
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\simplytech
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Video-Saver-1
Schlüssel Gefunden : HKLM\SOFTWARE\BrowserMngr
Schlüssel Gefunden : HKLM\SOFTWARE\DownTango
Schlüssel Gefunden : HKLM\SOFTWARE\SweetIM
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Protection
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Schlüssel Gefunden : [x64] HKCU\Software\1ClickDownload
Schlüssel Gefunden : [x64] HKCU\Software\APN PIP
Schlüssel Gefunden : [x64] HKCU\Software\Ciuvo
Schlüssel Gefunden : [x64] HKCU\Software\Conduit
Schlüssel Gefunden : [x64] HKCU\Software\InstallCore
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\ProtectedSearch
Schlüssel Gefunden : [x64] HKCU\Software\SearchProtectINT
Schlüssel Gefunden : [x64] HKCU\Software\Softonic
Schlüssel Gefunden : [x64] HKCU\Software\SweetIM
Schlüssel Gefunden : [x64] HKCU\Software\YahooPartnerToolbar
Schlüssel Gefunden : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gefunden : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\AppDataLow\Toolbar
Schlüssel Gefunden : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\AppDataLow\Software\Search Protection
Schlüssel Gefunden : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\AppDataLow\Software\simplytech
Schlüssel Gefunden : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\AppDataLow\Software\Video-Saver-1
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://at.search.yahoo.com/?type=903578&fr=spigot-yhp-ie
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.snap.do/?publisher=QuickOC&dpid=QuickOC&co=AT&userid=dfd152f0-c8a6-4f64-b718-447478d15496&searchtype=ds&q={searchTerms}&installDate={installDate}
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.snap.do/?publisher=QuickOC&dpid=QuickOC&co=AT&userid=dfd152f0-c8a6-4f64-b718-447478d15496&searchtype=ds&q={searchTerms}&installDate={installDate}
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)] - hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s
Daten Gefunden : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.avira.com/?l=dis&o=APN10397&gct=hp&dc=EU&locale=de_AT
Daten Gefunden : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://at.search.yahoo.com/?type=903578&fr=spigot-yhp-ie
Daten Gefunden : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Search [Start Page] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
Daten Gefunden : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.snap.do/?publisher=QuickOC&dpid=QuickOC&co=AT&userid=dfd152f0-c8a6-4f64-b718-447478d15496&searchtype=ds&q={searchTerms}&installDate={installDate}
Daten Gefunden : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Search [Search Bar] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Search [Search Page] - hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
Daten Gefunden : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.snap.do/?publisher=QuickOC&dpid=QuickOC&co=AT&userid=dfd152f0-c8a6-4f64-b718-447478d15496&searchtype=ds&q={searchTerms}&installDate={installDate}
Daten Gefunden : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.avira.com/?l=dis&o=APN10397&gct=hp&dc=EU&locale=de_AT
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{71588120-FC17-4463-B07D-2C71FE6E057B}
Daten Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {71588120-FC17-4463-B07D-2C71FE6E057B}
Schlüssel Gefunden : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Schlüssel Gefunden : HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}

***** [ Internetbrowser ] *****

[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js] [Preference] Gefunden : user_pref("browser.search.defaultengine", "Web Search");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js] [Preference] Gefunden : user_pref("browser.search.order.1", "Web Search");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js] [Preference] Gefunden : user_pref("browser.startup.homepage", "hxxps://at.search.yahoo.com/?type=903578&fr=spigot-yhp-ff");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("DownTangoFTToolbar_2937.global.CurrentLanguageSelection", "English");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("DownTangoFTToolbar_2937.global.CurrentNavigationSelection", "Current window");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("DownTangoFTToolbar_2937.global.CurrentSearchEngineSelection", "US: United States of America");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("DownTangoFTToolbar_2937.global.UpdateTime", "1354117208950");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("DownTangoFTToolbar_2937.global.userEnable", true);
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("DownTangoFTToolbar_2937.global.userID", "fa550e7f137e5703ace5f9d1b6101a5f");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("browser.search.defaultthis.engineName", "BittorrentBar_DE Customized Web Search");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2849855&SearchSource=3&q={searchTerms}");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.BabylonToolbar.admin", false);
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.BabylonToolbar.aflt", "babsst");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.BabylonToolbar.dfltLng", "en");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.BabylonToolbar.excTlbr", false);
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.BabylonToolbar.id", "5611f8ee000000000000904ce5d0ecb8");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.BabylonToolbar.instlDay", "15566");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.BabylonToolbar.instlRef", "sst");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://www.google.com/search?babsrc=TB_ggl&q=");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.BabylonToolbar.vrsn", "1.6.4.6");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.BabylonToolbar.vrsni", "1.6.4.6");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.BabylonToolbar_i.babExt", "");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=113480&tt=120812_bandext_3312_7");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.4.621:00:07");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.enabledItems", "{dfd152f0-c8a6-4f64-b718-447478d15496}:1.0,helperbar@helperbar.com:1.0,{b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"[...]
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.SimilarSitesStorage-pid2", "c0b88a4145b9e11f");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.admin", false);
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.aflt", "nv1");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.brwsrsrc", "ietlbr");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.cntry", "AT");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.cv", "cv5");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.dfltLng", "EN");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.dfltSrch", true);
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.dfltlng", "EN");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.dfltsrch", true);
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.excTlbr", false);
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.hdrMd5", "1A12F84DEC51DFD53922C7D8196315AE");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.hmpg", true);
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.hrdid", "5611f8ee000000000000904ce5d0ecb8");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.id", "5611f8ee000000000000904ce5d0ecb8");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.instlDay", "15446");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.instlRef", "");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.instlday", "15446");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.instlref", "");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.isDcmntCmplt", false);
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.keywordurl", "");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.lastVrsnTs", "1.5.11.1622:09:00");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.newTab", true);
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=nv1");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.newtab", true);
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.newtaburl", "hxxp://start.funmoods.com/?f=2&a=nv1");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.noFFXTlbr", false);
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.prdct", "funmoods");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.prtnrId", "funmoods");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.prtnrid", "funmoods");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.sg", "none");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.smplGrp", "none");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.smplgrp", "none");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.srch", "");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.srchPrvdr", "Search");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.srchprvdr", "Search");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.tlbrId", "base");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=nv1&q=");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.tlbrid", "base");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.tlbrsrchurl", "hxxp://start.funmoods.com/results.php?f=3&a=nv1&q=");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.vrsn", "1.5.11.16");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.vrsnTs", "1.5.11.1622:09:00");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.vrsni", "1.5.11.16");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods.vrsnts", "1.5.11.1622:09:00");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods_i.aflt", "nv1");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods_i.dfltLng", "");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods_i.dfltSrch", true);
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods_i.dnsErr", true);
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods_i.excTlbr", false);
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods_i.hmpg", true);
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods_i.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=nv1");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods_i.id", "5611f8ee000000000000904ce5d0ecb8");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods_i.instlDay", "15446");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods_i.instlRef", "");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods_i.newTab", true);
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods_i.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=nv1");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods_i.prdct", "funmoods");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods_i.prtnrId", "funmoods");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods_i.smplGrp", "none");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods_i.srchPrvdr", "Search");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods_i.tlbrId", "base");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods_i.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=nv1&q=");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods_i.vrsn", "1.5.11.16");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods_i.vrsnTs", "1.5.11.1622:09:00");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.funmoods_i.vrsni", "1.5.11.16");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.helperbar.BackPageActive", true);
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.helperbar.Country", "Austria");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.helperbar.DOWNLOADPROVIDER", "QuickOC");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.helperbar.DockingPositionDown", false);
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.helperbar.LastHiddenTime", 22799112);
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.helperbar.PUBLISHER", "QuickOC");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.helperbar.SmartbarDisabled", true);
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.helperbar.UserID", "dfd152f0-c8a6-4f64-b718-447478d15496");
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.helperbar.Visibility", false);
[C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js] [Preference] Gefunden : user_pref("extensions.helperbar.installationID", "dfd152f0-c8a6-4f64-b718-447478d15496");
[C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : search.conduit.com
[C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : Funmoods
[C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : babylon.com

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [37811 Bytes] ##########
         

Alt 20.10.2015, 14:50   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
blau unterstrichenes Wort mit grünem Pfeil rechts oben - Standard

blau unterstrichenes Wort mit grünem Pfeil rechts oben



Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 20.10.2015, 16:08   #6
stoandl
 
blau unterstrichenes Wort mit grünem Pfeil rechts oben - Standard

blau unterstrichenes Wort mit grünem Pfeil rechts oben



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-10-2015
durchgeführt von Rainer (Administrator) auf RAINER-LT (20-10-2015 17:00:48)
Gestartet von D:\Rainer\Downloads
Geladene Profile: Rainer (Verfügbare Profile: Rainer)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(BitTorrent Inc.) C:\Users\Rainer\AppData\Roaming\uTorrent\uTorrent.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(BitTorrent Inc.) C:\Users\Rainer\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe
() C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(BitTorrent Inc.) C:\Users\Rainer\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files (x86)\Winamp\winampa.exe
(Apple Computer, Inc.) C:\Program Files (x86)\QuickTime\qttask.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dropbox, Inc.) C:\Users\Rainer\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_19_0_0_226_ActiveX.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [357376 2009-09-16] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-09] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3189016 2009-10-01] (Dell Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-17] (Dell Inc.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2184520 2009-07-27] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-09-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1779952 2009-07-07] ()
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [DellSupportCenter] => C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\Winampa.exe [12288 2003-04-17] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\qttask.exe [98304 2014-06-27] (Apple Computer, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [831192 2014-07-03] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-27] (AVAST Software)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-04-14] (Google Inc.)
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\Run: [uTorrent] => C:\Users\Rainer\AppData\Roaming\uTorrent\uTorrent.exe [1822048 2015-10-13] (BitTorrent Inc.)
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\Run: [Dropbox Update] => C:\Users\Rainer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {12e2a80b-456d-11df-a296-0026b9246c68} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {12e2a80d-456d-11df-a296-0026b9246c68} - G:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {56ce4137-4898-11e4-8255-0026b9246c68} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {56ce413a-4898-11e4-8255-0026b9246c68} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {74b8ed62-2f80-11df-99aa-0026b9246c68} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {74b8ed67-2f80-11df-99aa-0026b9246c68} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {74b8ee3c-2f80-11df-99aa-904ce5d0ecb8} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {a34f141c-ee5e-11e3-8674-0026b9246c68} - F:\ting.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {ad812746-7543-11e0-b888-b89966ac48a5} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {ad812749-7543-11e0-b888-b89966ac48a5} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {b678db16-fb85-11df-894f-b7f0a70929a3} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {b678db18-fb85-11df-894f-b7f0a70929a3} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {fd063144-dbb1-11df-b3f3-806e6f6e6963} - F:\AutoRun.exe
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-27] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-02-23]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-02-23]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-02-23]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk [2010-03-06]
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-25]
ShortcutTarget: Dropbox.lnk -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{F37501EF-480A-48FB-A8D4-07F950543BC4}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
URLSearchHook: HKLM-x32 - (Kein Name) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - Keine Datei
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {7610C2C4-E281-474E-B54C-8A78D5EB0EAC} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {F209670B-C5F9-4F55-82D5-0743DDF1B790} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {F209670B-C5F9-4F55-82D5-0743DDF1B790} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000 -> DefaultScope {55CEA815-23ED-41A3-A85D-E4AF53338B2A} URL = hxxps://at.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000 -> {55CEA815-23ED-41A3-A85D-E4AF53338B2A} URL = hxxps://at.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms}
BHO: Kein Name -> {7553EA3C-F8DA-4188-B7BC-956894EA54F5} -> Keine Datei
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-27] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13] (Safer-Networking Ltd.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Kein Name -> {7553EA3C-F8DA-4188-B7BC-956894EA54F5} -> Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-02] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-27] (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-02] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Kein Name - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} -  Keine Datei
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Keine Datei
Toolbar: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000 -> Kein Name - {64EAD72B-FFD4-4E01-AA3A-4C71665D73E4} -  Keine Datei
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Yahoo!
FF Homepage: hxxp://www.google.at/
FF Keyword.URL: hxxps://at.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=903578&p=
FF NetworkProxy: "http", "115.124.73.122"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll [2009-11-14] (DivX,Inc.)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll [2009-11-14] (DivX, Inc)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-09-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.7.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-09-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPAdbESD.dll [2006-10-03] (Adobe Systems Incorporated)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2008-06-11] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-06-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-06-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-06-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-06-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-06-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2014-06-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2014-06-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2010-01-12] (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\searchplugins\google-images.xml [2014-07-30]
FF SearchPlugin: C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\searchplugins\google-maps.xml [2014-07-30]
FF Extension: Avira Browser Safety - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\abs@avira.com [2015-05-28] [ist nicht signiert]
FF Extension: FoxyProxy Standard - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\foxyproxy@eric.h.jung [2015-05-29]
FF Extension: Proxy-Listen.de - Proxyswitcher - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\admin@proxy-listen.de.xpi [2015-03-14]
FF Extension: anonymoX - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\client@anonymox.net.xpi [2015-06-14]
FF Extension: YouTube Video and Audio Downloader - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2014-08-25]
FF Extension: 9kw Client (v1.66b2) - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\jid0-08QUFKHYKxeTWwjnxAvsJJVhLsk@jetpack.xpi [2014-09-02] [ist nicht signiert]
FF Extension: ProxMate - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2015-06-15]
FF Extension: Video DownloadHelper - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-15]
FF Extension: Adblock Plus - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-17]
FF Extension: Greasemonkey - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-12-06]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-11] [ist nicht signiert]
FF HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\extensions\cliqz@cliqz.com => nicht gefunden

Chrome: 
=======
CHR Profile: C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-11]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-27] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [405208 2014-07-03] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-07-03] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [773848 2014-07-03] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-12-18] (Stardock Corporation) [Datei ist nicht signiert]
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-09-20] (Nero AG)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-17] (Dell Inc.) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-27] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-27] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-07-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-27] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-27] (AVAST Software)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-07-03] (BlueStack Systems)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-20 17:00 - 2015-10-20 17:00 - 00000000 ____D C:\FRST
2015-10-20 15:27 - 2015-10-20 15:27 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-20 11:31 - 2015-10-20 11:31 - 00000056 _____ C:\Windows\setupact.log
2015-10-20 11:31 - 2015-10-20 11:31 - 00000000 _____ C:\Windows\setuperr.log
2015-10-20 11:26 - 2015-10-20 13:49 - 00000000 ____D C:\AdwCleaner
2015-10-15 19:56 - 2015-10-15 19:56 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-15 08:29 - 2015-09-18 21:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-15 08:29 - 2015-09-18 21:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-15 08:29 - 2015-09-18 21:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-15 08:29 - 2015-09-18 21:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-15 08:29 - 2015-09-18 21:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-15 08:29 - 2015-09-18 21:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-15 08:29 - 2015-09-18 21:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-14 08:57 - 2015-09-18 21:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-14 08:57 - 2015-09-18 20:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-14 08:57 - 2015-09-16 06:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-14 08:57 - 2015-09-16 06:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-14 08:57 - 2015-09-16 06:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-14 08:57 - 2015-09-16 06:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-14 08:57 - 2015-09-16 06:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-14 08:57 - 2015-09-16 06:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 08:57 - 2015-09-16 06:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-14 08:57 - 2015-09-16 06:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-14 08:57 - 2015-09-16 06:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-14 08:57 - 2015-09-16 06:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-14 08:57 - 2015-09-16 06:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-14 08:57 - 2015-09-16 06:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-14 08:57 - 2015-09-16 06:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 08:57 - 2015-09-16 06:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 08:57 - 2015-09-16 06:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-14 08:57 - 2015-09-16 06:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-14 08:57 - 2015-09-16 06:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-14 08:57 - 2015-09-16 06:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-14 08:57 - 2015-09-16 05:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-14 08:57 - 2015-09-16 05:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-14 08:57 - 2015-09-16 05:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 08:57 - 2015-09-16 05:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-14 08:57 - 2015-09-16 05:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-14 08:57 - 2015-09-16 05:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-14 08:57 - 2015-09-16 05:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-14 08:57 - 2015-09-16 05:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-14 08:57 - 2015-09-16 05:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-14 08:57 - 2015-09-16 05:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-14 08:57 - 2015-09-16 05:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-14 08:57 - 2015-09-16 05:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-14 08:57 - 2015-09-16 05:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-14 08:57 - 2015-09-16 05:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-14 08:57 - 2015-09-16 05:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-14 08:57 - 2015-09-16 05:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-14 08:57 - 2015-09-16 05:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-14 08:57 - 2015-09-16 05:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-14 08:57 - 2015-09-16 05:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-14 08:57 - 2015-09-16 05:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-14 08:57 - 2015-09-16 05:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-14 08:57 - 2015-09-16 05:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-14 08:57 - 2015-09-16 05:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-14 08:57 - 2015-09-16 05:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 08:57 - 2015-09-16 05:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-14 08:57 - 2015-09-16 05:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-14 08:57 - 2015-09-16 05:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-14 08:57 - 2015-09-16 05:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-14 08:57 - 2015-09-16 05:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-14 08:57 - 2015-09-16 05:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-14 08:57 - 2015-09-16 05:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-14 08:57 - 2015-09-16 05:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-14 08:57 - 2015-09-16 05:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-14 08:57 - 2015-09-16 05:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-14 08:57 - 2015-09-16 04:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-14 08:57 - 2015-09-16 04:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-14 08:57 - 2015-09-16 04:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-14 08:57 - 2015-09-16 04:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-14 08:57 - 2015-09-16 04:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-14 08:57 - 2015-09-16 04:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-14 08:57 - 2015-09-16 04:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-14 08:57 - 2015-09-16 04:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-14 08:57 - 2015-09-16 04:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-14 08:57 - 2015-09-16 04:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-14 08:20 - 2015-08-06 20:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 08:20 - 2015-08-06 20:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-14 08:20 - 2015-08-06 19:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-14 08:20 - 2015-08-06 19:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-14 08:09 - 2015-09-25 20:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-14 08:09 - 2015-09-25 20:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-14 08:09 - 2015-09-25 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-14 08:09 - 2015-09-25 20:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-14 08:09 - 2015-09-25 20:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-14 08:09 - 2015-09-25 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-14 08:09 - 2015-09-25 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-14 08:09 - 2015-09-25 20:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-14 08:09 - 2015-09-25 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-14 08:09 - 2015-09-25 20:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-14 08:09 - 2015-09-25 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-14 08:09 - 2015-09-25 19:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-14 08:09 - 2015-09-25 19:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-14 08:09 - 2015-09-25 19:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-14 08:09 - 2015-09-25 19:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-14 08:09 - 2015-09-25 19:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-14 08:08 - 2015-09-29 05:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 08:08 - 2015-09-29 05:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-14 08:08 - 2015-09-29 05:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-14 08:08 - 2015-09-29 05:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-14 08:08 - 2015-09-29 05:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-14 08:08 - 2015-09-29 05:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-14 08:08 - 2015-09-29 05:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-14 08:08 - 2015-09-29 05:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-14 08:08 - 2015-09-29 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-14 08:08 - 2015-09-29 05:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-14 08:08 - 2015-09-29 05:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-14 08:08 - 2015-09-29 05:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-14 08:08 - 2015-09-29 05:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-14 08:08 - 2015-09-29 05:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-14 08:08 - 2015-09-29 05:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-14 08:08 - 2015-09-29 05:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-14 08:08 - 2015-09-29 05:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-14 08:08 - 2015-09-29 05:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-14 08:08 - 2015-09-29 05:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-14 08:08 - 2015-09-29 04:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-14 08:08 - 2015-09-29 04:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-14 08:08 - 2015-09-29 04:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-14 08:08 - 2015-09-29 04:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-14 08:08 - 2015-09-29 04:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-14 08:08 - 2015-09-29 04:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-14 08:08 - 2015-09-29 04:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-14 08:08 - 2015-09-29 04:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-14 08:08 - 2015-09-29 04:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-14 08:08 - 2015-09-29 04:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-14 08:08 - 2015-09-29 04:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-14 08:08 - 2015-09-29 04:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-14 08:08 - 2015-09-29 04:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-14 08:08 - 2015-09-29 04:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-14 08:08 - 2015-09-29 04:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 03:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-14 08:08 - 2015-09-29 03:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-14 08:08 - 2015-09-29 03:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-14 08:08 - 2015-09-29 03:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-14 08:08 - 2015-09-29 03:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-14 08:08 - 2015-09-29 03:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 03:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 03:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 03:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-14 08:08 - 2015-09-15 20:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-14 08:08 - 2015-09-15 20:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-14 08:08 - 2015-09-15 20:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-14 08:08 - 2015-09-15 20:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-14 08:08 - 2015-09-15 20:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-14 08:08 - 2015-09-15 20:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-14 08:08 - 2015-09-15 20:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-14 08:08 - 2015-09-15 20:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-14 08:08 - 2015-09-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-14 08:08 - 2015-09-15 19:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-14 08:08 - 2015-09-15 19:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-14 08:08 - 2015-09-15 19:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-14 08:08 - 2015-09-15 19:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-14 08:07 - 2015-10-01 20:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-14 08:07 - 2015-10-01 20:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-14 08:07 - 2015-10-01 20:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 08:07 - 2015-10-01 20:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-14 08:07 - 2015-10-01 20:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-14 08:07 - 2015-10-01 20:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-14 08:07 - 2015-10-01 20:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 08:07 - 2015-10-01 19:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-14 08:07 - 2015-10-01 19:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-14 08:04 - 2015-07-18 15:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-13 13:08 - 2015-10-20 11:31 - 00000000 ____D C:\Users\Rainer\AppData\LocalLow\uTorrent
2015-10-03 01:29 - 2015-10-17 12:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-20 17:02 - 2012-08-15 21:53 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\uTorrent
2015-10-20 16:52 - 2015-06-17 07:41 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2826457522-3369242990-2985312288-1000UA.job
2015-10-20 16:19 - 2012-06-12 16:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-20 16:10 - 2010-04-14 17:30 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-20 16:03 - 2009-07-14 06:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-20 16:03 - 2009-07-14 06:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-20 15:27 - 2014-08-07 03:46 - 00000000 ___RD C:\Users\Rainer\Dropbox
2015-10-20 15:27 - 2014-08-07 03:42 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\Dropbox
2015-10-20 12:39 - 2013-06-08 12:24 - 01062347 _____ C:\Windows\WindowsUpdate.log
2015-10-20 11:32 - 2010-08-02 13:02 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-10-20 11:31 - 2010-04-14 17:30 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-20 11:31 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-20 08:19 - 2015-06-11 15:50 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-10-19 13:30 - 2009-07-14 19:58 - 00703192 _____ C:\Windows\system32\perfh007.dat
2015-10-19 13:30 - 2009-07-14 19:58 - 00150800 _____ C:\Windows\system32\perfc007.dat
2015-10-19 13:30 - 2009-07-14 07:13 - 01629348 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-17 14:19 - 2012-06-12 16:01 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-17 14:19 - 2012-06-12 16:01 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-17 14:19 - 2012-06-12 16:01 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-17 12:35 - 2012-05-04 10:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-16 21:52 - 2015-06-17 07:41 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2826457522-3369242990-2985312288-1000Core.job
2015-10-16 03:01 - 2014-12-12 04:30 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-16 03:01 - 2014-05-06 20:19 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-15 12:17 - 2014-08-01 17:43 - 00000000 ____D C:\Program Files (x86)\Skype
2015-10-15 10:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-10-14 22:33 - 2013-07-16 21:51 - 00000000 ____D C:\Windows\system32\MRT
2015-10-14 22:24 - 2010-05-11 21:40 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-14 22:24 - 2010-02-23 20:31 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-12 22:04 - 2012-11-05 16:58 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\Audacity
2015-10-12 13:56 - 2014-02-18 21:29 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\vlc
2015-10-10 14:24 - 2014-08-06 14:05 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\dvdcss
2015-10-09 07:07 - 2015-04-04 21:06 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-08 22:37 - 2015-04-04 21:06 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-01 17:22 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-09-24 15:43 - 2013-09-24 15:43 - 0077976 _____ (AppWork GmbH) C:\Program Files (x86)\WebInstallerJD2.exe
2013-09-24 18:09 - 2013-09-24 18:10 - 6571624 _____ (Bolide Software                                             ) C:\Program Files (x86)\wsr_setup.exe
2013-11-22 20:06 - 2013-11-22 20:31 - 0000709 _____ () C:\Users\Rainer\AppData\Roaming\AdobeDLM.log
2013-09-25 22:02 - 2013-09-25 22:02 - 0000046 _____ () C:\Users\Rainer\AppData\Roaming\Camdata.ini
2013-09-25 22:02 - 2013-09-25 22:02 - 0000408 _____ () C:\Users\Rainer\AppData\Roaming\CamLayout.ini
2013-09-25 22:02 - 2013-09-25 22:02 - 0000408 _____ () C:\Users\Rainer\AppData\Roaming\CamShapes.ini
2013-09-25 22:02 - 2013-09-25 22:02 - 0004510 _____ () C:\Users\Rainer\AppData\Roaming\CamStudio.cfg
2013-11-22 20:06 - 2013-11-22 20:17 - 0000466 _____ () C:\Users\Rainer\AppData\Roaming\dm.ini
2010-06-19 23:29 - 2011-03-07 11:56 - 1663512 _____ () C:\Users\Rainer\AppData\Roaming\mdbu.bin
2014-02-10 12:35 - 2014-02-10 12:34 - 0036375 ____N () C:\Users\Rainer\AppData\Roaming\uTorrent.torrent
2010-10-05 20:13 - 2015-08-11 17:23 - 0023040 _____ () C:\Users\Rainer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-08 12:24 - 2015-03-08 13:30 - 0001477 _____ () C:\Users\Rainer\AppData\Local\RecConfig.xml
2015-03-08 13:29 - 2015-03-08 13:29 - 0000040 _____ () C:\Users\Rainer\AppData\Local\tmp.no23
2010-03-15 21:07 - 2010-03-15 21:15 - 0000621 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
C:\Users\Rainer\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7pqsso.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-11 11:27

==================== Ende von FRST.txt ============================
         

Alt 20.10.2015, 16:08   #7
stoandl
 
blau unterstrichenes Wort mit grünem Pfeil rechts oben - Standard

blau unterstrichenes Wort mit grünem Pfeil rechts oben



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-10-2015
durchgeführt von Rainer (2015-10-20 17:02:41)
Gestartet von D:\Rainer\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2010-03-06 13:42:36)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2826457522-3369242990-2985312288-500 - Administrator - Disabled)
Gast (S-1-5-21-2826457522-3369242990-2985312288-501 - Limited - Disabled)
Rainer (S-1-5-21-2826457522-3369242990-2985312288-1000 - Administrator - Enabled) => C:\Users\Rainer

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 4 Master Collection (HKLM-x32\...\Adobe_5445c5ddd9a5c69582d3c1e2bba18f7) (Version: 4.0 - Adobe Systems Incorporated)
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Download Manager 2.2 (Remove Only) (HKLM-x32\...\AdobeESD) (Version: 2.2 - )
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Icon Handler x64 (Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader 9.1.2 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A91000000001}) (Version: 9.1.2 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Amazing Slow Downer (remove only) (HKLM-x32\...\Amazing Slow Downer) (Version:  - )
aMule (HKLM-x32\...\aMule) (Version:  - )
ATI Catalyst Control Center (HKLM-x32\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.009.0908.2224 - )
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software)
AVS Screen Capture version 2.0.1 (HKLM-x32\...\AVS Screen Capture_is1) (Version:  - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 8.3.2.533 - Online Media Technologies Ltd.)
AVS Video Recorder 2.5 (HKLM-x32\...\AVS Video Recorder_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video ReMaker 4.1.1.144 (HKLM-x32\...\AVS Video ReMaker_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.12.3119 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{1AFACC2A-9A60-43EF-ABDB-2CEECA5EA77F}) (Version: 0.8.12.3119 - BlueStack Systems, Inc.)
calibre 64bit (HKLM\...\{DF6697A2-7829-4E44-AEB8-667D86CB3472}) (Version: 1.8.0 - Kovid Goyal)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version:  - )
Canon MP550 series Benutzerregistrierung (HKLM-x32\...\Canon MP550 series Benutzerregistrierung) (Version:  - )
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version:  - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
ccc-core-static (x32 Version: 2009.0908.2225.38429 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.21 - Piriform)
CHIP Best Deal (HKLM-x32\...\{7553EA3C-F8DA-4188-B7BC-956894EA54F5}) (Version: 1.4.21 - Ciuvo GmbH)
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.33 - Abelssoft)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.0.1 - Cliqz.com)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.1.0029 - Dell, Inc.)
Dell Dock (HKLM\...\{E60B7350-EA5F-41E0-9D6F-E508781E36D2}) (Version: 2.0.0 - Dell)
Dell Driver Download Manager (HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Resource CD (HKLM-x32\...\{42929F0F-CE14-47AF-9FC7-FF297A603021}) (Version: 1.00.0000 - Ihr Firmenname)
Dell Support Center (Support Software) (HKLM-x32\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.5.09100 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.102.101.303 - ALPS ELECTRIC CO., LTD.)
Dell Wireless WLAN Card Utility (HKLM\...\Dell Wireless WLAN Card Utility) (Version: 5.30.21.0 - Dell Inc.)
Desktopicon Trends auf OTTO.de (HKLM\...\DesktopIconotto) (Version: 1.0.1 - )
DivX Codec (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.9.1 - DivX, Inc.)
DivX Converter (HKLM-x32\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Player (HKLM-x32\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 7.2.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Plus Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 2.0.0 - DivX,Inc.)
Dropbox (HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Finale 2009 (HKLM-x32\...\Finale 2009) (Version: 14.2.r3.0 - MakeMusic)
FormatFactory 2.30 (HKLM-x32\...\FormatFactory) (Version: 2.30 - Free Time)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free Audio Dub version 1.7.9.908 (HKLM-x32\...\Free Audio Dub_is1) (Version: 1.7.9.908 - DVDVideoSoft Ltd.)
Free DVD Video Converter version 2.0.13.128 (HKLM-x32\...\Free DVD Video Converter_is1) (Version: 2.0.13.128 - DVDVideoSoft Ltd.)
Free Google Books Downloader (HKLM-x32\...\{0E94F0E7-5575-4D92-B843-7DCB8E08D89C}) (Version: 1.3.1.0 - iWesoft)
Free Video Dub version 2.0.17.128 (HKLM-x32\...\Free Video Dub_is1) (Version: 2.0.17.128 - DVDVideoSoft Ltd.)
Garritan-Instrumente für Finale 2009 (HKLM\...\Garritan-Instrumente für Finale 2009_is1) (Version: v1.0.0.4 - Garritan)
Google Books Downloader version 2.3 (HKLM-x32\...\{216729B6-014A-F413-814F-F17F74FBA113}_is1) (Version: 2.3 - GBOOKSDOWNLOADER.COM)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HammerHead Rhythm Station (HKLM-x32\...\HammerHead Rhythm Station) (Version:  - )
HappyFoto-Designer 2.7 (HKLM-x32\...\HappyFoto-Designer_is1) (Version:  - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version:  - )
iZotope Vinyl (HKLM-x32\...\iZotope Vinyl_is1) (Version: 1.61 - iZotope, Inc.)
Java 7 Update 7 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.70 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Klavierakkorde 1.0.1 (HKLM-x32\...\Klavierakkorde_is1) (Version: 1.0.1 - AB-Tools.com)
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
Mein 3DataManager (HKLM-x32\...\3DataManager) (Version: 1.1.1 - Mein 3DataManager)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MIDI Klavier 1.0.1 (HKLM-x32\...\MIDI Klavier_is1) (Version:  - Felix Alter)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Native Instruments Traktor DJ Player (HKLM-x32\...\Native Instruments Traktor DJ Player) (Version:  - )
Nero 8 (HKLM-x32\...\{B944FA21-81AF-4A77-8328-CE4F4CC51031}) (Version: 8.10.20 - Nero AG)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.5424 - CyberLink Corp.)
PriMus Free 1.1 (Build 10791) (HKLM-x32\...\PriMus Free_is1) (Version: 1.1.0.10791 - Columbus Soft)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.6.11 - Dell Inc.)
QuickTime (HKLM-x32\...\QuickTime) (Version:  - )
RAD Video Tools (HKLM-x32\...\RADVideo) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5951 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.01 - Roxio)
SDP Downloader (HKLM-x32\...\{B547CB8D-549A-436E-97B5-E79F911B11E2}) (Version: 2.3.0 - SDP Multimedia)
Skins (x32 Version: 2009.0908.2225.38429 - ATI) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
smartmontools (HKLM-x32\...\smartmontools) (Version: 6.2 2013-07-26 r3841 (sf-6.2-1) - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.12 - Safer-Networking Ltd.)
SqrSoft® Advanced Crossfading (remove only) (HKLM-x32\...\SqrSoftACF) (Version:  - )
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 5 (HKLM-x32\...\TeamViewer 5) (Version: 5.1.9385  - TeamViewer GmbH)
TEFView 2.74 (HKLM-x32\...\TEFView_is1) (Version:  - TablEdit)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9603 - Broadcom Corporation)
Winamp (nur entfernen) (HKLM-x32\...\Winamp) (Version:  - )
Winamp Anwendungserkennung (HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows-Treiberpaket - Nokia Modem  (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows-Treiberpaket - Nokia Modem  (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
XviD MPEG-4 Codec (HKLM-x32\...\XviD) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

20-10-2015 08:26:30 Windows Update

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2010-06-16 21:31 - 00001302 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0A6E3CC9-9914-4353-AE3C-14DDA368CCF9} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2826457522-3369242990-2985312288-1000Core => C:\Users\Rainer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {1B01BE88-8E3F-4627-86A6-A260E8EFE898} - System32\Tasks\{37B9D076-9546-4F64-8165-24FDF94587E2} => C:\Program Files (x86)\Google Books Downloader\gbooks.exe [2013-01-04] ()
Task: {2818BB42-F2E6-4F71-BF42-8CBBFFF496C5} - System32\Tasks\{54F7E167-A775-472C-9E9A-3BA7591EAB10} => pcalua.exe -a D:\Rainer\Downloads\slowmewp.exe -d D:\Rainer\Downloads
Task: {30E7CD2B-96A2-44E5-B486-984F386B70A6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2012-11-13] (Safer-Networking Ltd.)
Task: {3C03C105-3646-41EE-8611-4101F45764C0} - System32\Tasks\{69576AAD-15E6-4D69-AFD4-EFBD590C1498} => pcalua.exe -a E:\setup.exe -d E:\
Task: {4AED2B42-3617-475B-8ABC-9A14FF6218B9} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {4D3A58F8-30EF-4DAA-B1A2-E906940EFD34} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2015-09-18] (Microsoft Corporation)
Task: {4F359348-B493-4617-846C-1BF3A99FBC44} - System32\Tasks\D1234567\Administrator - Start WLAN Tray Applet => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE [2009-07-17] (Dell Inc.)
Task: {60654141-BBDD-42F7-BE50-C0B5429AFF4D} - System32\Tasks\{78651D5B-FC4B-4EC1-BE77-E1121C2F84B3} => C:\Program Files (x86)\eMule\emule.exe [2010-04-07] (hxxp://www.emule-project.net)
Task: {66E2E49F-CFD2-4D64-8EBB-A4C79FC4C36D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-07-24] (Piriform Ltd)
Task: {68FDE400-7F11-4B07-9EA2-02B2B6A93159} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {701F67FC-20EF-4BEA-B21C-D9C808AF7AA5} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {76BF5194-7D1A-48CB-96D6-C89AFCF1630C} - System32\Tasks\{65D085D6-36A0-46C5-B50C-88CAC67C181A} => C:\Program Files (x86)\eMule\emule.exe [2010-04-07] (hxxp://www.emule-project.net)
Task: {76D9939B-9061-477D-B0B3-1D15A4241BFA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {7774C3F1-E9E7-4D44-A7A7-576E2F58F338} - System32\Tasks\{B65B1297-7F99-426E-97D6-492DCA6DCADF} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {7F81342B-5778-4F1E-8E4D-5B891CFB4650} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2012-11-13] (Safer-Networking Ltd.)
Task: {8ECFCC41-2A2E-413F-814E-856723645B9A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {C1F81BA8-7E76-488E-B7BD-50A197F2D4D4} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2012-11-13] (Safer-Networking Ltd.)
Task: {D4556857-6179-4AA4-81DB-1C083650F5AD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-27] (AVAST Software)
Task: {DE1691FB-94E7-48F1-BC8E-B391B1B80C5D} - System32\Tasks\chipSWU => Cscript.exe "C:\Program Files (x86)\chip\Internet Explorer\swu.vbs"
Task: {E0B1C27F-B7AB-4366-94E4-BE111AD38F2C} - System32\Tasks\{B2961C49-4D90-4290-9362-F36C61024676} => C:\Program Files (x86)\3DataManager\3DataManager.exe [2008-06-09] (WebToGo Mobile Internet GmbH)
Task: {E94BE843-92C2-43AF-BACF-40B9A79B1E1E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2826457522-3369242990-2985312288-1000UA => C:\Users\Rainer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {E9D1B710-CA2D-493F-BC7A-0A089A1A0573} - System32\Tasks\{47A9940E-86F3-4203-8CDC-7739C8F6A60F} => pcalua.exe -a D:\Rainer\Downloads\drumstation.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {F104E213-7DF1-4B93-9D9E-7D000D0ECC13} - System32\Tasks\{93A87AD0-A354-4D49-9314-CCBC6AE09A30} => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2009-06-24] (Creative Technology Ltd)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2826457522-3369242990-2985312288-1000Core.job => C:\Users\Rainer\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2826457522-3369242990-2985312288-1000UA.job => C:\Users\Rainer\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2010-02-23 20:20 - 2009-07-17 18:06 - 00033280 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
2010-02-23 20:20 - 2009-07-17 18:06 - 00058368 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlrmt.dll
2009-08-18 05:10 - 2009-08-18 05:10 - 00173344 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2010-03-06 16:41 - 2006-12-11 03:14 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2015-09-09 03:51 - 2015-09-09 03:51 - 00472576 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\30703860d7ee62a97f9c4ed11a7bc205\VistaBridgeLibrary.ni.dll
2009-07-07 18:23 - 2009-07-07 18:23 - 01779952 _____ () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
2009-05-05 20:56 - 2009-05-05 20:56 - 00016384 ____R () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-02-23 20:17 - 2010-02-23 20:17 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2003-04-17 08:54 - 2003-04-17 08:54 - 00012288 _____ () C:\Program Files (x86)\Winamp\winampa.exe
2015-07-27 10:38 - 2015-07-27 10:38 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-27 10:38 - 2015-07-27 10:38 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-10-20 08:19 - 2015-10-20 08:19 - 02994032 _____ () C:\Program Files\AVAST Software\Avast\defs\15101902\algo.dll
2015-10-20 11:32 - 2015-10-20 11:32 - 02966528 _____ () C:\Program Files\AVAST Software\Avast\defs\15102000\algo.dll
2012-06-26 14:11 - 2012-06-26 14:11 - 02302040 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll
2012-06-26 14:11 - 2012-06-26 14:11 - 08197208 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll
2012-06-26 14:11 - 2012-06-26 14:11 - 00345688 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll
2012-06-26 14:10 - 2012-06-26 14:10 - 00202328 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
2012-06-26 14:10 - 2012-06-26 14:10 - 00027736 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
2012-06-26 14:11 - 2012-06-26 14:11 - 00282200 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll
2009-07-07 18:24 - 2009-07-07 18:24 - 00268528 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
2009-07-07 18:23 - 2009-07-07 18:23 - 00058608 _____ () C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
2009-07-07 18:24 - 2009-07-07 18:24 - 00095472 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
2009-07-07 18:24 - 2009-07-07 18:24 - 00046320 _____ () C:\Program Files (x86)\Dell DataSafe Online\de\SdbUI.resources.dll
2009-07-07 18:24 - 2009-07-07 18:24 - 00369904 _____ () C:\Program Files (x86)\Dell DataSafe Online\de\DataSafeOnline.resources.dll
2009-07-07 18:24 - 2009-07-07 18:24 - 00140528 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
2009-07-07 18:23 - 2009-07-07 18:23 - 00017648 _____ () C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll
2012-12-18 21:16 - 2012-11-13 15:06 - 00108960 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2012-12-18 21:16 - 2012-11-13 15:06 - 00416160 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2012-12-18 21:16 - 2012-11-13 15:06 - 00158624 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2012-12-18 21:16 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2012-12-18 21:16 - 2012-11-13 15:06 - 00528288 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
2012-12-18 21:16 - 2012-11-13 15:06 - 00554400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
2015-06-11 15:50 - 2015-06-11 15:50 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-10-20 15:27 - 2015-10-20 15:27 - 00071168 _____ () c:\users\rainer\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7pqsso.dll
2015-06-17 07:43 - 2015-09-24 01:07 - 00012800 _____ () C:\Users\Rainer\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-09-24 01:07 - 00779776 _____ () C:\Users\Rainer\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 08:29 - 2015-09-24 01:07 - 00056320 _____ () C:\Users\Rainer\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-17 07:43 - 2015-09-24 01:07 - 00012288 _____ () C:\Users\Rainer\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2008-06-11 22:32 - 2008-06-11 22:32 - 02666496 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\PDFMaker\Common\AdobePDFMakerX.dll
2008-06-12 02:20 - 2008-06-12 02:20 - 01417216 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\PDFMaker\Common\AdobePDFMakerX.DEU
2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2011-05-26 20:18 - 2011-05-26 20:18 - 00136536 _____ () C:\Program Files (x86)\Microsoft Office\Office12\OUTLCTL.DLL
2015-07-14 18:20 - 2015-07-14 18:20 - 00756376 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7777 mehr eingeschränkte Seiten.

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: NBKeyScan => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: PDVDDXSrv => "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{F287ECF0-9F00-4C37-86D1-8822F16047DD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD DX\PowerDVD.exe
FirewallRules: [{3C143C7A-5CE0-4E34-8AC4-710039A97502}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
FirewallRules: [TCP Query User{E731789B-6983-481E-A3A2-4596E441ABFD}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [UDP Query User{3FDFDD01-A3EE-4A30-BF12-9DBDF7A51B79}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [{50EE247A-B227-434B-A1AA-5E13DF5CD302}] => (Allow) LPort=5353
FirewallRules: [{CC4A25A6-3FF2-4B04-A282-48DCE12BAFC0}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{848F7153-3046-4E00-9987-915A0661807B}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{54B58AEC-AF79-4543-B60D-33EB912EC936}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [{724F156F-334C-4D89-A764-94AFD310C27B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [{347DD111-074C-46C0-A69C-81B482A3CEC9}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
FirewallRules: [{0AACDCE2-26B6-44C8-993C-12F6DE23F33C}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
FirewallRules: [TCP Query User{C6F165DE-8BD8-4228-8839-A298FBD536A5}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [UDP Query User{7731ABDF-F58D-42F6-8A7B-570089909C32}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [TCP Query User{7B419DAF-7140-4E05-AD5F-4288550247A7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{F020A29B-B3B2-49CD-895B-B0D2B57CC60F}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{92DE9E08-BDAD-48C5-984E-E81205D4DE50}C:\program files (x86)\streamtransport\streamtransport.exe] => (Allow) C:\program files (x86)\streamtransport\streamtransport.exe
FirewallRules: [UDP Query User{0735D965-0E78-4D54-8457-A0630AD45DED}C:\program files (x86)\streamtransport\streamtransport.exe] => (Allow) C:\program files (x86)\streamtransport\streamtransport.exe
FirewallRules: [TCP Query User{580B14E8-7A6D-4C9A-B5FF-CC7E53BA2F51}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{B2573A79-8C26-4717-9F0F-8546B13C7CF1}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{D8642F7E-174C-44EF-A8C2-DA37C29F8053}] => (Allow) C:\Users\Rainer\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1E8C75CC-4B38-4841-B0CB-699D0218581A}] => (Allow) C:\Users\Rainer\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{17255BF1-5AA9-4E7D-B991-4E8D21B455AE}] => (Allow) C:\Users\Rainer\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{2834A862-20CC-4DDA-9A61-DC1082934F9A}] => (Allow) C:\Users\Rainer\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{A6C7F06C-8DF1-4FFC-AD60-61233FF0C079}C:\users\rainer\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\rainer\appdata\local\jdownloader v2.0\jdownloader2.exe
FirewallRules: [UDP Query User{512740BB-62FF-4EB2-A8A6-32CABD556677}C:\users\rainer\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\rainer\appdata\local\jdownloader v2.0\jdownloader2.exe
FirewallRules: [{D72FFF9B-3D51-47B0-9CCE-925A848B8845}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0476A53E-1633-4E74-B17F-0CEFCC54EDFF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{3F86D22A-38C1-4223-84A0-9947F213D052}C:\users\rainer\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\rainer\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{F226D1DF-346A-44F8-8353-F1173641A63C}C:\users\rainer\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\rainer\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{EDEA959E-D874-450F-BED6-6E034874045D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{028A4F2D-59DE-498D-9029-B692AC3BFDAA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{6BD23870-2CCE-48AF-A819-0871F5407D53}] => (Allow) C:\Users\Rainer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{9FEF5807-45B2-4ED5-8F37-DAD330A27765}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{31933861-5D64-4648-BB70-15D5DC37CA5E}] => (Allow) LPort=2869
FirewallRules: [{23D730B2-A165-4C63-A873-16E6198FE35B}] => (Allow) LPort=1900
FirewallRules: [{303216FF-7FC7-4B03-8EFC-E9435E36AA1D}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{BC510587-6F77-40D8-B7B7-37C662A4A826}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{07F3FF3F-5D5E-4EB2-B125-DABBEE264881}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/20/2015 11:32:32 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (10/20/2015 11:28:55 AM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (6840) WebCacheLocal: Fehler -1811 beim Öffnen von Protokolldatei C:\Users\Rainer\AppData\Local\Microsoft\Windows\WebCache\V0100F5B.log.

Error: (10/20/2015 11:20:37 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SDScan.exe, Version 2.0.12.173 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: dec

Startzeit: 01d10b1683b9cb69

Endzeit: 24

Anwendungspfad: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

Berichts-ID:

Error: (10/20/2015 08:17:53 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (10/19/2015 07:45:02 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (10/18/2015 07:54:20 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (10/17/2015 12:36:35 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (10/16/2015 04:02:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm explorer.exe, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 13a4

Startzeit: 01d107198b084178

Endzeit: 31

Anwendungspfad: C:\Windows\explorer.exe

Berichts-ID: 7d64b18d-740e-11e5-8059-904ce5d0ecb8

Error: (10/15/2015 09:17:25 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: fa4

Startzeit: 01d1070ff735662a

Endzeit: 16

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: baf43924-730c-11e5-8059-904ce5d0ecb8

Error: (10/15/2015 08:08:38 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


Systemfehler:
=============
Error: (10/20/2015 11:32:32 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (10/20/2015 11:31:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BlueStacks Log Rotator Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (10/20/2015 11:31:46 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst BlueStacks Log Rotator Service erreicht.

Error: (10/20/2015 11:30:14 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (10/20/2015 11:30:14 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (10/20/2015 11:29:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "UPnP-Gerätehost" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (10/20/2015 11:29:58 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "upnphost" konnte sich nicht als "NT AUTHORITY\LocalService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (10/20/2015 11:29:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "UPnP-Gerätehost" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (10/20/2015 11:29:58 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "upnphost" konnte sich nicht als "NT AUTHORITY\LocalService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (10/20/2015 11:29:58 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1069upnphost{204810B9-73B2-11D4-BF42-00B0D0118B56}


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
Prozentuale Nutzung des RAM: 61%
Installierter physikalischer RAM: 3956.54 MB
Verfügbarer physikalischer RAM: 1531.67 MB
Summe virtueller Speicher: 9888.75 MB
Verfügbarer virtueller Speicher: 6687.56 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:88.52 GB) (Free:21.64 GB) NTFS
Drive d: () (Fixed) (Total:600.21 GB) (Free:76.21 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: B1D12966)
Partition 1: (Not Active) - (Size=150 MB) - (Type=DE)
Partition 2: (Active) - (Size=9.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=88.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=600.2 GB) - (Type=05)

==================== Ende von Addition.txt ============================
         

Alt 20.10.2015, 19:15   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
blau unterstrichenes Wort mit grünem Pfeil rechts oben - Standard

blau unterstrichenes Wort mit grünem Pfeil rechts oben



1. Schritt: Malwarebytes (MBAM)

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.





2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 21.10.2015, 09:56   #9
stoandl
 
blau unterstrichenes Wort mit grünem Pfeil rechts oben - Standard

blau unterstrichenes Wort mit grünem Pfeil rechts oben



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 21.10.2015
Suchlaufzeit: 07:05
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.10.21.01
Rootkit-Datenbank: v2015.10.16.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Rainer

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 357181
Abgelaufene Zeit: 18 Min., 0 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 6
PUP.Optional.Babylon, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [90053b1e127983b3101dfe1dc33fe21e], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OpenCandyHelperRunOnce6F532B8D7B1547CD9D9D5725285152B6, Löschen bei Neustart, [9afb6fea8efd46f0a4d6640d689b29d7], 
PUP.Optional.BitTorrentBar, HKLM\SOFTWARE\WOW6432NODE\BittorrentBar_DE, In Quarantäne, [1d781841840780b616b41536867d649c], 
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B153C59A-BCFB-491A-899A-5E7883EE4DB5}, In Quarantäne, [04916ced107b83b35f46a3af1ae913ed], 
PUP.Optional.BitTorrentBar, HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\SOFTWARE\APPDATALOW\SOFTWARE\BittorrentBar_DE, In Quarantäne, [70253a1f6d1e67cfcff9aba032d1649c], 
PUP.Optional.Spigot, HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{55CEA815-23ED-41A3-A85D-E4AF53338B2A}, In Quarantäne, [8f0670e91873a29451066f101ae939c7], 

Registrierungswerte: 3
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B153C59A-BCFB-491A-899A-5E7883EE4DB5}|AppPath, C:\Users\Rainer\AppData\Local\Conduit\CT2849855, In Quarantäne, [04916ced107b83b35f46a3af1ae913ed]
PUP.Optional.CertifiedToolBar.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s, In Quarantäne, [91044f0a137891a519fdb0cdb1514eb2]
PUP.Optional.Spigot, HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{55CEA815-23ED-41A3-A85D-E4AF53338B2A}|URL, https://at.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms}, In Quarantäne, [8f0670e91873a29451066f101ae939c7]

Registrierungsdaten: 1
PUP.Optional.SearchCertifiedTB, HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s, Gut: (www.google.com), Schlecht: (hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s),Ersetzt,[276ec3961b70f6404b17032a17edd828]

Ordner: 36
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\AddedAppDialog, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\DefualtImages, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\DetectedAppDialog, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\EngineFirstTimeDialog, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\NewSearchProtectorDialog, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\NewSearchProtectorDialog\images, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorBubbleDialog, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorBubbleDialog\images, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorDialog, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorDialog\Images, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorRetakeoverDialog, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorRetakeoverDialog\Images, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\ToolbarFirstTimeDialog, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\ToolbarFirstTimeDialog\images, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\ToolbarUntrustedAppsApprovalDialog, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\UninstallDialog, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\UntrustedAddedAppDialog, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\UntrustedAppApprovalDialog, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\UntrustedAppPendingDialog, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\EmailNotifier, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\ExternalComponent, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Logs, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\MyStuffApps, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Repository, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Repository\conduit_CT2849855_CT2849855, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Repository\conduit_CT2849855_CT2849855\AppsMetaData, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Repository\conduit_CT2849855_CT2849855\DynamicDialogs, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Repository\conduit_CT2849855_CT2849855\ToolbarLogin, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Repository\conduit_CT2849855_CT2849855\ToolbarSettings, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Repository\conduit_CT2849855_de, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Repository\conduit_CT2849855_de\ToolbarTranslation, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Rss, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\SearchInNewTab, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 

Dateien: 177
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\ldrtbBit0.dll, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\ldrtbBitt.dll, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\tbBit0.dll, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\tbBit1.dll, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\tbBitt.dll, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\ThirdPartyComponents.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\toolbar.cfg, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_images_main_menu_options_gif.gif, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_images_main_menu_privacy_gif.gif, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_images_main_menu_refresh_gif.gif, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_images_main_menu_shrink_gif.gif, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_images_main_menu_upgrade_gif.gif, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_images_searchengines_go_btn_new_gif.gif, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_images_SearchEngines_images_search_gif.gif, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_images_SearchEngines_news_icon_gif.gif, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_images_searchengines_search_icon_gif.gif, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_55_284_CT2849855_Images_634220879921318750_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_55_284_CT2849855_Images_634220880607100000_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_55_284_CT2849855_Images_634225278165850000_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_55_284_CT2849855_Images_634225279692725000_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_55_284_CT2849855_Images_634225279948156250_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_55_284_CT2849855_Images_634225280304131250_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_55_284_CT2849855_Images_634225280526593750_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_55_284_CT2849855_Images_634225280643975000_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_55_284_CT2849855_Images_634225281436162500_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_55_284_CT2849855_Images_634220815653506250_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_55_284_CT2849855_Images_634225284383662500_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Hide_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Groups_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_images_main_menu_home_page_gif.gif, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_images_searchengines_softonic_gif.gif, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_55_284_CT2849855_Images_634225284881631250_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_55_284_CT2849855_Images_634225287181631250_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_55_284_CT2849855_Images_634225287547412500_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_55_284_CT2849855_Images_634226702545975000_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_55_284_CT2849855_Images_634226713903631250_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_55_284_CT2849855_Images_634244833256762500_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_55_284_CT2849855_Sharing_temp_634428694620843786_24PX_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_About_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Browse_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Contact_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_images_SearchEngines_tfd_gif.gif, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_images_SearchEngines_video_gif.gif, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_MarketPlace_1e_c0c_1ec55dac-8dca-406b-9697-5d68893c1c0c_Thumbnail_634424887280359010_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_MarketPlace_93_ce3_93951332-f9a7-4af7-af02-17ec3d749ce3_Appearance_634159521796627506_24x24_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___weather_conduit_com_images_weather_Default_partly_cloudy_gif.gif, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___weather_conduit_com_images_weather_Default_sunny_gif.gif, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_LikeIcon_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_MoreFromPublisher_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_More_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Options_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Privacy_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Refresh_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Upgrade_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Events_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Friends_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Home_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Inbox_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Logout_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Photos_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Profile_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Settings_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Share_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Status_png.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_images_main_menu_about_gif.gif, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_images_main_menu_clear_history_gif.gif, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_images_main_menu_contact_gif.gif, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\CacheIcons\http___storage_conduit_com_images_main_menu_help_gif.gif, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\DialogsAPI.js, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\excanvas.js, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\generalDialogStyle.css, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\PIE.htc, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\RoundedCorners.css, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\RoundedCornersIE9.css, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\settings.js, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\version.txt, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\AddedAppDialog\app-added.js, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\AddedAppDialog\main.html, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\DefualtImages\icon.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\DetectedAppDialog\app-2go.js, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\DetectedAppDialog\main.html, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\EngineFirstTimeDialog\EngineFirstTimeDialog.js, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\EngineFirstTimeDialog\main.html, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\EngineFirstTimeDialog\right-click.gif, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\NewSearchProtectorDialog\main.html, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\NewSearchProtectorDialog\SearchProtector.css, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\NewSearchProtectorDialog\SearchProtector.js, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\NewSearchProtectorDialog\images\ok-button.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\NewSearchProtectorDialog\images\separation-line.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\NewSearchProtectorDialog\images\warning.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorBubbleDialog\bubble.css, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorBubbleDialog\bubble.js, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorBubbleDialog\main.html, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorBubbleDialog\images\information.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorBubbleDialog\images\x-default-LTR.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorBubbleDialog\images\x-default-RTL.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-LTR.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-RTL.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorDialog\main.html, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorDialog\SearchProtector.css, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorDialog\SearchProtector.js, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorDialog\Images\info.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorDialog\Images\ok-on.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorDialog\Images\ok.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorRetakeoverDialog\main.html, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.css, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.js, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.jpg, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorRetakeoverDialog\Images\info.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorRetakeoverDialog\Images\ok-on.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\SearchProtectorRetakeoverDialog\Images\ok.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\ToolbarFirstTimeDialog\main.html, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.css, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.js, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\ToolbarFirstTimeDialog\images\app-store-icon.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\ToolbarFirstTimeDialog\images\arrow.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\ToolbarFirstTimeDialog\images\divider.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\ToolbarFirstTimeDialog\images\emailNotifier.gif, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\ToolbarFirstTimeDialog\images\facebook.png, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\ToolbarFirstTimeDialog\images\radio.GIF, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\ToolbarFirstTimeDialog\images\Thumbs.db, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\ToolbarFirstTimeDialog\images\truste_welcome.GIF, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\ToolbarFirstTimeDialog\images\weather.GIF, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\ToolbarUntrustedAppsApprovalDialog\main.html, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\ToolbarUntrustedAppsApprovalDialog\ToolbarUntrustedAppsApprovalDialog.js, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\UntrustedAddedAppDialog\main.html, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\UntrustedAddedAppDialog\UT-app-dialog-added.js, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\UntrustedAppApprovalDialog\main.html, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\UntrustedAppApprovalDialog\UT-app-dialog-needs-your-approval.js, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\UntrustedAppPendingDialog\main.html, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Dialogs\UntrustedAppPendingDialog\UT-app-dialog-is-waiting.js, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\EmailNotifier\AccountTypes.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\EmailNotifier\aol.com.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\EmailNotifier\comcast.net.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\EmailNotifier\google.com.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\EmailNotifier\hotmail.com.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\EmailNotifier\yahoo.com.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=GottenApps&locale=de.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=OtherApps&locale=de.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=SharedApps&locale=de.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=Toolbar&locale=de.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Repository\conduit_CT2849855_CT2849855\AppsMetaData\data.bck.txt, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Repository\conduit_CT2849855_CT2849855\AppsMetaData\data.txt, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Repository\conduit_CT2849855_CT2849855\DynamicDialogs\data.bck.txt, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Repository\conduit_CT2849855_CT2849855\DynamicDialogs\data.txt, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Repository\conduit_CT2849855_CT2849855\ToolbarLogin\data.bck.txt, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Repository\conduit_CT2849855_CT2849855\ToolbarLogin\data.txt, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Repository\conduit_CT2849855_CT2849855\ToolbarSettings\data.bck.txt, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Repository\conduit_CT2849855_CT2849855\ToolbarSettings\data.txt, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Repository\conduit_CT2849855_de\ToolbarTranslation\data.bck.txt, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Repository\conduit_CT2849855_de\ToolbarTranslation\data.txt, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Rss\http___feeds_reuters_com_reuters_topNews_structured.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Rss\http___rss_cnn_com_rss_cnn_latest_rss_structured.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Rss\http___feeds_news_com_au_public_rss_2_0_news_breaking_news_32_xml.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Rss\http___feeds_news_com_au_public_rss_2_0_news_breaking_news_32_xml_history.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Rss\http___feeds_news_com_au_public_rss_2_0_news_breaking_news_32_xml_structured.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Rss\http___feeds_reuters_com_reuters_topNews.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Rss\http___newsrss_bbc_co_uk_rss_newsonline_world_edition_front_page_rss_xml.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Rss\http___newsrss_bbc_co_uk_rss_newsonline_world_edition_front_page_rss_xml_history.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Rss\http___newsrss_bbc_co_uk_rss_newsonline_world_edition_front_page_rss_xml_structured.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Rss\http___rss_cbc_ca_lineup_latest_xml.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Rss\http___rss_cbc_ca_lineup_latest_xml_structured.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Rss\http___rss_cnn_com_rss_cnn_latest_rss.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Rss\http___rss_cnn_com_rss_cnn_latest_rss_history.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Rss\http___rss_news_yahoo_com_rss_world.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Rss\http___rss_news_yahoo_com_rss_world_history.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Rss\http___rss_news_yahoo_com_rss_world_structured.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Rss\http___worldpress_org_feeds_topstories_xml.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Rss\http___worldpress_org_feeds_topstories_xml_history.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Rss\http___worldpress_org_feeds_topstories_xml_structured.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Rss\http___www_thesun_co_uk_sol_homepage_feeds_rss_article312900_ece.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Rss\http___www_thesun_co_uk_sol_homepage_feeds_rss_article312900_ece_history.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\Rss\http___www_thesun_co_uk_sol_homepage_feeds_rss_article312900_ece_structured.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.BitTorrentBar, C:\Users\Rainer\AppData\LocalLow\BittorrentBar_DE\SearchInNewTab\SearchInNewTabContent.xml, In Quarantäne, [92033e1bcbc0dc5acbe0bc83907201ff], 
PUP.Optional.Spigot, C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "https://at.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=903578&p=");), Ersetzt,[97fea3b6008bd066df362d2559abac54]
PUP.Optional.Spigot, C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "https://at.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=903578&p=");), Ersetzt,[5f36be9b12792610051090c2669e926e]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Danke für die bisherige Unterstützung!

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Home Premium x64
Ran by Rainer on 21.10.2015 at  9:08:42,87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{64EAD72B-FFD4-4E01-AA3A-4C71665D73E4}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{64EAD72B-FFD4-4E01-AA3A-4C71665D73E4}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7553EA3C-F8DA-4188-B7BC-956894EA54F5}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7553EA3C-F8DA-4188-B7BC-956894EA54F5}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{7553EA3C-F8DA-4188-B7BC-956894EA54F5}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Users\Rainer\Start Menu\Programs\browser manager



~~~ FireFox

Successfully deleted: [File] C:\Users\Rainer\AppData\Roaming\mozilla\firefox\profiles\w68k4ml1.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
Emptied folder: C:\Users\Rainer\AppData\Roaming\mozilla\firefox\profiles\w68k4ml1.default\minidumps [602 files]



~~~ Chrome


[C:\Users\Rainer\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Rainer\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Rainer\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Rainer\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.10.2015 at  9:15:23,25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-10-2015
durchgeführt von Rainer (Administrator) auf RAINER-LT (21-10-2015 10:50:49)
Gestartet von D:\Rainer\Downloads
Geladene Profile: Rainer (Verfügbare Profile: Rainer)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_19_0_0_226_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [357376 2009-09-16] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-09] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3189016 2009-10-01] (Dell Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-17] (Dell Inc.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2184520 2009-07-27] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-09-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1779952 2009-07-07] ()
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [DellSupportCenter] => C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\Winampa.exe [12288 2003-04-17] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\qttask.exe [98304 2014-06-27] (Apple Computer, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [831192 2014-07-03] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-27] (AVAST Software)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-04-14] (Google Inc.)
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\Run: [uTorrent] => C:\Users\Rainer\AppData\Roaming\uTorrent\uTorrent.exe [1822048 2015-10-13] (BitTorrent Inc.)
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\Run: [Dropbox Update] => C:\Users\Rainer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {12e2a80b-456d-11df-a296-0026b9246c68} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {12e2a80d-456d-11df-a296-0026b9246c68} - G:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {56ce4137-4898-11e4-8255-0026b9246c68} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {56ce413a-4898-11e4-8255-0026b9246c68} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {74b8ed62-2f80-11df-99aa-0026b9246c68} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {74b8ed67-2f80-11df-99aa-0026b9246c68} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {74b8ee3c-2f80-11df-99aa-904ce5d0ecb8} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {a34f141c-ee5e-11e3-8674-0026b9246c68} - F:\ting.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {ad812746-7543-11e0-b888-b89966ac48a5} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {ad812749-7543-11e0-b888-b89966ac48a5} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {b678db16-fb85-11df-894f-b7f0a70929a3} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {b678db18-fb85-11df-894f-b7f0a70929a3} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {fd063144-dbb1-11df-b3f3-806e6f6e6963} - F:\AutoRun.exe
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-27] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-02-23]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-02-23]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-02-23]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk [2010-03-06]
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-25]
ShortcutTarget: Dropbox.lnk -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{F37501EF-480A-48FB-A8D4-07F950543BC4}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
URLSearchHook: HKLM-x32 - (Kein Name) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - Keine Datei
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {7610C2C4-E281-474E-B54C-8A78D5EB0EAC} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {F209670B-C5F9-4F55-82D5-0743DDF1B790} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {F209670B-C5F9-4F55-82D5-0743DDF1B790} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
BHO: Kein Name -> {7553EA3C-F8DA-4188-B7BC-956894EA54F5} -> Keine Datei
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-27] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13] (Safer-Networking Ltd.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-02] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-27] (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-02] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Keine Datei
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Yahoo!
FF Homepage: hxxp://www.google.at/
FF NetworkProxy: "http", "115.124.73.122"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll [2009-11-14] (DivX,Inc.)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll [2009-11-14] (DivX, Inc)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-09-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.7.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-09-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPAdbESD.dll [2006-10-03] (Adobe Systems Incorporated)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2008-06-11] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-06-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-06-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-06-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-06-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-06-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2014-06-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2014-06-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2010-01-12] (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\searchplugins\google-images.xml [2014-07-30]
FF SearchPlugin: C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\searchplugins\google-maps.xml [2014-07-30]
FF Extension: Avira Browser Safety - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\abs@avira.com [2015-05-28] [ist nicht signiert]
FF Extension: FoxyProxy Standard - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\foxyproxy@eric.h.jung [2015-05-29]
FF Extension: Proxy-Listen.de - Proxyswitcher - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\admin@proxy-listen.de.xpi [2015-03-14]
FF Extension: anonymoX - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\client@anonymox.net.xpi [2015-06-14]
FF Extension: YouTube Video and Audio Downloader - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2014-08-25]
FF Extension: 9kw Client (v1.66b2) - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\jid0-08QUFKHYKxeTWwjnxAvsJJVhLsk@jetpack.xpi [2014-09-02] [ist nicht signiert]
FF Extension: ProxMate - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2015-06-15]
FF Extension: Adblock Plus - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-17]
FF Extension: Greasemonkey - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-12-06]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-11] [ist nicht signiert]
FF HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\extensions\cliqz@cliqz.com => nicht gefunden

Chrome: 
=======
CHR Profile: C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-11]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-27] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [405208 2014-07-03] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-07-03] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [773848 2014-07-03] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-12-18] (Stardock Corporation) [Datei ist nicht signiert]
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-09-20] (Nero AG)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-17] (Dell Inc.) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-27] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-27] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-07-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-27] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-27] (AVAST Software)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-07-03] (BlueStack Systems)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-10-21] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-21 09:15 - 2015-10-21 09:15 - 00002329 _____ C:\Users\Rainer\Desktop\JRT.txt
2015-10-21 09:07 - 2015-10-21 09:07 - 00043708 _____ C:\mbam.txt
2015-10-21 07:28 - 2015-10-21 07:28 - 00074574 _____ C:\Windows\PFRO.log
2015-10-21 07:02 - 2015-10-21 07:53 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-21 07:01 - 2015-10-21 07:27 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-21 07:01 - 2015-10-21 07:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-10-21 07:01 - 2015-10-21 07:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-21 07:01 - 2015-10-21 07:01 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-10-21 07:01 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-21 07:01 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-21 07:01 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-20 17:00 - 2015-10-21 10:50 - 00000000 ____D C:\FRST
2015-10-20 15:27 - 2015-10-20 15:27 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-20 11:31 - 2015-10-21 07:29 - 00000280 _____ C:\Windows\setupact.log
2015-10-20 11:31 - 2015-10-20 11:31 - 00000000 _____ C:\Windows\setuperr.log
2015-10-20 11:26 - 2015-10-20 13:49 - 00000000 ____D C:\AdwCleaner
2015-10-15 19:56 - 2015-10-15 19:56 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-15 08:29 - 2015-09-18 21:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-15 08:29 - 2015-09-18 21:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-15 08:29 - 2015-09-18 21:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-15 08:29 - 2015-09-18 21:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-15 08:29 - 2015-09-18 21:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-15 08:29 - 2015-09-18 21:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-15 08:29 - 2015-09-18 21:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-14 08:57 - 2015-09-18 21:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-14 08:57 - 2015-09-18 20:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-14 08:57 - 2015-09-16 06:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-14 08:57 - 2015-09-16 06:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-14 08:57 - 2015-09-16 06:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-14 08:57 - 2015-09-16 06:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-14 08:57 - 2015-09-16 06:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-14 08:57 - 2015-09-16 06:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 08:57 - 2015-09-16 06:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-14 08:57 - 2015-09-16 06:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-14 08:57 - 2015-09-16 06:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-14 08:57 - 2015-09-16 06:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-14 08:57 - 2015-09-16 06:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-14 08:57 - 2015-09-16 06:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-14 08:57 - 2015-09-16 06:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 08:57 - 2015-09-16 06:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 08:57 - 2015-09-16 06:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-14 08:57 - 2015-09-16 06:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-14 08:57 - 2015-09-16 06:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-14 08:57 - 2015-09-16 06:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-14 08:57 - 2015-09-16 05:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-14 08:57 - 2015-09-16 05:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-14 08:57 - 2015-09-16 05:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 08:57 - 2015-09-16 05:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-14 08:57 - 2015-09-16 05:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-14 08:57 - 2015-09-16 05:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-14 08:57 - 2015-09-16 05:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-14 08:57 - 2015-09-16 05:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-14 08:57 - 2015-09-16 05:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-14 08:57 - 2015-09-16 05:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-14 08:57 - 2015-09-16 05:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-14 08:57 - 2015-09-16 05:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-14 08:57 - 2015-09-16 05:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-14 08:57 - 2015-09-16 05:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-14 08:57 - 2015-09-16 05:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-14 08:57 - 2015-09-16 05:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-14 08:57 - 2015-09-16 05:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-14 08:57 - 2015-09-16 05:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-14 08:57 - 2015-09-16 05:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-14 08:57 - 2015-09-16 05:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-14 08:57 - 2015-09-16 05:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-14 08:57 - 2015-09-16 05:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-14 08:57 - 2015-09-16 05:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-14 08:57 - 2015-09-16 05:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 08:57 - 2015-09-16 05:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-14 08:57 - 2015-09-16 05:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-14 08:57 - 2015-09-16 05:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-14 08:57 - 2015-09-16 05:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-14 08:57 - 2015-09-16 05:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-14 08:57 - 2015-09-16 05:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-14 08:57 - 2015-09-16 05:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-14 08:57 - 2015-09-16 05:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-14 08:57 - 2015-09-16 05:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-14 08:57 - 2015-09-16 05:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-14 08:57 - 2015-09-16 04:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-14 08:57 - 2015-09-16 04:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-14 08:57 - 2015-09-16 04:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-14 08:57 - 2015-09-16 04:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-14 08:57 - 2015-09-16 04:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-14 08:57 - 2015-09-16 04:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-14 08:57 - 2015-09-16 04:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-14 08:57 - 2015-09-16 04:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-14 08:57 - 2015-09-16 04:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-14 08:57 - 2015-09-16 04:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-14 08:20 - 2015-08-06 20:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 08:20 - 2015-08-06 20:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-14 08:20 - 2015-08-06 19:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-14 08:20 - 2015-08-06 19:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-14 08:09 - 2015-09-25 20:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-14 08:09 - 2015-09-25 20:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-14 08:09 - 2015-09-25 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-14 08:09 - 2015-09-25 20:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-14 08:09 - 2015-09-25 20:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-14 08:09 - 2015-09-25 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-14 08:09 - 2015-09-25 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-14 08:09 - 2015-09-25 20:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-14 08:09 - 2015-09-25 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-14 08:09 - 2015-09-25 20:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-14 08:09 - 2015-09-25 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-14 08:09 - 2015-09-25 19:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-14 08:09 - 2015-09-25 19:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-14 08:09 - 2015-09-25 19:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-14 08:09 - 2015-09-25 19:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-14 08:09 - 2015-09-25 19:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-14 08:08 - 2015-09-29 05:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 08:08 - 2015-09-29 05:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-14 08:08 - 2015-09-29 05:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-14 08:08 - 2015-09-29 05:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-14 08:08 - 2015-09-29 05:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-14 08:08 - 2015-09-29 05:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-14 08:08 - 2015-09-29 05:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-14 08:08 - 2015-09-29 05:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-14 08:08 - 2015-09-29 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-14 08:08 - 2015-09-29 05:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-14 08:08 - 2015-09-29 05:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-14 08:08 - 2015-09-29 05:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-14 08:08 - 2015-09-29 05:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-14 08:08 - 2015-09-29 05:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-14 08:08 - 2015-09-29 05:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-14 08:08 - 2015-09-29 05:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-14 08:08 - 2015-09-29 05:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-14 08:08 - 2015-09-29 05:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-14 08:08 - 2015-09-29 05:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-14 08:08 - 2015-09-29 04:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-14 08:08 - 2015-09-29 04:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-14 08:08 - 2015-09-29 04:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-14 08:08 - 2015-09-29 04:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-14 08:08 - 2015-09-29 04:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-14 08:08 - 2015-09-29 04:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-14 08:08 - 2015-09-29 04:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-14 08:08 - 2015-09-29 04:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-14 08:08 - 2015-09-29 04:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-14 08:08 - 2015-09-29 04:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-14 08:08 - 2015-09-29 04:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-14 08:08 - 2015-09-29 04:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-14 08:08 - 2015-09-29 04:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-14 08:08 - 2015-09-29 04:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-14 08:08 - 2015-09-29 04:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 03:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-14 08:08 - 2015-09-29 03:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-14 08:08 - 2015-09-29 03:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-14 08:08 - 2015-09-29 03:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-14 08:08 - 2015-09-29 03:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-14 08:08 - 2015-09-29 03:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 03:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 03:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 03:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-14 08:08 - 2015-09-15 20:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-14 08:08 - 2015-09-15 20:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-14 08:08 - 2015-09-15 20:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-14 08:08 - 2015-09-15 20:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-14 08:08 - 2015-09-15 20:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-14 08:08 - 2015-09-15 20:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-14 08:08 - 2015-09-15 20:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-14 08:08 - 2015-09-15 20:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-14 08:08 - 2015-09-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-14 08:08 - 2015-09-15 19:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-14 08:08 - 2015-09-15 19:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-14 08:08 - 2015-09-15 19:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-14 08:08 - 2015-09-15 19:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-14 08:07 - 2015-10-01 20:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-14 08:07 - 2015-10-01 20:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-14 08:07 - 2015-10-01 20:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 08:07 - 2015-10-01 20:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-14 08:07 - 2015-10-01 20:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-14 08:07 - 2015-10-01 20:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-14 08:07 - 2015-10-01 20:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 08:07 - 2015-10-01 19:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-14 08:07 - 2015-10-01 19:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-14 08:04 - 2015-07-18 15:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-13 13:08 - 2015-10-21 07:30 - 00000000 ____D C:\Users\Rainer\AppData\LocalLow\uTorrent
2015-10-03 01:29 - 2015-10-17 12:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-21 10:52 - 2015-06-17 07:41 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2826457522-3369242990-2985312288-1000UA.job
2015-10-21 10:19 - 2012-06-12 16:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-21 10:10 - 2010-04-14 17:30 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-21 09:09 - 2009-07-14 06:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-21 09:09 - 2009-07-14 06:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-21 09:07 - 2012-08-15 21:53 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\uTorrent
2015-10-21 07:34 - 2013-06-08 12:24 - 01119805 _____ C:\Windows\WindowsUpdate.log
2015-10-21 07:31 - 2014-08-07 03:46 - 00000000 ___RD C:\Users\Rainer\Dropbox
2015-10-21 07:31 - 2014-08-07 03:42 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\Dropbox
2015-10-21 07:29 - 2010-08-02 13:02 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-10-21 07:29 - 2010-04-14 17:30 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-21 07:29 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-21 07:28 - 2015-05-31 20:51 - 00000000 ____D C:\Windows\de
2015-10-21 07:27 - 2015-06-29 11:05 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-10-21 07:27 - 2015-05-31 20:50 - 00001376 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-10-21 07:27 - 2015-05-31 20:50 - 00001307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-10-21 07:27 - 2015-05-31 20:49 - 00002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2015-10-21 07:27 - 2015-05-31 20:49 - 00001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2015-10-21 07:27 - 2014-12-18 12:04 - 00001108 _____ C:\Users\Public\Desktop\Instrumente für Finale 2009.lnk
2015-10-21 07:27 - 2014-12-18 12:00 - 00001016 _____ C:\Users\Public\Desktop\Finale 2009.lnk
2015-10-21 07:27 - 2014-08-01 18:55 - 00001814 _____ C:\Users\Public\Desktop\Apps.lnk
2015-10-21 07:27 - 2014-08-01 18:55 - 00001803 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2015-10-21 07:27 - 2014-06-27 16:22 - 00001049 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-10-21 07:27 - 2014-02-18 21:28 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-10-21 07:27 - 2014-01-16 14:45 - 00002034 _____ C:\Users\Public\Desktop\Nokia PC Suite.lnk
2015-10-21 07:27 - 2013-12-06 18:19 - 00001100 _____ C:\Users\Public\Desktop\Google Books Downloader.lnk
2015-10-21 07:27 - 2013-10-12 12:19 - 00000886 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2015-10-21 07:27 - 2013-10-12 10:33 - 00002192 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 2.0.lnk
2015-10-21 07:27 - 2013-10-12 10:33 - 00002174 _____ C:\Users\Public\Desktop\Adobe Digital Editions 2.0.lnk
2015-10-21 07:27 - 2012-12-18 21:16 - 00002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-10-21 07:27 - 2012-12-18 21:16 - 00002173 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-10-21 07:27 - 2012-11-05 16:57 - 00001025 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-10-21 07:27 - 2012-08-14 21:08 - 00002007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2015-10-21 07:27 - 2012-08-14 21:08 - 00001951 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2015-10-21 07:27 - 2012-08-14 21:08 - 00001930 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2015-10-21 07:27 - 2012-08-06 13:44 - 00000862 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-10-21 07:27 - 2011-05-17 21:30 - 00001156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-21 07:27 - 2010-10-21 12:13 - 00001180 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 5.lnk
2015-10-21 07:27 - 2010-05-31 21:11 - 00002095 _____ C:\Users\Public\Desktop\Canon MP Navigator EX 3.0.lnk
2015-10-21 07:27 - 2010-03-19 09:59 - 00001734 _____ C:\Users\Public\Desktop\Browserwahl.lnk
2015-10-21 07:27 - 2010-03-06 15:42 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hilfedokumentation von Dell.lnk
2015-10-21 07:27 - 2010-02-23 20:28 - 00002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerDVD DX.lnk
2015-10-21 07:27 - 2010-02-23 20:23 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
2015-10-21 07:27 - 2010-02-23 13:09 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-10-21 07:27 - 2010-02-23 13:09 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-10-21 07:27 - 2009-07-14 06:57 - 00001523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-10-21 07:27 - 2009-07-14 06:57 - 00001352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2015-10-21 07:27 - 2009-07-14 06:57 - 00001304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2015-10-21 07:27 - 2009-07-14 06:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2015-10-21 07:27 - 2009-07-14 06:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2015-10-21 07:25 - 2015-05-31 20:45 - 00002147 _____ C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2015-10-21 07:25 - 2015-01-01 21:42 - 00000796 _____ C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-10-21 07:25 - 2014-07-08 13:41 - 00000969 _____ C:\Users\Rainer\Desktop\aMule.lnk
2015-10-21 07:25 - 2013-06-04 20:26 - 00001795 _____ C:\Users\Rainer\Desktop\WINAMP.LNK
2015-10-21 07:25 - 2013-02-11 20:43 - 00001090 _____ C:\Users\Rainer\Desktop\AviSplit Classic.lnk
2015-10-21 07:25 - 2013-01-23 10:13 - 00001129 _____ C:\ProgramData\Microsoft\Windows\Start Menu\SDP Downloader.lnk
2015-10-21 07:25 - 2012-11-07 21:07 - 00001015 _____ C:\Users\Rainer\Desktop\HammerHead 1.0.lnk
2015-10-21 07:25 - 2012-08-06 17:36 - 00001242 _____ C:\Users\Rainer\Desktop\Traktor DJ Player.lnk
2015-10-21 07:25 - 2010-10-19 21:16 - 00001997 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Mein 3DataManager.lnk
2015-10-21 07:25 - 2010-03-06 15:46 - 00001427 _____ C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-21 07:25 - 2009-07-14 07:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2015-10-21 07:25 - 2009-07-14 06:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2015-10-21 06:45 - 2015-06-11 15:50 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-10-21 06:41 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-19 13:30 - 2009-07-14 19:58 - 00703192 _____ C:\Windows\system32\perfh007.dat
2015-10-19 13:30 - 2009-07-14 19:58 - 00150800 _____ C:\Windows\system32\perfc007.dat
2015-10-19 13:30 - 2009-07-14 07:13 - 01629348 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-17 14:19 - 2012-06-12 16:01 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-17 14:19 - 2012-06-12 16:01 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-17 14:19 - 2012-06-12 16:01 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-17 12:35 - 2012-05-04 10:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-16 21:52 - 2015-06-17 07:41 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2826457522-3369242990-2985312288-1000Core.job
2015-10-16 03:01 - 2014-12-12 04:30 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-16 03:01 - 2014-05-06 20:19 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-15 12:17 - 2014-08-01 17:43 - 00000000 ____D C:\Program Files (x86)\Skype
2015-10-15 10:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-10-14 22:33 - 2013-07-16 21:51 - 00000000 ____D C:\Windows\system32\MRT
2015-10-14 22:24 - 2010-05-11 21:40 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-14 22:24 - 2010-02-23 20:31 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-12 22:04 - 2012-11-05 16:58 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\Audacity
2015-10-12 13:56 - 2014-02-18 21:29 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\vlc
2015-10-10 14:24 - 2014-08-06 14:05 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\dvdcss
2015-10-09 07:07 - 2015-04-04 21:06 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-08 22:37 - 2015-04-04 21:06 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-01 17:22 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-09-24 15:43 - 2013-09-24 15:43 - 0077976 _____ (AppWork GmbH) C:\Program Files (x86)\WebInstallerJD2.exe
2013-09-24 18:09 - 2013-09-24 18:10 - 6571624 _____ (Bolide Software                                             ) C:\Program Files (x86)\wsr_setup.exe
2013-11-22 20:06 - 2013-11-22 20:31 - 0000709 _____ () C:\Users\Rainer\AppData\Roaming\AdobeDLM.log
2013-09-25 22:02 - 2013-09-25 22:02 - 0000046 _____ () C:\Users\Rainer\AppData\Roaming\Camdata.ini
2013-09-25 22:02 - 2013-09-25 22:02 - 0000408 _____ () C:\Users\Rainer\AppData\Roaming\CamLayout.ini
2013-09-25 22:02 - 2013-09-25 22:02 - 0000408 _____ () C:\Users\Rainer\AppData\Roaming\CamShapes.ini
2013-09-25 22:02 - 2013-09-25 22:02 - 0004510 _____ () C:\Users\Rainer\AppData\Roaming\CamStudio.cfg
2013-11-22 20:06 - 2013-11-22 20:17 - 0000466 _____ () C:\Users\Rainer\AppData\Roaming\dm.ini
2010-06-19 23:29 - 2011-03-07 11:56 - 1663512 _____ () C:\Users\Rainer\AppData\Roaming\mdbu.bin
2014-02-10 12:35 - 2014-02-10 12:34 - 0036375 ____N () C:\Users\Rainer\AppData\Roaming\uTorrent.torrent
2010-10-05 20:13 - 2015-08-11 17:23 - 0023040 _____ () C:\Users\Rainer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-08 12:24 - 2015-03-08 13:30 - 0001477 _____ () C:\Users\Rainer\AppData\Local\RecConfig.xml
2015-03-08 13:29 - 2015-03-08 13:29 - 0000040 _____ () C:\Users\Rainer\AppData\Local\tmp.no23
2010-03-15 21:07 - 2010-03-15 21:15 - 0000621 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
C:\Users\Rainer\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpma26er.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-21 08:10

==================== Ende von FRST.txt ============================
         
HI! Finde Addition.txt nicht . Hab ich was falsch gemacht?

Gruß, Rainer

Alt 22.10.2015, 01:42   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
blau unterstrichenes Wort mit grünem Pfeil rechts oben - Standard

blau unterstrichenes Wort mit grünem Pfeil rechts oben



Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Untersuchen klicken.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 22.10.2015, 05:51   #11
stoandl
 
blau unterstrichenes Wort mit grünem Pfeil rechts oben - Standard

blau unterstrichenes Wort mit grünem Pfeil rechts oben



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:21-10-2015 01
durchgeführt von Rainer (2015-10-22 06:45:23)
Gestartet von D:\Rainer\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2010-03-06 13:42:36)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2826457522-3369242990-2985312288-500 - Administrator - Disabled)
Gast (S-1-5-21-2826457522-3369242990-2985312288-501 - Limited - Disabled)
Rainer (S-1-5-21-2826457522-3369242990-2985312288-1000 - Administrator - Enabled) => C:\Users\Rainer

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 4 Master Collection (HKLM-x32\...\Adobe_5445c5ddd9a5c69582d3c1e2bba18f7) (Version: 4.0 - Adobe Systems Incorporated)
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Download Manager 2.2 (Remove Only) (HKLM-x32\...\AdobeESD) (Version: 2.2 - )
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Icon Handler x64 (Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader 9.1.2 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A91000000001}) (Version: 9.1.2 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Amazing Slow Downer (remove only) (HKLM-x32\...\Amazing Slow Downer) (Version:  - )
aMule (HKLM-x32\...\aMule) (Version:  - )
ATI Catalyst Control Center (HKLM-x32\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.009.0908.2224 - )
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software)
AVS Screen Capture version 2.0.1 (HKLM-x32\...\AVS Screen Capture_is1) (Version:  - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 8.3.2.533 - Online Media Technologies Ltd.)
AVS Video Recorder 2.5 (HKLM-x32\...\AVS Video Recorder_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video ReMaker 4.1.1.144 (HKLM-x32\...\AVS Video ReMaker_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.12.3119 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{1AFACC2A-9A60-43EF-ABDB-2CEECA5EA77F}) (Version: 0.8.12.3119 - BlueStack Systems, Inc.)
calibre 64bit (HKLM\...\{DF6697A2-7829-4E44-AEB8-667D86CB3472}) (Version: 1.8.0 - Kovid Goyal)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version:  - )
Canon MP550 series Benutzerregistrierung (HKLM-x32\...\Canon MP550 series Benutzerregistrierung) (Version:  - )
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version:  - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
ccc-core-static (x32 Version: 2009.0908.2225.38429 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.21 - Piriform)
CHIP Best Deal (HKLM-x32\...\{7553EA3C-F8DA-4188-B7BC-956894EA54F5}) (Version: 1.4.21 - Ciuvo GmbH)
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.33 - Abelssoft)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.0.1 - Cliqz.com)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.1.0029 - Dell, Inc.)
Dell Dock (HKLM\...\{E60B7350-EA5F-41E0-9D6F-E508781E36D2}) (Version: 2.0.0 - Dell)
Dell Driver Download Manager (HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Dell Driver Download Manager (HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Resource CD (HKLM-x32\...\{42929F0F-CE14-47AF-9FC7-FF297A603021}) (Version: 1.00.0000 - Ihr Firmenname)
Dell Support Center (Support Software) (HKLM-x32\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.5.09100 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.102.101.303 - ALPS ELECTRIC CO., LTD.)
Dell Wireless WLAN Card Utility (HKLM\...\Dell Wireless WLAN Card Utility) (Version: 5.30.21.0 - Dell Inc.)
Desktopicon Trends auf OTTO.de (HKLM\...\DesktopIconotto) (Version: 1.0.1 - )
DivX Codec (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.9.1 - DivX, Inc.)
DivX Converter (HKLM-x32\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Player (HKLM-x32\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 7.2.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Plus Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 2.0.0 - DivX,Inc.)
Dropbox (HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Finale 2009 (HKLM-x32\...\Finale 2009) (Version: 14.2.r3.0 - MakeMusic)
FormatFactory 2.30 (HKLM-x32\...\FormatFactory) (Version: 2.30 - Free Time)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free Audio Dub version 1.7.9.908 (HKLM-x32\...\Free Audio Dub_is1) (Version: 1.7.9.908 - DVDVideoSoft Ltd.)
Free DVD Video Converter version 2.0.13.128 (HKLM-x32\...\Free DVD Video Converter_is1) (Version: 2.0.13.128 - DVDVideoSoft Ltd.)
Free Google Books Downloader (HKLM-x32\...\{0E94F0E7-5575-4D92-B843-7DCB8E08D89C}) (Version: 1.3.1.0 - iWesoft)
Free Video Dub version 2.0.17.128 (HKLM-x32\...\Free Video Dub_is1) (Version: 2.0.17.128 - DVDVideoSoft Ltd.)
Garritan-Instrumente für Finale 2009 (HKLM\...\Garritan-Instrumente für Finale 2009_is1) (Version: v1.0.0.4 - Garritan)
Google Books Downloader version 2.3 (HKLM-x32\...\{216729B6-014A-F413-814F-F17F74FBA113}_is1) (Version: 2.3 - GBOOKSDOWNLOADER.COM)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HammerHead Rhythm Station (HKLM-x32\...\HammerHead Rhythm Station) (Version:  - )
HappyFoto-Designer 2.7 (HKLM-x32\...\HappyFoto-Designer_is1) (Version:  - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version:  - )
iZotope Vinyl (HKLM-x32\...\iZotope Vinyl_is1) (Version: 1.61 - iZotope, Inc.)
Java 7 Update 7 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.70 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Klavierakkorde 1.0.1 (HKLM-x32\...\Klavierakkorde_is1) (Version: 1.0.1 - AB-Tools.com)
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mein 3DataManager (HKLM-x32\...\3DataManager) (Version: 1.1.1 - Mein 3DataManager)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MIDI Klavier 1.0.1 (HKLM-x32\...\MIDI Klavier_is1) (Version:  - Felix Alter)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Native Instruments Traktor DJ Player (HKLM-x32\...\Native Instruments Traktor DJ Player) (Version:  - )
Nero 8 (HKLM-x32\...\{B944FA21-81AF-4A77-8328-CE4F4CC51031}) (Version: 8.10.20 - Nero AG)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.5424 - CyberLink Corp.)
PriMus Free 1.1 (Build 10791) (HKLM-x32\...\PriMus Free_is1) (Version: 1.1.0.10791 - Columbus Soft)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.6.11 - Dell Inc.)
QuickTime (HKLM-x32\...\QuickTime) (Version:  - )
RAD Video Tools (HKLM-x32\...\RADVideo) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5951 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.01 - Roxio)
SDP Downloader (HKLM-x32\...\{B547CB8D-549A-436E-97B5-E79F911B11E2}) (Version: 2.3.0 - SDP Multimedia)
Skins (x32 Version: 2009.0908.2225.38429 - ATI) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
smartmontools (HKLM-x32\...\smartmontools) (Version: 6.2 2013-07-26 r3841 (sf-6.2-1) - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.12 - Safer-Networking Ltd.)
SqrSoft® Advanced Crossfading (remove only) (HKLM-x32\...\SqrSoftACF) (Version:  - )
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 5 (HKLM-x32\...\TeamViewer 5) (Version: 5.1.9385  - TeamViewer GmbH)
TEFView 2.74 (HKLM-x32\...\TEFView_is1) (Version:  - TablEdit)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9603 - Broadcom Corporation)
Winamp (nur entfernen) (HKLM-x32\...\Winamp) (Version:  - )
Winamp Anwendungserkennung (HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Anwendungserkennung (HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows-Treiberpaket - Nokia Modem  (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows-Treiberpaket - Nokia Modem  (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
XviD MPEG-4 Codec (HKLM-x32\...\XviD) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

21-10-2015 15:30:49 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2010-06-16 21:31 - 00001302 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0A6E3CC9-9914-4353-AE3C-14DDA368CCF9} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2826457522-3369242990-2985312288-1000Core => C:\Users\Rainer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {1B01BE88-8E3F-4627-86A6-A260E8EFE898} - System32\Tasks\{37B9D076-9546-4F64-8165-24FDF94587E2} => C:\Program Files (x86)\Google Books Downloader\gbooks.exe [2013-01-04] ()
Task: {2818BB42-F2E6-4F71-BF42-8CBBFFF496C5} - System32\Tasks\{54F7E167-A775-472C-9E9A-3BA7591EAB10} => pcalua.exe -a D:\Rainer\Downloads\slowmewp.exe -d D:\Rainer\Downloads
Task: {30E7CD2B-96A2-44E5-B486-984F386B70A6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2012-11-13] (Safer-Networking Ltd.)
Task: {3C03C105-3646-41EE-8611-4101F45764C0} - System32\Tasks\{69576AAD-15E6-4D69-AFD4-EFBD590C1498} => pcalua.exe -a E:\setup.exe -d E:\
Task: {4AED2B42-3617-475B-8ABC-9A14FF6218B9} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {4F359348-B493-4617-846C-1BF3A99FBC44} - System32\Tasks\D1234567\Administrator - Start WLAN Tray Applet => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE [2009-07-17] (Dell Inc.)
Task: {60654141-BBDD-42F7-BE50-C0B5429AFF4D} - System32\Tasks\{78651D5B-FC4B-4EC1-BE77-E1121C2F84B3} => C:\Program Files (x86)\eMule\emule.exe [2010-04-07] (hxxp://www.emule-project.net)
Task: {66E2E49F-CFD2-4D64-8EBB-A4C79FC4C36D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-07-24] (Piriform Ltd)
Task: {68FDE400-7F11-4B07-9EA2-02B2B6A93159} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {701F67FC-20EF-4BEA-B21C-D9C808AF7AA5} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {76BF5194-7D1A-48CB-96D6-C89AFCF1630C} - System32\Tasks\{65D085D6-36A0-46C5-B50C-88CAC67C181A} => C:\Program Files (x86)\eMule\emule.exe [2010-04-07] (hxxp://www.emule-project.net)
Task: {76D9939B-9061-477D-B0B3-1D15A4241BFA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {7774C3F1-E9E7-4D44-A7A7-576E2F58F338} - System32\Tasks\{B65B1297-7F99-426E-97D6-492DCA6DCADF} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {7F81342B-5778-4F1E-8E4D-5B891CFB4650} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2012-11-13] (Safer-Networking Ltd.)
Task: {8ECFCC41-2A2E-413F-814E-856723645B9A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {C1F81BA8-7E76-488E-B7BD-50A197F2D4D4} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2012-11-13] (Safer-Networking Ltd.)
Task: {D4556857-6179-4AA4-81DB-1C083650F5AD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-27] (AVAST Software)
Task: {DE1691FB-94E7-48F1-BC8E-B391B1B80C5D} - System32\Tasks\chipSWU => Cscript.exe "C:\Program Files (x86)\chip\Internet Explorer\swu.vbs"
Task: {E0B1C27F-B7AB-4366-94E4-BE111AD38F2C} - System32\Tasks\{B2961C49-4D90-4290-9362-F36C61024676} => C:\Program Files (x86)\3DataManager\3DataManager.exe [2008-06-09] (WebToGo Mobile Internet GmbH)
Task: {E94BE843-92C2-43AF-BACF-40B9A79B1E1E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2826457522-3369242990-2985312288-1000UA => C:\Users\Rainer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {E9D1B710-CA2D-493F-BC7A-0A089A1A0573} - System32\Tasks\{47A9940E-86F3-4203-8CDC-7739C8F6A60F} => pcalua.exe -a D:\Rainer\Downloads\drumstation.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {F104E213-7DF1-4B93-9D9E-7D000D0ECC13} - System32\Tasks\{93A87AD0-A354-4D49-9314-CCBC6AE09A30} => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2009-06-24] (Creative Technology Ltd)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2826457522-3369242990-2985312288-1000Core.job => C:\Users\Rainer\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2826457522-3369242990-2985312288-1000UA.job => C:\Users\Rainer\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2010-02-23 20:20 - 2009-07-17 18:06 - 00033280 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
2010-02-23 20:20 - 2009-07-17 18:06 - 00058368 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlrmt.dll
2009-08-18 05:10 - 2009-08-18 05:10 - 00173344 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2015-09-09 03:51 - 2015-09-09 03:51 - 00472576 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\30703860d7ee62a97f9c4ed11a7bc205\VistaBridgeLibrary.ni.dll
2009-07-07 18:23 - 2009-07-07 18:23 - 01779952 _____ () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
2009-05-05 20:56 - 2009-05-05 20:56 - 00016384 ____R () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-02-23 20:17 - 2010-02-23 20:17 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2003-04-17 08:54 - 2003-04-17 08:54 - 00012288 _____ () C:\Program Files (x86)\Winamp\winampa.exe
2015-07-27 10:38 - 2015-07-27 10:38 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-27 10:38 - 2015-07-27 10:38 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-10-21 19:31 - 2015-10-21 19:31 - 02996080 _____ () C:\Program Files\AVAST Software\Avast\defs\15102102\algo.dll
2012-06-26 14:11 - 2012-06-26 14:11 - 02302040 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll
2012-06-26 14:11 - 2012-06-26 14:11 - 08197208 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll
2012-06-26 14:11 - 2012-06-26 14:11 - 00345688 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll
2012-06-26 14:10 - 2012-06-26 14:10 - 00202328 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
2012-06-26 14:10 - 2012-06-26 14:10 - 00027736 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
2012-06-26 14:11 - 2012-06-26 14:11 - 00282200 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll
2015-10-22 06:31 - 2015-10-22 06:31 - 00071168 _____ () c:\users\rainer\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplm3jzg.dll
2015-06-17 07:43 - 2015-09-24 01:07 - 00012800 _____ () C:\Users\Rainer\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-09-24 01:07 - 00779776 _____ () C:\Users\Rainer\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 08:29 - 2015-09-24 01:07 - 00056320 _____ () C:\Users\Rainer\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-17 07:43 - 2015-09-24 01:07 - 00012288 _____ () C:\Users\Rainer\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2009-07-07 18:24 - 2009-07-07 18:24 - 00268528 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
2009-07-07 18:23 - 2009-07-07 18:23 - 00058608 _____ () C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
2009-07-07 18:24 - 2009-07-07 18:24 - 00095472 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
2009-07-07 18:24 - 2009-07-07 18:24 - 00046320 _____ () C:\Program Files (x86)\Dell DataSafe Online\de\SdbUI.resources.dll
2009-07-07 18:24 - 2009-07-07 18:24 - 00369904 _____ () C:\Program Files (x86)\Dell DataSafe Online\de\DataSafeOnline.resources.dll
2009-07-07 18:24 - 2009-07-07 18:24 - 00140528 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
2009-07-07 18:23 - 2009-07-07 18:23 - 00017648 _____ () C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll
2012-12-18 21:16 - 2012-11-13 15:06 - 00108960 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2012-12-18 21:16 - 2012-11-13 15:06 - 00416160 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2012-12-18 21:16 - 2012-11-13 15:06 - 00158624 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2012-12-18 21:16 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2012-12-18 21:16 - 2012-11-13 15:06 - 00528288 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
2012-12-18 21:16 - 2012-11-13 15:06 - 00554400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
2015-06-11 15:50 - 2015-06-11 15:50 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2008-06-11 22:32 - 2008-06-11 22:32 - 02666496 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\PDFMaker\Common\AdobePDFMakerX.dll
2008-06-12 02:20 - 2008-06-12 02:20 - 01417216 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\PDFMaker\Common\AdobePDFMakerX.DEU
2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2011-05-26 20:18 - 2011-05-26 20:18 - 00136536 _____ () C:\Program Files (x86)\Microsoft Office\Office12\OUTLCTL.DLL
2015-07-14 18:20 - 2015-07-14 18:20 - 00756376 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 15573 mehr eingeschränkte Seiten.

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: NBKeyScan => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: PDVDDXSrv => "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{F287ECF0-9F00-4C37-86D1-8822F16047DD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD DX\PowerDVD.exe
FirewallRules: [{3C143C7A-5CE0-4E34-8AC4-710039A97502}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
FirewallRules: [TCP Query User{E731789B-6983-481E-A3A2-4596E441ABFD}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [UDP Query User{3FDFDD01-A3EE-4A30-BF12-9DBDF7A51B79}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [{50EE247A-B227-434B-A1AA-5E13DF5CD302}] => (Allow) LPort=5353
FirewallRules: [{CC4A25A6-3FF2-4B04-A282-48DCE12BAFC0}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{848F7153-3046-4E00-9987-915A0661807B}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{54B58AEC-AF79-4543-B60D-33EB912EC936}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [{724F156F-334C-4D89-A764-94AFD310C27B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [{347DD111-074C-46C0-A69C-81B482A3CEC9}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
FirewallRules: [{0AACDCE2-26B6-44C8-993C-12F6DE23F33C}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
FirewallRules: [TCP Query User{C6F165DE-8BD8-4228-8839-A298FBD536A5}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [UDP Query User{7731ABDF-F58D-42F6-8A7B-570089909C32}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [TCP Query User{7B419DAF-7140-4E05-AD5F-4288550247A7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{F020A29B-B3B2-49CD-895B-B0D2B57CC60F}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{92DE9E08-BDAD-48C5-984E-E81205D4DE50}C:\program files (x86)\streamtransport\streamtransport.exe] => (Allow) C:\program files (x86)\streamtransport\streamtransport.exe
FirewallRules: [UDP Query User{0735D965-0E78-4D54-8457-A0630AD45DED}C:\program files (x86)\streamtransport\streamtransport.exe] => (Allow) C:\program files (x86)\streamtransport\streamtransport.exe
FirewallRules: [TCP Query User{580B14E8-7A6D-4C9A-B5FF-CC7E53BA2F51}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{B2573A79-8C26-4717-9F0F-8546B13C7CF1}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{D8642F7E-174C-44EF-A8C2-DA37C29F8053}] => (Allow) C:\Users\Rainer\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1E8C75CC-4B38-4841-B0CB-699D0218581A}] => (Allow) C:\Users\Rainer\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{17255BF1-5AA9-4E7D-B991-4E8D21B455AE}] => (Allow) C:\Users\Rainer\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{2834A862-20CC-4DDA-9A61-DC1082934F9A}] => (Allow) C:\Users\Rainer\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{A6C7F06C-8DF1-4FFC-AD60-61233FF0C079}C:\users\rainer\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\rainer\appdata\local\jdownloader v2.0\jdownloader2.exe
FirewallRules: [UDP Query User{512740BB-62FF-4EB2-A8A6-32CABD556677}C:\users\rainer\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\rainer\appdata\local\jdownloader v2.0\jdownloader2.exe
FirewallRules: [{D72FFF9B-3D51-47B0-9CCE-925A848B8845}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0476A53E-1633-4E74-B17F-0CEFCC54EDFF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{3F86D22A-38C1-4223-84A0-9947F213D052}C:\users\rainer\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\rainer\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{F226D1DF-346A-44F8-8353-F1173641A63C}C:\users\rainer\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\rainer\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{EDEA959E-D874-450F-BED6-6E034874045D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{028A4F2D-59DE-498D-9029-B692AC3BFDAA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{6BD23870-2CCE-48AF-A819-0871F5407D53}] => (Allow) C:\Users\Rainer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{9FEF5807-45B2-4ED5-8F37-DAD330A27765}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{31933861-5D64-4648-BB70-15D5DC37CA5E}] => (Allow) LPort=2869
FirewallRules: [{23D730B2-A165-4C63-A873-16E6198FE35B}] => (Allow) LPort=1900
FirewallRules: [{303216FF-7FC7-4B03-8EFC-E9435E36AA1D}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{BC510587-6F77-40D8-B7B7-37C662A4A826}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{07F3FF3F-5D5E-4EB2-B125-DABBEE264881}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/22/2015 06:31:29 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (10/21/2015 07:30:00 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (10/21/2015 06:42:04 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (10/20/2015 05:35:45 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (10/20/2015 11:32:32 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (10/20/2015 11:28:55 AM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (6840) WebCacheLocal: Fehler -1811 beim Öffnen von Protokolldatei C:\Users\Rainer\AppData\Local\Microsoft\Windows\WebCache\V0100F5B.log.

Error: (10/20/2015 11:20:37 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SDScan.exe, Version 2.0.12.173 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: dec

Startzeit: 01d10b1683b9cb69

Endzeit: 24

Anwendungspfad: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

Berichts-ID:

Error: (10/20/2015 08:17:53 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (10/19/2015 07:45:02 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (10/18/2015 07:54:20 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


Systemfehler:
=============
Error: (10/22/2015 06:31:29 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (10/21/2015 09:45:25 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (10/21/2015 09:45:25 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (10/21/2015 09:45:11 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (10/21/2015 09:09:59 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/21/2015 09:09:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SupportSoft Sprocket Service (DellSupportCenter)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/21/2015 09:09:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ServiceLayer" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/21/2015 09:09:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/21/2015 09:09:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/21/2015 09:09:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Spybot-S&D 2 Updating Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
Prozentuale Nutzung des RAM: 54%
Installierter physikalischer RAM: 3956.54 MB
Verfügbarer physikalischer RAM: 1818.96 MB
Summe virtueller Speicher: 9888.75 MB
Verfügbarer virtueller Speicher: 6874.61 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:88.52 GB) (Free:21.61 GB) NTFS
Drive d: () (Fixed) (Total:600.21 GB) (Free:76.2 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: B1D12966)
Partition 1: (Not Active) - (Size=150 MB) - (Type=DE)
Partition 2: (Active) - (Size=9.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=88.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=600.2 GB) - (Type=05)

==================== Ende von Addition.txt ============================
         

Alt 22.10.2015, 05:52   #12
stoandl
 
blau unterstrichenes Wort mit grünem Pfeil rechts oben - Standard

blau unterstrichenes Wort mit grünem Pfeil rechts oben



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:21-10-2015 01
durchgeführt von Rainer (Administrator) auf RAINER-LT (22-10-2015 06:41:22)
Gestartet von D:\Rainer\Downloads
Geladene Profile: Rainer &  (Verfügbare Profile: Rainer)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
() C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(BitTorrent Inc.) C:\Users\Rainer\AppData\Roaming\uTorrent\uTorrent.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Dropbox, Inc.) C:\Users\Rainer\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(BitTorrent Inc.) C:\Users\Rainer\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(BitTorrent Inc.) C:\Users\Rainer\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files (x86)\Winamp\winampa.exe
(Apple Computer, Inc.) C:\Program Files (x86)\QuickTime\qttask.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [357376 2009-09-16] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-09] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3189016 2009-10-01] (Dell Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-17] (Dell Inc.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2184520 2009-07-27] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-09-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1779952 2009-07-07] ()
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [DellSupportCenter] => C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\Winampa.exe [12288 2003-04-17] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\qttask.exe [98304 2014-06-27] (Apple Computer, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [831192 2014-07-03] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-27] (AVAST Software)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-04-14] (Google Inc.)
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\Run: [uTorrent] => C:\Users\Rainer\AppData\Roaming\uTorrent\uTorrent.exe [1822048 2015-10-13] (BitTorrent Inc.)
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\Run: [Dropbox Update] => C:\Users\Rainer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {12e2a80b-456d-11df-a296-0026b9246c68} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {12e2a80d-456d-11df-a296-0026b9246c68} - G:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {56ce4137-4898-11e4-8255-0026b9246c68} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {56ce413a-4898-11e4-8255-0026b9246c68} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {74b8ed62-2f80-11df-99aa-0026b9246c68} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {74b8ed67-2f80-11df-99aa-0026b9246c68} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {74b8ee3c-2f80-11df-99aa-904ce5d0ecb8} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {a34f141c-ee5e-11e3-8674-0026b9246c68} - F:\ting.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {ad812746-7543-11e0-b888-b89966ac48a5} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {ad812749-7543-11e0-b888-b89966ac48a5} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {b678db16-fb85-11df-894f-b7f0a70929a3} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {b678db18-fb85-11df-894f-b7f0a70929a3} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\MountPoints2: {fd063144-dbb1-11df-b3f3-806e6f6e6963} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-04-14] (Google Inc.)
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [uTorrent] => C:\Users\Rainer\AppData\Roaming\uTorrent\uTorrent.exe [1822048 2015-10-13] (BitTorrent Inc.)
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => C:\Users\Rainer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {12e2a80b-456d-11df-a296-0026b9246c68} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {12e2a80d-456d-11df-a296-0026b9246c68} - G:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {56ce4137-4898-11e4-8255-0026b9246c68} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {56ce413a-4898-11e4-8255-0026b9246c68} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {74b8ed62-2f80-11df-99aa-0026b9246c68} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {74b8ed67-2f80-11df-99aa-0026b9246c68} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {74b8ee3c-2f80-11df-99aa-904ce5d0ecb8} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {a34f141c-ee5e-11e3-8674-0026b9246c68} - F:\ting.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ad812746-7543-11e0-b888-b89966ac48a5} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ad812749-7543-11e0-b888-b89966ac48a5} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b678db16-fb85-11df-894f-b7f0a70929a3} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b678db18-fb85-11df-894f-b7f0a70929a3} - F:\AutoRun.exe
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {fd063144-dbb1-11df-b3f3-806e6f6e6963} - F:\AutoRun.exe
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rainer\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-27] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-10-21]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-02-23]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-02-23]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk [2015-10-21]
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-10-21]
ShortcutTarget: Dropbox.lnk -> C:\Users\Rainer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{F37501EF-480A-48FB-A8D4-07F950543BC4}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
URLSearchHook: HKLM-x32 - (Kein Name) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - Keine Datei
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {7610C2C4-E281-474E-B54C-8A78D5EB0EAC} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {F209670B-C5F9-4F55-82D5-0743DDF1B790} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {F209670B-C5F9-4F55-82D5-0743DDF1B790} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
BHO: Kein Name -> {7553EA3C-F8DA-4188-B7BC-956894EA54F5} -> Keine Datei
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-27] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13] (Safer-Networking Ltd.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-02] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-27] (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-02] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Keine Datei
Toolbar: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Keine Datei
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Yahoo!
FF Homepage: hxxp://www.google.at/
FF NetworkProxy: "http", "115.124.73.122"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll [2009-11-14] (DivX,Inc.)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll [2009-11-14] (DivX, Inc)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-09-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.7.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-09-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPAdbESD.dll [2006-10-03] (Adobe Systems Incorporated)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2008-06-11] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-06-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-06-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-06-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-06-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-06-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2014-06-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2014-06-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2010-01-12] (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\searchplugins\google-images.xml [2014-07-30]
FF SearchPlugin: C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\searchplugins\google-maps.xml [2014-07-30]
FF Extension: Avira Browser Safety - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\abs@avira.com [2015-05-28] [ist nicht signiert]
FF Extension: FoxyProxy Standard - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\foxyproxy@eric.h.jung [2015-05-29]
FF Extension: Proxy-Listen.de - Proxyswitcher - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\admin@proxy-listen.de.xpi [2015-05-29]
FF Extension: anonymoX - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\client@anonymox.net.xpi [2015-09-29]
FF Extension: YouTube Video and Audio Downloader - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2015-07-18]
FF Extension: 9kw Client (v1.66b2) - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\jid0-08QUFKHYKxeTWwjnxAvsJJVhLsk@jetpack.xpi [2014-09-02] [ist nicht signiert]
FF Extension: ProxMate - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2015-06-15]
FF Extension: Adblock Plus - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF Extension: Greasemonkey - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-09-18]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-27] [ist nicht signiert]
FF HKU\S-1-5-21-2826457522-3369242990-2985312288-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\extensions\cliqz@cliqz.com => nicht gefunden
FF HKU\S-1-5-21-2826457522-3369242990-2985312288-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\w68k4ml1.default\extensions\cliqz@cliqz.com => nicht gefunden

Chrome: 
=======
CHR Profile: C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-11]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-27] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [405208 2014-07-03] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-07-03] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [773848 2014-07-03] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-12-18] (Stardock Corporation) [Datei ist nicht signiert]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-09-20] (Nero AG)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-17] (Dell Inc.) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-27] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-27] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-07-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-27] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-27] (AVAST Software)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-07-03] (BlueStack Systems)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-10-22] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-21 09:07 - 2015-10-21 09:07 - 00043708 _____ C:\mbam.txt
2015-10-21 07:28 - 2015-10-22 06:30 - 00074928 _____ C:\Windows\PFRO.log
2015-10-21 07:02 - 2015-10-22 06:32 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-21 07:01 - 2015-10-21 07:27 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-21 07:01 - 2015-10-21 07:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-10-21 07:01 - 2015-10-21 07:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-21 07:01 - 2015-10-21 07:01 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-10-21 07:01 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-21 07:01 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-21 07:01 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-20 17:00 - 2015-10-22 06:41 - 00000000 ____D C:\FRST
2015-10-20 15:27 - 2015-10-20 15:27 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-20 11:31 - 2015-10-22 06:30 - 00000336 _____ C:\Windows\setupact.log
2015-10-20 11:31 - 2015-10-20 11:31 - 00000000 _____ C:\Windows\setuperr.log
2015-10-20 11:26 - 2015-10-20 13:49 - 00000000 ____D C:\AdwCleaner
2015-10-15 19:56 - 2015-10-15 19:56 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-15 08:29 - 2015-09-18 21:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-15 08:29 - 2015-09-18 21:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-15 08:29 - 2015-09-18 21:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-15 08:29 - 2015-09-18 21:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-15 08:29 - 2015-09-18 21:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-15 08:29 - 2015-09-18 21:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-15 08:29 - 2015-09-18 21:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-14 08:57 - 2015-09-18 21:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-14 08:57 - 2015-09-18 20:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-14 08:57 - 2015-09-16 06:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-14 08:57 - 2015-09-16 06:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-14 08:57 - 2015-09-16 06:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-14 08:57 - 2015-09-16 06:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-14 08:57 - 2015-09-16 06:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-14 08:57 - 2015-09-16 06:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 08:57 - 2015-09-16 06:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-14 08:57 - 2015-09-16 06:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-14 08:57 - 2015-09-16 06:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-14 08:57 - 2015-09-16 06:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-14 08:57 - 2015-09-16 06:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-14 08:57 - 2015-09-16 06:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-14 08:57 - 2015-09-16 06:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 08:57 - 2015-09-16 06:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 08:57 - 2015-09-16 06:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-14 08:57 - 2015-09-16 06:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-14 08:57 - 2015-09-16 06:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-14 08:57 - 2015-09-16 06:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-14 08:57 - 2015-09-16 05:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-14 08:57 - 2015-09-16 05:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-14 08:57 - 2015-09-16 05:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 08:57 - 2015-09-16 05:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-14 08:57 - 2015-09-16 05:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-14 08:57 - 2015-09-16 05:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-14 08:57 - 2015-09-16 05:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-14 08:57 - 2015-09-16 05:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-14 08:57 - 2015-09-16 05:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-14 08:57 - 2015-09-16 05:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-14 08:57 - 2015-09-16 05:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-14 08:57 - 2015-09-16 05:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-14 08:57 - 2015-09-16 05:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-14 08:57 - 2015-09-16 05:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-14 08:57 - 2015-09-16 05:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-14 08:57 - 2015-09-16 05:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-14 08:57 - 2015-09-16 05:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-14 08:57 - 2015-09-16 05:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-14 08:57 - 2015-09-16 05:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-14 08:57 - 2015-09-16 05:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-14 08:57 - 2015-09-16 05:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-14 08:57 - 2015-09-16 05:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-14 08:57 - 2015-09-16 05:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-14 08:57 - 2015-09-16 05:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 08:57 - 2015-09-16 05:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-14 08:57 - 2015-09-16 05:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-14 08:57 - 2015-09-16 05:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-14 08:57 - 2015-09-16 05:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-14 08:57 - 2015-09-16 05:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-14 08:57 - 2015-09-16 05:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-14 08:57 - 2015-09-16 05:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-14 08:57 - 2015-09-16 05:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-14 08:57 - 2015-09-16 05:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-14 08:57 - 2015-09-16 05:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-14 08:57 - 2015-09-16 04:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-14 08:57 - 2015-09-16 04:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-14 08:57 - 2015-09-16 04:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-14 08:57 - 2015-09-16 04:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-14 08:57 - 2015-09-16 04:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-14 08:57 - 2015-09-16 04:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-14 08:57 - 2015-09-16 04:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-14 08:57 - 2015-09-16 04:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-14 08:57 - 2015-09-16 04:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-14 08:57 - 2015-09-16 04:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-14 08:20 - 2015-08-06 20:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 08:20 - 2015-08-06 20:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-14 08:20 - 2015-08-06 19:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-14 08:20 - 2015-08-06 19:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-14 08:09 - 2015-09-25 20:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-14 08:09 - 2015-09-25 20:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-14 08:09 - 2015-09-25 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-14 08:09 - 2015-09-25 20:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-14 08:09 - 2015-09-25 20:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-14 08:09 - 2015-09-25 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-14 08:09 - 2015-09-25 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-14 08:09 - 2015-09-25 20:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-14 08:09 - 2015-09-25 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-14 08:09 - 2015-09-25 20:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-14 08:09 - 2015-09-25 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-14 08:09 - 2015-09-25 19:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-14 08:09 - 2015-09-25 19:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-14 08:09 - 2015-09-25 19:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-14 08:09 - 2015-09-25 19:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-14 08:09 - 2015-09-25 19:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-14 08:08 - 2015-09-29 05:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 08:08 - 2015-09-29 05:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-14 08:08 - 2015-09-29 05:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-14 08:08 - 2015-09-29 05:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-14 08:08 - 2015-09-29 05:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-14 08:08 - 2015-09-29 05:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-14 08:08 - 2015-09-29 05:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-14 08:08 - 2015-09-29 05:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-14 08:08 - 2015-09-29 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-14 08:08 - 2015-09-29 05:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-14 08:08 - 2015-09-29 05:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-14 08:08 - 2015-09-29 05:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-14 08:08 - 2015-09-29 05:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-14 08:08 - 2015-09-29 05:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-14 08:08 - 2015-09-29 05:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-14 08:08 - 2015-09-29 05:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-14 08:08 - 2015-09-29 05:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-14 08:08 - 2015-09-29 05:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-14 08:08 - 2015-09-29 05:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-14 08:08 - 2015-09-29 05:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-14 08:08 - 2015-09-29 04:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-14 08:08 - 2015-09-29 04:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-14 08:08 - 2015-09-29 04:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-14 08:08 - 2015-09-29 04:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-14 08:08 - 2015-09-29 04:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-14 08:08 - 2015-09-29 04:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-14 08:08 - 2015-09-29 04:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-14 08:08 - 2015-09-29 04:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-14 08:08 - 2015-09-29 04:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-14 08:08 - 2015-09-29 04:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-14 08:08 - 2015-09-29 04:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-14 08:08 - 2015-09-29 04:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-14 08:08 - 2015-09-29 04:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-14 08:08 - 2015-09-29 04:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-14 08:08 - 2015-09-29 04:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 03:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-14 08:08 - 2015-09-29 03:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-14 08:08 - 2015-09-29 03:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-14 08:08 - 2015-09-29 03:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-14 08:08 - 2015-09-29 03:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-14 08:08 - 2015-09-29 03:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 03:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 03:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 08:08 - 2015-09-29 03:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-14 08:08 - 2015-09-15 20:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-14 08:08 - 2015-09-15 20:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-14 08:08 - 2015-09-15 20:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-14 08:08 - 2015-09-15 20:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-14 08:08 - 2015-09-15 20:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-14 08:08 - 2015-09-15 20:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-14 08:08 - 2015-09-15 20:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-14 08:08 - 2015-09-15 20:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-14 08:08 - 2015-09-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-14 08:08 - 2015-09-15 19:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-14 08:08 - 2015-09-15 19:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-14 08:08 - 2015-09-15 19:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-14 08:08 - 2015-09-15 19:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-14 08:07 - 2015-10-01 20:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-14 08:07 - 2015-10-01 20:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-14 08:07 - 2015-10-01 20:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 08:07 - 2015-10-01 20:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-14 08:07 - 2015-10-01 20:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-14 08:07 - 2015-10-01 20:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-14 08:07 - 2015-10-01 20:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 08:07 - 2015-10-01 19:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-14 08:07 - 2015-10-01 19:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-14 08:04 - 2015-07-18 15:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-14 08:04 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-13 13:08 - 2015-10-22 06:30 - 00000000 ____D C:\Users\Rainer\AppData\LocalLow\uTorrent
2015-10-03 01:29 - 2015-10-17 12:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-22 06:42 - 2012-08-15 21:53 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\uTorrent
2015-10-22 06:39 - 2009-07-14 06:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-22 06:39 - 2009-07-14 06:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-22 06:37 - 2013-06-08 12:24 - 01147791 _____ C:\Windows\WindowsUpdate.log
2015-10-22 06:32 - 2014-08-07 03:46 - 00000000 ___RD C:\Users\Rainer\Dropbox
2015-10-22 06:31 - 2014-08-07 03:42 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\Dropbox
2015-10-22 06:30 - 2010-08-02 13:02 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-10-22 06:30 - 2010-04-14 17:30 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-22 06:30 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-21 21:19 - 2012-06-12 16:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-21 21:10 - 2010-04-14 17:30 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-21 20:53 - 2015-06-17 07:41 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2826457522-3369242990-2985312288-1000UA.job
2015-10-21 07:28 - 2015-05-31 20:51 - 00000000 ____D C:\Windows\de
2015-10-21 07:27 - 2015-06-29 11:05 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-10-21 07:27 - 2015-05-31 20:50 - 00001376 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-10-21 07:27 - 2015-05-31 20:50 - 00001307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-10-21 07:27 - 2015-05-31 20:49 - 00002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2015-10-21 07:27 - 2015-05-31 20:49 - 00001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2015-10-21 07:27 - 2014-12-18 12:04 - 00001108 _____ C:\Users\Public\Desktop\Instrumente für Finale 2009.lnk
2015-10-21 07:27 - 2014-12-18 12:00 - 00001016 _____ C:\Users\Public\Desktop\Finale 2009.lnk
2015-10-21 07:27 - 2014-08-01 18:55 - 00001814 _____ C:\Users\Public\Desktop\Apps.lnk
2015-10-21 07:27 - 2014-08-01 18:55 - 00001803 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2015-10-21 07:27 - 2014-06-27 16:22 - 00001049 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-10-21 07:27 - 2014-02-18 21:28 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-10-21 07:27 - 2014-01-16 14:45 - 00002034 _____ C:\Users\Public\Desktop\Nokia PC Suite.lnk
2015-10-21 07:27 - 2013-12-06 18:19 - 00001100 _____ C:\Users\Public\Desktop\Google Books Downloader.lnk
2015-10-21 07:27 - 2013-10-12 12:19 - 00000886 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2015-10-21 07:27 - 2013-10-12 10:33 - 00002192 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 2.0.lnk
2015-10-21 07:27 - 2013-10-12 10:33 - 00002174 _____ C:\Users\Public\Desktop\Adobe Digital Editions 2.0.lnk
2015-10-21 07:27 - 2012-12-18 21:16 - 00002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-10-21 07:27 - 2012-12-18 21:16 - 00002173 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-10-21 07:27 - 2012-11-05 16:57 - 00001025 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-10-21 07:27 - 2012-08-14 21:08 - 00002007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2015-10-21 07:27 - 2012-08-14 21:08 - 00001951 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2015-10-21 07:27 - 2012-08-14 21:08 - 00001930 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2015-10-21 07:27 - 2012-08-06 13:44 - 00000862 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-10-21 07:27 - 2011-05-17 21:30 - 00001156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-21 07:27 - 2010-10-21 12:13 - 00001180 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 5.lnk
2015-10-21 07:27 - 2010-05-31 21:11 - 00002095 _____ C:\Users\Public\Desktop\Canon MP Navigator EX 3.0.lnk
2015-10-21 07:27 - 2010-03-19 09:59 - 00001734 _____ C:\Users\Public\Desktop\Browserwahl.lnk
2015-10-21 07:27 - 2010-03-06 15:42 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hilfedokumentation von Dell.lnk
2015-10-21 07:27 - 2010-02-23 20:28 - 00002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerDVD DX.lnk
2015-10-21 07:27 - 2010-02-23 20:23 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
2015-10-21 07:27 - 2010-02-23 13:09 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-10-21 07:27 - 2010-02-23 13:09 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-10-21 07:27 - 2009-07-14 06:57 - 00001523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-10-21 07:27 - 2009-07-14 06:57 - 00001352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2015-10-21 07:27 - 2009-07-14 06:57 - 00001304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2015-10-21 07:27 - 2009-07-14 06:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2015-10-21 07:27 - 2009-07-14 06:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2015-10-21 07:25 - 2015-05-31 20:45 - 00002147 _____ C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2015-10-21 07:25 - 2015-01-01 21:42 - 00000796 _____ C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-10-21 07:25 - 2014-07-08 13:41 - 00000969 _____ C:\Users\Rainer\Desktop\aMule.lnk
2015-10-21 07:25 - 2013-06-04 20:26 - 00001795 _____ C:\Users\Rainer\Desktop\WINAMP.LNK
2015-10-21 07:25 - 2013-02-11 20:43 - 00001090 _____ C:\Users\Rainer\Desktop\AviSplit Classic.lnk
2015-10-21 07:25 - 2013-01-23 10:13 - 00001129 _____ C:\ProgramData\Microsoft\Windows\Start Menu\SDP Downloader.lnk
2015-10-21 07:25 - 2012-11-07 21:07 - 00001015 _____ C:\Users\Rainer\Desktop\HammerHead 1.0.lnk
2015-10-21 07:25 - 2012-08-06 17:36 - 00001242 _____ C:\Users\Rainer\Desktop\Traktor DJ Player.lnk
2015-10-21 07:25 - 2010-10-19 21:16 - 00001997 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Mein 3DataManager.lnk
2015-10-21 07:25 - 2010-03-06 15:46 - 00001427 _____ C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-21 07:25 - 2009-07-14 07:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2015-10-21 07:25 - 2009-07-14 06:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2015-10-21 06:45 - 2015-06-11 15:50 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-10-21 06:41 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-19 13:30 - 2009-07-14 19:58 - 00703192 _____ C:\Windows\system32\perfh007.dat
2015-10-19 13:30 - 2009-07-14 19:58 - 00150800 _____ C:\Windows\system32\perfc007.dat
2015-10-19 13:30 - 2009-07-14 07:13 - 01629348 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-17 14:19 - 2012-06-12 16:01 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-17 14:19 - 2012-06-12 16:01 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-17 14:19 - 2012-06-12 16:01 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-17 12:35 - 2012-05-04 10:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-16 21:52 - 2015-06-17 07:41 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2826457522-3369242990-2985312288-1000Core.job
2015-10-16 03:01 - 2014-12-12 04:30 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-16 03:01 - 2014-05-06 20:19 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-15 12:17 - 2014-08-01 17:43 - 00000000 ____D C:\Program Files (x86)\Skype
2015-10-15 10:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-10-14 22:33 - 2013-07-16 21:51 - 00000000 ____D C:\Windows\system32\MRT
2015-10-14 22:24 - 2010-05-11 21:40 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-14 22:24 - 2010-02-23 20:31 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-12 22:04 - 2012-11-05 16:58 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\Audacity
2015-10-12 13:56 - 2014-02-18 21:29 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\vlc
2015-10-10 14:24 - 2014-08-06 14:05 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\dvdcss
2015-10-09 07:07 - 2015-04-04 21:06 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-08 22:37 - 2015-04-04 21:06 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-01 17:22 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-09-24 15:43 - 2013-09-24 15:43 - 0077976 _____ (AppWork GmbH) C:\Program Files (x86)\WebInstallerJD2.exe
2013-09-24 18:09 - 2013-09-24 18:10 - 6571624 _____ (Bolide Software                                             ) C:\Program Files (x86)\wsr_setup.exe
2013-11-22 20:06 - 2013-11-22 20:31 - 0000709 _____ () C:\Users\Rainer\AppData\Roaming\AdobeDLM.log
2013-09-25 22:02 - 2013-09-25 22:02 - 0000046 _____ () C:\Users\Rainer\AppData\Roaming\Camdata.ini
2013-09-25 22:02 - 2013-09-25 22:02 - 0000408 _____ () C:\Users\Rainer\AppData\Roaming\CamLayout.ini
2013-09-25 22:02 - 2013-09-25 22:02 - 0000408 _____ () C:\Users\Rainer\AppData\Roaming\CamShapes.ini
2013-09-25 22:02 - 2013-09-25 22:02 - 0004510 _____ () C:\Users\Rainer\AppData\Roaming\CamStudio.cfg
2013-11-22 20:06 - 2013-11-22 20:17 - 0000466 _____ () C:\Users\Rainer\AppData\Roaming\dm.ini
2010-06-19 23:29 - 2011-03-07 11:56 - 1663512 _____ () C:\Users\Rainer\AppData\Roaming\mdbu.bin
2014-02-10 12:35 - 2014-02-10 12:34 - 0036375 ____N () C:\Users\Rainer\AppData\Roaming\uTorrent.torrent
2010-10-05 20:13 - 2015-08-11 17:23 - 0023040 _____ () C:\Users\Rainer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-08 12:24 - 2015-03-08 13:30 - 0001477 _____ () C:\Users\Rainer\AppData\Local\RecConfig.xml
2015-03-08 13:29 - 2015-03-08 13:29 - 0000040 _____ () C:\Users\Rainer\AppData\Local\tmp.no23
2010-03-15 21:07 - 2010-03-15 21:15 - 0000621 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
C:\Users\Rainer\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplm3jzg.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-21 08:10

==================== Ende von FRST.txt ============================
         

Alt 22.10.2015, 13:31   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
blau unterstrichenes Wort mit grünem Pfeil rechts oben - Standard

blau unterstrichenes Wort mit grünem Pfeil rechts oben



Spybot und Avast deinstallieren. Spybot ist wirkungslos und wird hier auch nicht verwendet. Von Avast raten wir ab wegen massiven Datenschutzproblemen und Kundenverarsche. Wenn wir fertig sind kannst du dich um ein anderes AVP kümmern.

Außerdem, und das seh ich jetzt erst, muss jede illegale Software runter!
Du hast da mindestens von Adobe gecrackte Software drauf:

Zitat:
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 22.10.2015, 15:15   #14
stoandl
 
blau unterstrichenes Wort mit grünem Pfeil rechts oben - Standard

blau unterstrichenes Wort mit grünem Pfeil rechts oben



Wie finde ich diese illegale Software?

Alt 22.10.2015, 15:55   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
blau unterstrichenes Wort mit grünem Pfeil rechts oben - Standard

blau unterstrichenes Wort mit grünem Pfeil rechts oben



Bezieht sich auf Adobe Creative Suite. Alles davon deinstallieren.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu blau unterstrichenes Wort mit grünem Pfeil rechts oben
adwcleaner, blau, blau unterstrichen, einloggen, ellung, extrem, firefox, grüne, hilfe, laptop, mozilla, mozilla firefox, nichts, rechts, system, unterstrichen, webseite, webseiten, werbe, windows, windows 7, wörter



Ähnliche Themen: blau unterstrichenes Wort mit grünem Pfeil rechts oben


  1. Blau unterstrichene Wörter mit grünem Pfeil, die Werbung auslösen
    Plagegeister aller Art und deren Bekämpfung - 20.08.2015 (8)
  2. Macbook Air OSX Version 10.9.5: Unterstrichene blaue Wörter mit grünem Pfeil - Fenster mit Werbung öffnen sich andauernd.
    Alles rund um Mac OSX & Linux - 02.06.2015 (1)
  3. Tablet > Ständig das Wort DEMO auf dem Display
    Alles rund um Mac OSX & Linux - 03.03.2015 (8)
  4. Erneute Werbefenster hintr jedem 3. Wort
    Plagegeister aller Art und deren Bekämpfung - 22.02.2015 (5)
  5. Traffic und gesamten Computer auf ein Wort untersuchen?
    Diskussionsforum - 01.10.2014 (9)
  6. Virusbefall als Links mit blau hinterlegten Worten mit kleinem grünen Pfeil in Browser-Texten
    Log-Analyse und Auswertung - 07.01.2014 (18)
  7. ESET findet "multiple threats" trotz grünem Licht von MalwareBytes, AdwCleaner und JRT
    Plagegeister aller Art und deren Bekämpfung - 23.07.2013 (11)
  8. GVU Trojaner (oben rechts mit Handschellen)
    Plagegeister aller Art und deren Bekämpfung - 17.06.2013 (15)
  9. Neuer GVU Trojaner mit Handschellen+ IP; rechts oben Deutschlandflagge; 100 € zur entsperrung
    Log-Analyse und Auswertung - 09.05.2013 (7)
  10. GVU-Trojaner mit Webcam oben rechts
    Log-Analyse und Auswertung - 08.09.2012 (1)
  11. TR/Crypt.XPACK.Gen3 und ich verstehe kein Wort -.-*
    Log-Analyse und Auswertung - 25.06.2011 (10)
  12. Urls mit Wort d ownload können nicht geöffnet werden
    Plagegeister aller Art und deren Bekämpfung - 17.02.2010 (8)
  13. Keine Antivirussoftwäre läuft mehr (PC ist auf das Wort Antivirus allergisch)
    Plagegeister aller Art und deren Bekämpfung - 13.01.2010 (37)
  14. WLAN-Unterbrechungen trotz grünem Symbol auf OK
    Log-Analyse und Auswertung - 25.12.2009 (2)

Zum Thema blau unterstrichenes Wort mit grünem Pfeil rechts oben - Hallo! Danke, dass ich mich wieder an euch wenden darf! Problemstellung: mein Laptop (Windows 7), Mozilla Firefox, läuft extrem langsam. Wenn ich Webseiten besuche, sind viele Wörter blau und blau - blau unterstrichenes Wort mit grünem Pfeil rechts oben...
Archiv
Du betrachtest: blau unterstrichenes Wort mit grünem Pfeil rechts oben auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.