Windows 8.1 Pro Downloads laufen mit normaler Downloadgeschwindigkeit bis ca. 99%, werden dann aber nicht beendet

FireHawk0815 · 14.02.2015, 02:07

Guten Abend Forum,

ich hoffe, dass ich mich hier nicht in dem absolut falschen Forumbereich befinde.

Vorab, es funktionierte bis vor 6 Tagen noch alles einwandfrei und habe mich die letzten Tage selbst daran versucht, aber ohne Erfolg, da sich meine Kenntnisse auch nur auf das nötigste beschränken.

Mein Problem ist, dass wie oben angegeben, jegliche Downloads bis zu ca. 99% durchladen und dann einfach stoppen und nicht weiterlaufen, auch Warten über mehrere Minuten hat nicht geholfen. Wenn Sie dann "abgeschlossen" sind, fehlt immer ein kleiner Teil am Schluss des Downloads, weshalb die Datei als ungültig bezeichnet wird, wenn ich versuche, sie zu öffnen.

Ich habe bereits G DATA einen kompletten Systemscan durchführen lassen, es hat aber nichts gefunden.

Außerdem ist mein Internet zur Zeit deutlich verlangsamt im Bereich von Videos oder etwas größeren Seiten, die Downloadgeschwindigkeit, bis er bei 99% abbricht, ist allerdings nahezu identisch im Vergleich zu den Zeit vor dem Problem.

Wie gesagt, G DATA ist installiert, hat aber nichts gefunden, ich kann aber nicht ausschließen, dass es doch etwas schädliches ist, also wende ich mich an Euch!

Vielen Dank im Voraus.

schrauber · 14.02.2015, 10:22

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

FireHawk0815 · 14.02.2015, 21:49

Wenn ich die FRST64.exe starten will, sagt Windows, dass diese App nicht auf meinem PC ausgeführt werden kann. Genau dieselbe Meldung bei FRST.exe (der 32-bit Version). Ich habe einen MSI GP60 2PE Leopard mit Windows 8.1 64-bit

ok, ich hab jetzt über einen anderen PC heruntergeladen und mit der Datei gehts jetzt, hier die Dateien:

FRST.txt

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-02-2015
Ran by Michael (administrator) on MICHAEL on 14-02-2015 21:45:43
Running from C:\Users\Michael\Desktop
Loaded Profiles: Michael (Available profiles: Michael)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Windows\System32\PnkBstrA.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
() C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Curse) C:\Users\Michael\AppData\Local\Apps\2.0\YC1VA9NY.5OL\2ZY9LQ5P.OJG\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.3733\Agent.exe
(Blizzard Entertainment) D:\Programme\Battle.net\Battle.net.5522\Battle.net.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Blizzard Entertainment) D:\Programme\Diablo III\Diablo III.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13657304 2013-10-18] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2893104 2013-08-23] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)
HKLM-x32\...\Run: [G Data ASM] => C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [431224 2013-12-19] (G Data Software AG)
HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
HKU\S-1-5-21-1747353380-2781431917-137839127-1001\...\MountPoints2: {602bbc24-54f9-11e4-826b-a0886990d304} - "F:\LaunchU3.exe" -a
HKU\S-1-5-21-1747353380-2781431917-137839127-1001\...\MountPoints2: {c86e991b-38d2-11e4-8251-806e6f6e6963} - "E:\autorun.exe" 
HKU\S-1-5-21-1747353380-2781431917-137839127-1001\...\MountPoints2: {cf398df9-46e5-11e4-8266-a0886990d304} - "G:\LG_PC_Programs.exe" 
AppInit_DLLs-x32: \ => \ [0 ] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{4692B750-DE88-4DCF-9163-745AF5604B24}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe ()
Startup: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1411735105&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1411735105&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1747353380-2781431917-137839127-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1747353380-2781431917-137839127-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1747353380-2781431917-137839127-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1747353380-2781431917-137839127-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1747353380-2781431917-137839127-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: NextCoup -> {276113fe-5f7f-4a0a-bbd5-266a1a74d3ac} -> C:\Program Files (x86)\NextCoup\tY44ZQSlTYQaOM.x64.dll No File
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: YoutuBBeeAdoBlockE -> {dc6359bf-1a64-4c52-8e92-05b40cf9467a} -> C:\Program Files (x86)\YoutuBBeeAdoBlockE\TvQHrz4vrM8Vob.x64.dll No File
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Winsock: Catalog5 08 C:\Windows\SysWOW64\wlidNSP.dll [49664] (Microsoft Corporation)
Winsock: Catalog5 09 C:\Windows\SysWOW64\wlidNSP.dll [49664] (Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Windows\system32\wlidnsp.dll [73216] (Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\Windows\system32\wlidnsp.dll [73216] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1747353380-2781431917-137839127-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "https://www.google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-07]
CHR Extension: (Angry Birds) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-11-07]
CHR Extension: (Google Docs) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-07]
CHR Extension: (Google Drive) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-07]
CHR Extension: (YouTube) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-07]
CHR Extension: (podcast.de) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\bofligbealbmofkgodhlglkefkpegjnb [2014-11-07]
CHR Extension: (Google-Suche) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-07]
CHR Extension: (Google Tabellen) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-07]
CHR Extension: (Klassische Spiele) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbofnbeakdognkanffmpldbjgkblljkh [2014-11-07]
CHR Extension: (AdBlock) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-07]
CHR Extension: (Verrückte Shooting) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbhccdddhenjmeamogpjhicnoffdood [2014-11-07]
CHR Extension: (Need for Speed World) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk [2014-11-07]
CHR Extension: (Radiosender aus Deutschland - Radio Germany) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nficibebaabgkkeeidfflejiabplfdjd [2014-11-07]
CHR Extension: (Google Wallet) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-07]
CHR Extension: (Security Protection) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh [2014-12-17]
CHR Extension: (Radio Stations) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifknnkenefocicoebedkklgknfjlflf [2014-11-07]
CHR Extension: (Battlefield Play4Free) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2014-12-07]
CHR Extension: (Quick start) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-11-07]
CHR Extension: (Google Mail) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-07]
CHR HKLM\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2014-12-17]
CHR HKLM-x32\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2014-12-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2723400 2014-03-25] (G Data Software AG)
R3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321024 2013-08-22] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
S3 DAUpdaterSvc; D:\Programme\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2014-10-02] (BioWare)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3645432 2014-07-18] (devolo AG)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-11-05] (EasyAntiCheat Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99632 2013-08-23] (ELAN Microelectronics Corp.)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2992760 2014-01-30] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [130008 2014-01-22] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [324424 2014-08-13] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [120128 2015-01-19] (Elex do Brasil Participações Ltda)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
S3 Origin Client Service; D:\Programme\Origin\OriginClientService.exe [1903472 2014-12-25] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-11-19] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-11-14] ()
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-04-17] (Qualcomm Atheros) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [425648 2015-01-28] (Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\system32\DRIVERS\lgandnetndis64.sys [93184 2012-07-04] (LG Electronics Inc.)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [82608 2014-04-10] (Qualcomm Atheros, Inc.)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32640 2013-08-22] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions, Inc.)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [57344 2014-10-21] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [135168 2014-10-21] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [71168 2014-10-21] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [67584 2014-10-21] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-10-21] (G Data Software)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45112 2014-12-13] (LogMeIn Inc.)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65024 2014-10-21] (G Data Software AG)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [149448 2014-01-22] (Intel Corporation)
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [249000 2015-01-19] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [45224 2015-01-19] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [99496 2015-01-19] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [42152 2015-01-19] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [93352 2015-01-19] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2015-01-03] (Elex do Brasil Participações Ltda)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [130224 2014-03-27] (Qualcomm Atheros, Inc.)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3446240 2014-06-18] (Intel Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-09-27] (Realsil Semiconductor Corporation)
S3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [16896 2015-01-02] (SteelSeries ApS) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-14 21:45 - 2015-02-14 21:45 - 00029568 _____ () C:\Users\Michael\Desktop\FRST.txt
2015-02-14 21:45 - 2015-02-14 21:45 - 00000000 ____D () C:\FRST
2015-02-14 21:43 - 2015-02-14 21:43 - 02134528 _____ (Farbar) C:\Users\Michael\Desktop\FRST64.exe
2015-02-14 20:37 - 2015-02-14 20:37 - 01114272 _____ () C:\Users\Michael\Downloads\FRST.exe
2015-02-14 20:36 - 2015-02-14 20:36 - 02128720 _____ () C:\Users\Michael\Downloads\FRST64.exe
2015-02-14 01:12 - 2015-02-14 01:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2015-02-14 01:12 - 2015-02-14 01:12 - 00000000 ____D () C:\Program Files\Common Files\Intel
2015-02-14 01:12 - 2015-02-14 01:12 - 00000000 ____D () C:\Program Files (x86)\Cisco
2015-02-14 01:11 - 2015-02-14 01:11 - 00000000 ____D () C:\Windows\LastGood.Tmp
2015-02-14 01:10 - 2015-02-14 01:10 - 00000000 ____D () C:\Users\Michael\Downloads\wlan_intel_7260_17.0.5.8_al00
2015-02-14 01:07 - 2015-02-14 01:08 - 251554828 _____ () C:\Users\Michael\Downloads\wlan_intel_7260_17.0.5.8_al00.zip
2015-02-13 16:40 - 2015-02-13 16:40 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-02-13 16:17 - 2015-02-13 16:17 - 00002126 _____ () C:\Users\Public\Desktop\devolo Cockpit.lnk
2015-02-13 16:17 - 2015-02-13 16:17 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\de.devolo.dLAN.Cockpit
2015-02-13 16:17 - 2015-02-13 16:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\devolo
2015-02-13 16:17 - 2015-02-13 16:17 - 00000000 ____D () C:\Program Files (x86)\devolo
2015-02-13 14:04 - 2015-02-13 14:24 - 114894067 _____ () C:\Users\Michael\Downloads\Sphax Direwolf20 1.7 32x.zip
2015-02-13 14:04 - 2015-02-13 14:04 - 07379098 _____ () C:\Users\Michael\Downloads\Sphax PureBDcraft  32x MC17.zip
2015-02-12 17:58 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 17:58 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-12 10:29 - 2015-02-12 10:29 - 00000000 ____D () C:\Program Files\mozilo2.0-master
2015-02-11 21:08 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 21:08 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 21:08 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-02-11 21:08 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-02-11 21:08 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 21:08 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 21:08 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 21:08 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-02-11 21:08 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-02-11 21:08 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 21:08 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 21:08 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 21:08 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 21:08 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 21:08 - 2014-12-09 00:12 - 00391526 _____ () C:\Windows\system32\ApnDatabase.xml
2015-02-11 21:08 - 2014-10-29 03:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 21:08 - 2014-10-29 03:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 21:08 - 2014-10-29 03:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 21:08 - 2014-10-29 03:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 21:08 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-02-11 21:08 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-02-11 21:08 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-02-11 21:08 - 2014-10-29 02:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 21:08 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-02-11 21:08 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-02-11 21:08 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-02-11 21:08 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-02-11 21:08 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-02-11 21:06 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 21:06 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 21:06 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 21:06 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 21:06 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-11 21:06 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 21:06 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 21:06 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 21:06 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 21:06 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 21:06 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 21:06 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-02-11 21:06 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-11 21:06 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-02-11 21:06 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 21:06 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 21:06 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 21:06 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 21:06 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 21:06 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 21:06 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-02-11 21:06 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-02-11 21:06 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-02-11 21:06 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 21:06 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-02-11 21:06 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 21:06 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 21:06 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 21:06 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 21:06 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 21:06 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 21:06 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 21:06 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 21:06 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 21:06 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 21:06 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 21:04 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-02-11 20:59 - 2015-02-04 00:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 20:59 - 2015-02-04 00:08 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 20:59 - 2015-02-04 00:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 20:59 - 2015-02-03 00:11 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 20:59 - 2015-02-03 00:11 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 20:59 - 2015-02-03 00:11 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-10 22:59 - 2015-02-10 23:01 - 163284850 _____ () C:\Users\Michael\Downloads\Fanver_Direwolf20.zip
2015-02-10 15:02 - 2015-02-10 15:07 - 201213489 _____ () C:\Users\Michael\Downloads\BDcraft Musics Pack.zip
2015-02-10 15:02 - 2015-02-10 15:03 - 08684905 _____ () C:\Users\Michael\Downloads\BDcraft Sounds Pack.zip
2015-02-06 14:34 - 2015-02-06 14:34 - 00003038 _____ () C:\Windows\System32\Tasks\{200EB127-1C28-483E-8FAA-5E43ED42A59F}
2015-02-06 13:32 - 2015-02-06 13:32 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1747353380-2781431917-137839127-1008
2015-02-06 13:26 - 2015-02-14 01:12 - 00000000 ____D () C:\Users\FireHawk LP
2015-02-06 09:54 - 2015-02-06 09:54 - 00001058 _____ () C:\Users\Michael\Desktop\FTB.exe.lnk
2015-02-06 08:37 - 2015-02-13 16:43 - 00000000 ____D () C:\Users\Michael\AppData\Local\ftblauncher
2015-02-06 08:37 - 2015-02-06 08:39 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\ftblauncher
2015-02-05 14:53 - 2015-02-05 14:54 - 00000000 ____D () C:\ISOs
2015-02-05 14:42 - 2015-02-05 14:42 - 00000085 ___SH () C:\ProgramData\.zreglib
2015-02-05 10:39 - 2015-02-05 10:52 - 00000001 _____ () C:\Users\Michael\Zoohandlung.css
2015-02-05 10:31 - 2015-02-05 10:31 - 00001269 _____ () C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2015-02-05 10:24 - 2015-02-05 10:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2015-02-05 10:24 - 2015-02-05 10:30 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2015-02-05 10:24 - 2015-02-05 10:24 - 00001218 _____ () C:\Users\Public\Desktop\CloneDVD.lnk
2015-02-04 16:30 - 2015-02-04 16:30 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Elex-tech
2015-02-04 16:30 - 2015-02-04 16:30 - 00000000 ____D () C:\Program Files (x86)\Elex-tech
2015-02-04 16:30 - 2015-01-19 12:04 - 00045224 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2015-02-04 16:30 - 2015-01-03 09:57 - 00052392 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2015-02-04 09:13 - 2015-02-13 16:40 - 00000000 ____D () C:\Users\Michael\VirtualBox VMs
2015-02-04 09:12 - 2015-02-13 16:40 - 00000000 ____D () C:\Users\Michael\.VirtualBox
2015-02-04 08:17 - 2014-10-11 13:29 - 00917112 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-02-04 08:17 - 2014-10-11 13:27 - 00129168 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-02-03 09:01 - 2015-02-03 09:01 - 00000000 ____D () C:\Users\Michael\Downloads\LogicSimTetzl
2015-02-03 09:01 - 2015-02-03 09:01 - 00000000 ____D () C:\Users\Michael\Downloads\logicsim
2015-02-01 00:15 - 2015-01-10 09:07 - 32102544 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 25459856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 24765584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 20465296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 18566296 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 17250776 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 16009120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 14115944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 13295552 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 13210248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 10774544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 10714488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 10274448 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-02-01 00:15 - 2015-01-10 09:07 - 03607184 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 03245712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 02902456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434725.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 01556808 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434725.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 00969360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 00942736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 00929424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 00906384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 00496456 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 00399688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 00345744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-02-01 00:15 - 2015-01-10 09:07 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-01-31 19:13 - 2015-01-31 19:13 - 00000000 ____D () C:\Users\Michael\Documents\Klei
2015-01-31 18:13 - 2015-01-31 18:57 - 00000000 ____D () C:\Users\Michael\Documents\GTA San Andreas User Files
2015-01-30 23:23 - 2015-02-02 17:49 - 00000000 ____D () C:\Users\Michael\Documents\Heroes of the Storm
2015-01-30 22:46 - 2015-01-30 22:46 - 00000000 _____ () C:\Users\Michael\AppData\Roaming\Stardockfences_debug_snapshot.dat
2015-01-30 12:33 - 2015-01-30 12:33 - 00000919 _____ () C:\Users\Public\Desktop\Warsow.lnk
2015-01-30 12:33 - 2015-01-30 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warsow 1.51
2015-01-30 12:32 - 2015-01-30 12:32 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Warsow 1.51
2015-01-30 08:20 - 2015-02-06 14:34 - 00021840 ____T () C:\Windows\SysWOW64\SIntfNT.dll
2015-01-30 08:20 - 2015-02-06 14:34 - 00017212 ____T () C:\Windows\SysWOW64\SIntf32.dll
2015-01-30 08:20 - 2015-02-06 14:34 - 00012067 ____T () C:\Windows\SysWOW64\SIntf16.dll
2015-01-29 21:01 - 2015-01-30 08:21 - 00000000 ____D () C:\Users\Michael\Documents\SpellForce
2015-01-29 21:01 - 2015-01-29 21:01 - 00000905 _____ () C:\Users\Michael\Desktop\SpellForce - The Order of Dawn.lnk
2015-01-29 21:01 - 2015-01-29 21:01 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2015-01-29 21:01 - 2015-01-29 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JoWooD
2015-01-29 20:44 - 2015-01-29 20:44 - 00000230 _____ () C:\Windows\SIERRA.INI
2015-01-29 20:44 - 2015-01-29 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2015-01-28 15:06 - 2015-01-28 15:06 - 00001190 _____ () C:\Users\Michael\Desktop\Pinball.lnk
2015-01-28 15:06 - 2015-01-28 15:06 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-01-28 15:06 - 2015-01-28 15:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2015-01-28 10:23 - 2015-01-28 10:22 - 00001129 _____ () C:\Users\Michael\Documents\rt
2015-01-27 10:34 - 2015-01-27 10:34 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Warsow 1.5
2015-01-26 10:45 - 2014-12-12 14:46 - 00000318 _____ () C:\Users\Michael\Desktop\Curse Client.appref-ms
2015-01-26 10:45 - 2014-11-07 09:49 - 00001192 _____ () C:\Users\Michael\Desktop\YouTube Song Downloader.lnk
2015-01-26 10:45 - 2014-10-09 13:13 - 00001133 _____ () C:\Users\Michael\Desktop\GameRanger.lnk
2015-01-26 10:45 - 2014-10-08 15:20 - 00002323 _____ () C:\Users\Michael\Desktop\SteelSeries Engine.lnk
2015-01-26 10:45 - 2014-10-02 17:26 - 00001870 _____ () C:\Users\Michael\Desktop\Spotify.lnk
2015-01-26 10:42 - 2014-12-27 13:04 - 00000941 _____ () C:\Users\Michael\Desktop\LogMeIn Hamachi.lnk
2015-01-26 10:42 - 2014-11-01 23:22 - 00001220 _____ () C:\Users\Michael\Desktop\Uplay.lnk
2015-01-26 10:42 - 2014-10-01 15:44 - 00001988 _____ () C:\Users\Michael\Desktop\Skype.lnk
2015-01-26 10:42 - 2014-09-30 16:21 - 00001012 _____ () C:\Users\Michael\Desktop\Glyph.lnk
2015-01-26 10:42 - 2014-09-25 16:28 - 00001029 _____ () C:\Users\Michael\Desktop\Origin.lnk
2015-01-26 10:42 - 2014-09-18 10:19 - 00000985 _____ () C:\Users\Michael\Desktop\TS3.lnk
2015-01-26 10:42 - 2014-09-18 10:14 - 00001007 _____ () C:\Users\Michael\Desktop\Steam.lnk
2015-01-26 10:42 - 2014-09-18 10:13 - 00001194 _____ () C:\Users\Michael\Desktop\Battle.net.lnk
2015-01-26 10:40 - 2015-02-09 10:48 - 04620432 _____ () C:\Users\Michael\Desktop\TechnicLauncher.exe
2015-01-26 10:40 - 2015-01-23 20:41 - 00000798 _____ () C:\Users\Michael\Desktop\Diablo II - Lord of Destruction.lnk
2015-01-26 10:40 - 2015-01-23 18:06 - 00000730 _____ () C:\Users\Michael\Desktop\StarCraft - Anthology.lnk
2015-01-26 10:40 - 2015-01-23 18:01 - 00000754 _____ () C:\Users\Michael\Desktop\Diablo II.lnk
2015-01-26 10:40 - 2015-01-21 08:14 - 00000600 _____ () C:\Users\Michael\Desktop\Counter-Strike 2D.lnk
2015-01-26 10:40 - 2015-01-20 09:56 - 00001187 _____ () C:\Users\Michael\Desktop\Warcraft III - The Frozen Throne.lnk
2015-01-26 10:40 - 2015-01-20 09:55 - 00001178 _____ () C:\Users\Michael\Desktop\Warcraft III.lnk
2015-01-26 10:40 - 2015-01-20 09:55 - 00001129 _____ () C:\Users\Michael\Desktop\RimWorld.lnk
2015-01-26 10:40 - 2014-12-03 09:52 - 00001114 _____ () C:\Users\Michael\Desktop\Age of Empires.lnk
2015-01-26 10:40 - 2014-12-03 09:51 - 00000802 _____ () C:\Users\Michael\Desktop\Age of Empires Expansion.lnk
2015-01-26 10:40 - 2014-12-03 09:47 - 00000721 _____ () C:\Users\Michael\Desktop\Age of Empires 2 -The Conquerors.lnk
2015-01-26 10:40 - 2014-12-03 09:46 - 00000818 _____ () C:\Users\Michael\Desktop\Age of Empires II.lnk
2015-01-26 10:40 - 2014-11-24 08:37 - 00001618 _____ () C:\Users\Michael\Desktop\Far Cry 3 - Blood Dragon.lnk
2015-01-26 10:40 - 2014-11-18 17:22 - 00000893 _____ () C:\Users\Michael\Desktop\Battlefield 4.lnk
2015-01-26 10:40 - 2014-10-24 08:25 - 00001686 _____ () C:\Users\Michael\Desktop\The Binding of Isaac.lnk
2015-01-26 10:40 - 2014-10-09 16:36 - 00000810 _____ () C:\Users\Michael\Desktop\Hearthstone.lnk
2015-01-26 10:40 - 2014-09-29 17:44 - 00675988 _____ () C:\Users\Michael\Desktop\Minecraft.exe
2015-01-26 10:40 - 2014-09-29 09:32 - 00001149 _____ () C:\Users\Michael\Desktop\VisualBoyAdvance.lnk
2015-01-26 10:40 - 2014-09-26 14:45 - 00000766 _____ () C:\Users\Michael\Desktop\StarCraft II.lnk
2015-01-26 10:40 - 2014-09-26 14:07 - 00000819 _____ () C:\Users\Michael\Desktop\Diablo III.lnk
2015-01-26 10:40 - 2014-09-19 20:31 - 00000903 _____ () C:\Users\Michael\Desktop\World of Warcraft.lnk
2015-01-26 10:23 - 2015-01-26 10:23 - 00002045 _____ () C:\Users\Michael\Desktop\Fences.lnk
2015-01-26 10:22 - 2015-01-26 10:22 - 00000000 __HDC () C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
2015-01-26 10:22 - 2015-01-26 10:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2015-01-23 20:41 - 2015-01-23 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
2015-01-23 18:06 - 2015-01-23 18:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft
2015-01-22 13:54 - 2015-01-22 13:54 - 00002198 _____ () C:\Users\Michael\AppData\Local\recently-used.xbel
2015-01-22 10:28 - 2015-01-22 10:28 - 00000000 ____D () C:\Users\Michael\Desktop\html
2015-01-22 09:56 - 2015-02-12 11:33 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\FileZilla
2015-01-22 09:52 - 2015-01-22 09:52 - 00000000 ____D () C:\Users\Michael\Desktop\FileZilla-3.10.0.1
2015-01-21 16:29 - 2015-02-06 13:36 - 00000000 ____D () C:\Users\Michael\AppData\Local\SteelSeries Engine 3 Client
2015-01-21 16:29 - 2015-01-21 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries
2015-01-21 08:14 - 2015-01-21 08:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 2D
2015-01-16 16:11 - 2015-02-04 16:30 - 00000000 ____D () C:\Windows\system32\log
2015-01-15 19:30 - 2015-01-15 23:01 - 367317752 _____ () C:\Users\Michael\Downloads\vga_nvidia_332.70_0x95357da4_w818764.zip
2015-01-15 18:06 - 2015-01-15 18:06 - 00000000 ____D () C:\Users\Michael\.cache
2015-01-15 14:18 - 2015-01-15 14:54 - 00000000 ____D () C:\cygwin64

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-14 21:45 - 2014-09-17 18:44 - 00000000 ____D () C:\Users\Michael\AppData\Local\Battle.net
2015-02-14 21:41 - 2014-10-09 13:37 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-14 21:36 - 2014-11-07 21:18 - 00001134 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cffac8ed28d1b.job
2015-02-14 21:31 - 2014-09-17 18:26 - 00001140 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-14 21:27 - 2013-08-22 15:46 - 00094056 _____ () C:\Windows\setupact.log
2015-02-14 21:16 - 2015-01-09 09:21 - 00005138 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MICHAEL-Michael Michael
2015-02-14 21:01 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-02-14 20:49 - 2014-09-10 11:12 - 01507488 _____ () C:\Windows\WindowsUpdate.log
2015-02-14 20:30 - 2014-09-17 18:26 - 00000000 ____D () C:\Users\Michael\AppData\Local\Deployment
2015-02-14 20:29 - 2014-11-07 21:18 - 00001130 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cffac8d6cd713.job
2015-02-14 20:29 - 2014-09-17 18:36 - 00000000 ___DO () C:\Users\Michael\SkyDrive
2015-02-14 20:29 - 2014-09-17 18:26 - 00001136 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-14 01:35 - 2014-09-17 16:21 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1747353380-2781431917-137839127-1001
2015-02-14 01:21 - 2014-09-24 17:42 - 00000000 ____D () C:\ProgramData\Origin
2015-02-14 01:20 - 2013-10-31 16:18 - 00005902 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-14 01:20 - 2013-08-23 00:24 - 03270550 _____ () C:\Windows\system32\perfh007.dat
2015-02-14 01:20 - 2013-08-23 00:24 - 00910754 _____ () C:\Windows\system32\perfc007.dat
2015-02-14 01:17 - 2014-12-17 17:24 - 00000000 ____D () C:\Program Files (x86)\WinZipper
2015-02-14 01:14 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-14 01:14 - 2013-08-22 14:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-02-14 01:13 - 2014-09-10 13:24 - 00000000 ____D () C:\ProgramData\Intel
2015-02-14 01:13 - 2014-09-10 13:23 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-14 01:12 - 2014-09-28 10:28 - 00000000 ____D () C:\Users\HomeGroupUser$
2015-02-14 01:12 - 2014-09-28 10:28 - 00000000 ____D () C:\Users\Gast
2015-02-14 01:12 - 2014-09-28 10:28 - 00000000 ____D () C:\Users\ASPNET
2015-02-14 01:12 - 2014-09-28 10:28 - 00000000 ____D () C:\Users\Administrator
2015-02-14 01:12 - 2014-09-19 17:51 - 00000000 ____D () C:\Users\admin
2015-02-14 01:12 - 2014-09-18 09:12 - 00000000 ____D () C:\Users\Freizeit
2015-02-14 01:12 - 2014-09-18 08:51 - 00000000 ____D () C:\Users\Schule
2015-02-14 01:12 - 2014-09-10 12:31 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-02-14 01:11 - 2014-09-10 13:24 - 00061248 _____ () C:\Windows\DPINST.LOG
2015-02-14 01:11 - 2014-09-10 11:11 - 00000000 ____D () C:\Program Files\Intel
2015-02-13 18:00 - 2014-11-05 21:20 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\vlc
2015-02-13 15:31 - 2014-09-17 18:52 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Skype
2015-02-13 11:59 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-13 08:48 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-12 09:46 - 2013-08-22 15:44 - 00492032 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 09:45 - 2014-12-11 14:57 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 09:45 - 2014-09-25 21:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 09:44 - 2014-09-23 07:33 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 09:41 - 2014-09-23 07:33 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-11 19:33 - 2014-11-14 11:09 - 00000000 ____D () C:\Users\Michael\AppData\Local\CrashDumps
2015-02-11 18:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-11 11:50 - 2013-10-31 16:05 - 00050326 _____ () C:\Windows\PFRO.log
2015-02-09 10:20 - 2014-10-09 17:40 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\.technic
2015-02-09 10:00 - 2014-10-11 18:00 - 00330752 ___SH () C:\Users\Michael\Desktop\Thumbs.db
2015-02-09 08:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-07 14:25 - 2014-10-29 12:16 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\.mono
2015-02-06 15:35 - 2014-10-22 08:37 - 00000000 ____D () C:\Users\Michael\Documents\Witze Archiv
2015-02-06 13:27 - 2014-09-17 16:11 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-02-06 13:15 - 2014-09-29 17:44 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\.minecraft
2015-02-05 10:39 - 2014-09-17 16:11 - 00000000 ____D () C:\Users\Michael
2015-02-04 22:04 - 2014-10-02 17:26 - 00000000 ____D () C:\Users\Michael\AppData\Local\Spotify
2015-02-04 22:04 - 2014-10-02 17:25 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Spotify
2015-02-04 19:45 - 2014-10-09 13:37 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-04 15:31 - 2014-11-07 21:18 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cffac8ed28d1b
2015-02-04 15:31 - 2014-11-07 21:18 - 00003870 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cffac8d6cd713
2015-02-04 07:55 - 2014-11-27 09:50 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Stardock
2015-02-03 20:31 - 2013-08-22 16:38 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2013-08-22 16:38 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-02 11:20 - 2014-09-26 14:45 - 00000000 ____D () C:\Users\Michael\Documents\StarCraft II
2015-02-01 00:16 - 2014-09-25 21:49 - 00000000 ____D () C:\Temp
2015-02-01 00:16 - 2014-09-10 12:49 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-31 19:12 - 2013-10-31 16:15 - 00650391 _____ () C:\Windows\DirectX.log
2015-01-31 18:11 - 2014-12-27 13:04 - 00000000 ____D () C:\Users\Michael\AppData\Local\LogMeIn Hamachi
2015-01-30 23:23 - 2014-09-17 18:44 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-01-30 15:22 - 2014-09-17 16:11 - 00000000 ____D () C:\Users\Michael\AppData\Local\Packages
2015-01-30 11:51 - 2014-09-10 13:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-30 11:49 - 2014-10-16 08:57 - 00000000 ____D () C:\Users\Michael\.nbi
2015-01-22 13:54 - 2014-12-18 12:51 - 00000000 ____D () C:\Users\Michael\AppData\Local\gtk-2.0
2015-01-22 13:54 - 2014-12-18 12:44 - 00000000 ____D () C:\Users\Michael\.gimp-2.8
2015-01-22 13:48 - 2014-09-25 08:34 - 00000000 ____D () C:\Users\Michael\Documents\Square Enix
2015-01-22 09:52 - 2014-12-17 17:24 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\WinZipper
2015-01-21 16:28 - 2014-09-19 17:51 - 00000000 ____D () C:\Program Files\SteelSeries
2015-01-21 16:27 - 2014-09-19 17:51 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteelSeries
2015-01-20 15:53 - 2014-10-07 14:02 - 00000000 ____D () C:\Users\Michael\Documents\Diablo III
2015-01-16 07:41 - 2014-09-10 15:50 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-01-16 07:41 - 2014-09-10 15:50 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-01-16 07:41 - 2014-09-10 12:50 - 01514528 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-01-16 07:41 - 2014-09-10 12:50 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-01-15 21:58 - 2014-11-27 10:15 - 00000000 ____D () C:\Users\Michael\Desktop\Quine McCluskey
2015-01-15 21:50 - 2014-10-17 07:56 - 00284672 ___SH () C:\Users\Michael\Downloads\Thumbs.db

==================== Files in the root of some directories =======

2014-10-21 21:21 - 2014-10-21 21:21 - 0000000 _____ () C:\Users\Michael\AppData\Roaming\gdfw.log
2014-10-21 21:21 - 2014-10-21 21:21 - 0000779 _____ () C:\Users\Michael\AppData\Roaming\gdscan.log
2015-01-30 22:46 - 2015-01-30 22:46 - 0000000 _____ () C:\Users\Michael\AppData\Roaming\Stardockfences_debug_snapshot.dat
2012-05-03 12:12 - 2012-05-03 12:12 - 0000532 _____ () C:\Users\Michael\AppData\Local\datos.txt
2014-11-12 17:22 - 2014-11-12 17:22 - 0000000 _____ () C:\Users\Michael\AppData\Local\Driver_LOM_8161Present.flag
2015-01-22 13:54 - 2015-01-22 13:54 - 0002198 _____ () C:\Users\Michael\AppData\Local\recently-used.xbel
2014-09-19 20:25 - 2014-09-19 20:25 - 0007605 _____ () C:\Users\Michael\AppData\Local\Resmon.ResmonCfg
2015-02-05 14:42 - 2015-02-05 14:42 - 0000085 ___SH () C:\ProgramData\.zreglib
2014-09-10 11:11 - 2014-09-10 11:11 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-09 08:37

==================== End Of Log ============================

--- --- ---

--- --- ---

Addition.txt

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-02-2015
Ran by Michael at 2015-02-14 21:46:12
Running from C:\Users\Michael\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: G Data InternetSecurity CBE (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G Data InternetSecurity CBE (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Action! - Gameplay Recording and Streaming (HKLM-x32\...\Steam App 228180) (Version:  - Mirillis Ltd.)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Age of Mythology: Extended Edition (HKLM-x32\...\Steam App 266840) (Version:  - SkyBox Labs)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts)
Battlefield Play4Free (HKLM-x32\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version:  - 2K Australia)
Broforce (HKLM-x32\...\Steam App 274190) (Version:  - Free Lives)
Call of Juarez Gunslinger (HKLM-x32\...\Steam App 204450) (Version:  - Techland)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
Counter-Strike 2D 0.1.2.5 (HKLM-x32\...\{849F6C2A-3F9C-4731-B659-8C606B706CF0}_is1) (Version:  - Unreal Software)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Curse Client (HKU\S-1-5-21-1747353380-2781431917-137839127-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.4.0 - )
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.2.3.0 - devolo AG)
Diablo II (HKLM-x32\...\Diablo II) (Version:  - Blizzard Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version:  - BioWare)
Dragon Age™ II (HKLM-x32\...\{4D565319-8B91-41CB-961C-0DDC86101AC5}) (Version: 1.04.8524.0 - Electronic Arts)
Empire Earth (HKLM-x32\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version:  - )
ETDWare PS/2-X64 11.13.4.4_WHQL (HKLM\...\Elantech) (Version: 11.13.4.4 - ELAN Microelectronic Corp.)
Far Cry 3 Blood Dragon (HKLM-x32\...\{A071F478-73E0-4143-AE55-4DD6BABD74F5}) (Version: 1.00 - Ubisoft)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Fences (HKLM-x32\...\Fences) (Version:  - Stardock Corporation)
Fences (Version: 1.0 - Stardock Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
G Data InternetSecurity CBE (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG)
GameRanger (HKU\S-1-5-21-1747353380-2781431917-137839127-1001\...\GameRanger) (Version:  - GameRanger Technologies)
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.44.0 - International GeoGebra Institute)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version:  - Muse Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Injustice: Gods Among Us Ultimate Edition (HKLM-x32\...\Steam App 242700) (Version:  - NetherRealm Studios)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3907 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1347.2) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche)
Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version:  - JC2-MP Team)
KB9X Radio Switch Driver (HKLM\...\5AADE1068CF70DD983F763B20CF2CAAB72883915) (Version: 1.1.0.0 - ENE TECHNOLOGY INC.)
K-Lite Codec Pack 6.0.4 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.0.4 - )
LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.291 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.291 - LogMeIn, Inc.) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Age of Empires (HKLM-x32\...\Age of Empires) (Version:  - )
Microsoft Age of Empires Expansion (HKLM-x32\...\Age of Empires Expansion 1.0) (Version:  - )
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft_VC100_CRT_x86 (HKLM-x32\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft)
Monaco (HKLM-x32\...\Steam App 113020) (Version:  - Pocketwatch Games)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
NetBeans IDE 8.0.1 (HKLM\...\nbi-nb-base-8.0.1.0.201408251540) (Version: 8.0.1 - NetBeans.org)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Network Manager (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.42.1045 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21242 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SpellForce (HKLM-x32\...\SpellForce) (Version: SpellForce v1.52 - JoWooD Productions Software AG)
Spotify (HKU\S-1-5-21-1747353380-2781431917-137839127-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
StarCraft (HKLM-x32\...\StarCraft) (Version:  - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SteelSeries Engine 3.3.2 (HKLM\...\SteelSeries Engine 3) (Version: 3.3.2 - SteelSeries ApS)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
True - Blood 2.0 (HKLM-x32\...\True - Blood 2.0) (Version:  - )
Uplay (HKLM-x32\...\Uplay) (Version: 2.1 - Ubisoft)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warsow 1.51 (HKLM-x32\...\{24508D50-EB8F-4FE6-B69D-E5035D8745EF}_is1) (Version: 1.51 - Chasseur de bots)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.86 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
Wondershare Video Editor(Build 4.7.1) (HKLM-x32\...\Wondershare Video Editor_is1) (Version:  - Wondershare Software)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Worms Reloaded (HKLM-x32\...\Steam App 22600) (Version:  - Team17 Software Ltd.)
Worms Ultimate Mayhem (HKLM-x32\...\Steam App 70600) (Version:  - Team17 Software Ltd.)
YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version:  - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATTENTION
YouTube Song Downloader (HKLM-x32\...\{4281435C-AD1D-4C8A-B9C0-3961C11EF142}_is1) (Version: 10.3 - Abelssoft)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_DE_is1) (Version:  - ZONER software)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1747353380-2781431917-137839127-1001_Classes\CLSID\{2afa9609-4e6f-4516-b816-5ce581bba136}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1747353380-2781431917-137839127-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

12-02-2015 08:27:27 Windows Update
13-02-2015 14:19:23 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
13-02-2015 14:19:31 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1F05C752-0242-4D22-B9E6-49EBD05DE06E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-12] (Microsoft Corporation)
Task: {29E29874-3F99-43B0-81AF-07682CD2A90A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)
Task: {2E90B78C-99C2-4CA1-8B52-A346EAE3F1D0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)
Task: {4D329ABF-B84E-452A-B880-FECC8452B8DF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {60A19200-D066-46A1-8041-24D202D8227E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-07] (Google Inc.)
Task: {6BBF6886-0D50-4B49-A4CE-3A3F70765A54} - System32\Tasks\{F369E308-D35A-4B46-9C16-A3222ED33D12} => pcalua.exe -a C:\Windows\system32\pbsvc.exe -c -u
Task: {7F7BEAEC-3D86-4093-A4B5-78190B6EB1D9} - System32\Tasks\GoogleUpdateTaskMachineCore1cffac8d6cd713 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-07] (Google Inc.)
Task: {837DB276-7596-4D88-87C1-CAFADE6C3146} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {BFFE9F2E-58A8-4BA0-84C4-C0E6FCCEC8FD} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MICHAEL-Michael Michael => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-11-04] (Microsoft Corporation)
Task: {C4721C71-8761-4BCC-A390-AF84F2B2AC00} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {C5C97509-73E6-44CE-A700-33109B6D8574} - System32\Tasks\{200EB127-1C28-483E-8FAA-5E43ED42A59F} => pcalua.exe -a E:\autorun.exe -d E:\
Task: {DE3D154D-E065-43BB-8ADB-A162FAFD58BA} - System32\Tasks\{830F4790-5EE7-4944-88B5-9C7C617486A5} => pcalua.exe -a "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" -c --lang=deDE --uid=hs_beta --displayname="Hearthstone"
Task: {E061B2B4-1978-45D2-9B11-E57DAC187A44} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-12] (Microsoft Corporation)
Task: {EC6A9491-A512-4E7D-9D72-B72F67B6D831} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-07] (Google Inc.)
Task: {F50B75AF-2972-4006-A928-BE940960B7C9} - System32\Tasks\GoogleUpdateTaskMachineUA1cffac8ed28d1b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-07] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cffac8d6cd713.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cffac8ed28d1b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-09-24 08:22 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-11-19 19:52 - 2014-11-19 19:52 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2013-12-19 03:42 - 2013-12-19 03:42 - 00350840 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2014-09-10 12:49 - 2015-01-10 00:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-17 11:02 - 2014-04-17 11:02 - 00300544 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2015-01-08 22:37 - 2015-01-08 22:37 - 17833984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
2015-01-03 18:28 - 2015-01-03 18:28 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine 3\x2api.dll
2014-12-12 14:46 - 2014-12-12 14:46 - 00016384 _____ () C:\Users\Michael\AppData\Local\Apps\2.0\YC1VA9NY.5OL\2ZY9LQ5P.OJG\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.CurseClient.WowDb.dll
2014-12-12 14:46 - 2014-12-12 14:46 - 00035840 _____ () C:\Users\Michael\AppData\Local\Apps\2.0\YC1VA9NY.5OL\2ZY9LQ5P.OJG\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.Advertising.dll
2014-12-12 14:46 - 2014-12-12 14:46 - 00099840 _____ () C:\Users\Michael\AppData\Local\Apps\2.0\YC1VA9NY.5OL\2ZY9LQ5P.OJG\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.CurseClient.CMOD2.dll
2014-12-17 17:24 - 2014-11-26 04:42 - 00612528 _____ () C:\Program Files (x86)\WinZipper\sqlite3.dll
2014-09-10 13:43 - 2013-08-08 12:23 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-02-04 16:30 - 2015-01-19 12:00 - 00185656 _____ () C:\Program Files (x86)\Elex-tech\YAC\libpng.dll
2015-02-04 16:30 - 2015-01-19 12:00 - 00065696 _____ () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll
2014-11-13 18:53 - 2014-09-11 18:09 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-11-13 18:53 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2015-02-06 17:05 - 2015-02-06 17:05 - 26065408 _____ () D:\Programme\Battle.net\Battle.net.5522\libcef.dll
2015-02-06 17:05 - 2015-02-06 17:05 - 00739840 _____ () D:\Programme\Battle.net\Battle.net.5522\libGLESv2.dll
2015-02-06 17:05 - 2015-02-06 17:05 - 00908288 _____ () D:\Programme\Battle.net\Battle.net.5522\platforms\qwindows.dll
2015-02-06 17:05 - 2015-02-06 17:05 - 00130048 _____ () D:\Programme\Battle.net\Battle.net.5522\libEGL.dll
2015-02-06 17:05 - 2015-02-06 17:05 - 00020992 _____ () D:\Programme\Battle.net\Battle.net.5522\imageformats\qgif.dll
2015-02-06 17:05 - 2015-02-06 17:05 - 00021504 _____ () D:\Programme\Battle.net\Battle.net.5522\imageformats\qico.dll
2015-02-06 17:05 - 2015-02-06 17:05 - 00205312 _____ () D:\Programme\Battle.net\Battle.net.5522\imageformats\qjpeg.dll
2015-02-06 17:05 - 2015-02-06 17:05 - 00225792 _____ () D:\Programme\Battle.net\Battle.net.5522\imageformats\qmng.dll
2015-02-06 17:05 - 2015-02-06 17:05 - 00015872 _____ () D:\Programme\Battle.net\Battle.net.5522\imageformats\qsvg.dll
2015-02-06 17:05 - 2015-02-06 17:05 - 00312832 _____ () D:\Programme\Battle.net\Battle.net.5522\imageformats\qtiff.dll
2015-02-06 17:05 - 2015-02-06 17:05 - 00010240 _____ () D:\Programme\Battle.net\Battle.net.5522\qml\QtQuick.2\qtquick2plugin.dll
2015-02-06 17:05 - 2015-02-06 17:05 - 00054272 _____ () D:\Programme\Battle.net\Battle.net.5522\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-02-06 17:05 - 2015-02-06 17:05 - 00010240 _____ () D:\Programme\Battle.net\Battle.net.5522\qml\QtQml\Models.2\modelsplugin.dll
2015-02-06 20:32 - 2015-02-04 10:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
2015-02-06 20:32 - 2015-02-04 10:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
2015-02-06 20:32 - 2015-02-04 10:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Michael\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1747353380-2781431917-137839127-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Michael\Documents\Schule\Design\Diablo 3 Barbarian epic.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-1747353380-2781431917-137839127-500 - Administrator - Disabled)
Gast (S-1-5-21-1747353380-2781431917-137839127-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1747353380-2781431917-137839127-1003 - Limited - Enabled)
Michael (S-1-5-21-1747353380-2781431917-137839127-1001 - Administrator - Enabled) => C:\Users\Michael

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/14/2015 01:20:37 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (02/14/2015 01:20:37 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (02/14/2015 01:20:37 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (02/14/2015 01:12:03 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (02/14/2015 01:12:03 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (02/14/2015 01:12:03 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (02/14/2015 01:12:01 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "select * from CIntelWLANEvent" konnte im Namespace "//./ROOT/default" aufgrund des Fehlers "0x80041010" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (02/13/2015 02:05:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (02/13/2015 02:05:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (02/13/2015 02:05:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.


System errors:
=============
Error: (02/14/2015 08:37:06 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (02/14/2015 01:44:17 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (02/14/2015 01:13:57 AM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 1053GDFwSvc-Service{1DED95CA-C567-464A-B405-087EDDF0B095}

Error: (02/14/2015 01:13:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "G Data Personal Firewall" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (02/14/2015 01:13:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst G Data Personal Firewall erreicht.

Error: (02/14/2015 01:13:51 AM) (Source: DCOM) (EventID: 10010) (User: MICHAEL)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (02/14/2015 01:13:51 AM) (Source: DCOM) (EventID: 10010) (User: MICHAEL)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (02/14/2015 01:12:07 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (02/14/2015 00:29:06 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (02/13/2015 10:41:50 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.


Microsoft Office Sessions:
=========================
Error: (02/14/2015 01:20:37 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F2030000E5050000

Error: (02/14/2015 01:20:37 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance163707000000000000000000008F020000

Error: (02/14/2015 01:20:37 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance163707000000000000000000008F020000

Error: (02/14/2015 01:12:03 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F2030000E5050000

Error: (02/14/2015 01:12:03 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance163707000000000000000000008F020000

Error: (02/14/2015 01:12:03 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance163707000000000000000000008F020000

Error: (02/14/2015 01:12:01 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: //./ROOT/defaultselect * from CIntelWLANEvent0x80041010

Error: (02/13/2015 02:05:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F2030000E5050000

Error: (02/13/2015 02:05:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance163707000000000000000000008F020000

Error: (02/13/2015 02:05:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance163707000000000000000000008F020000


CodeIntegrity Errors:
===================================
  Date: 2015-02-14 20:46:49.009
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-02-14 20:30:08.644
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-02-14 01:14:38.637
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-02-14 01:13:44.069
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-02-13 23:55:50.319
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-02-13 22:41:49.070
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-02-13 14:55:31.891
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-02-13 14:19:44.528
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-02-13 14:02:28.345
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-02-13 12:44:23.268
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4200H CPU @ 2.80GHz
Percentage of memory in use: 52%
Total physical RAM: 8110.72 MB
Available physical RAM: 3841.31 MB
Total Pagefile: 10286.72 MB
Available Pagefile: 3372.82 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (SSD) (Fixed) (Total:111.79 GB) (Free:32.43 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Festplatte) (Fixed) (Total:465.76 GB) (Free:128.63 GB) NTFS
Drive e: (DLAN-500AV-WRLP) (CDROM) (Total:0.12 GB) (Free:0 GB) CDFS
Drive h: () (Removable) (Total:7.53 GB) (Free:0.31 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 52C3C6D3)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=465.8 GB) - (Type=42)
Partition 3: (Not Active) - (Size=24 KB) - (Type=42)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: CE5252D0)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 7.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber · 15.02.2015, 15:25

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

WinZipper

YAC
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

FireHawk0815 · 16.02.2015, 20:15

mbam.txt :

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 16.02.2015
Suchlauf-Zeit: 18:32:45
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.02.16.06
Rootkit Datenbank: v2015.02.03.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Michael

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 476647
Verstrichene Zeit: 6 Min, 38 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 24
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, In Quarantäne, [ef37aa75414944f29668699d6a996a96], 
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}, In Quarantäne, [879f34eb187238fe00fe7096f80b11ef], 
PUP.Optional.SecurityProtection.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\noajmlkipclmeolfcnflkjhijkigpfjh, In Quarantäne, [36f069b63357f64005b735631ce72bd5], 
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\delta-homesSoftware, In Quarantäne, [2ef8f7286c1e47ef5388e0cf9073fd03], 
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, In Quarantäne, [f135d8474d3d2d09cb683ed1030219e7], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\supWPM, In Quarantäne, [fe28829d2466e74fa7292f7bd42f57a9], 
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\sweet-pageSoftware, In Quarantäne, [ab7be43b0288ad89844a6f9464a1e31d], 
PUP.Optional.SecurityProtection.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\noajmlkipclmeolfcnflkjhijkigpfjh, In Quarantäne, [0c1afb247416c175ae0efd9b49bae51b], 
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [80a6fa254941a78fd920cc2e41c39e62], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, In Quarantäne, [1c0adf4035550531a22d76343dc67b85], 
PUP.Optional.IEPluginServices.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginServices, In Quarantäne, [57cf041bcebc290dd3312e729073817f], 
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, In Quarantäne, [1a0cb46bcebc5cda45c0e6ba34cfe31d], 
PUP.Optional.WebSearches.A, HKU\S-1-5-21-1747353380-2781431917-137839127-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupHpUISoft, In Quarantäne, [c95d3ae51e6c7abc94ea1f8d6d9660a0], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1747353380-2781431917-137839127-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [0521d14e1f6b44f27410b227bb48e31d], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1747353380-2781431917-137839127-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [bc6a1d02830745f195d9727dcd37c13f], 
PUP.Optional.Qone8, HKU\S-1-5-21-1747353380-2781431917-137839127-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [36f0cc535139330317e1926811f350b0], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, In Quarantäne, [6bbbb06fb2d8c76fb5644a2dbd46d62a], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, In Quarantäne, [6bbbb06fb2d8c76fb5644a2dbd46d62a], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, In Quarantäne, [6bbbb06fb2d8c76fb5644a2dbd46d62a], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}, In Quarantäne, [6bbbb06fb2d8c76fb5644a2dbd46d62a], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, In Quarantäne, [6bbbb06fb2d8c76fb5644a2dbd46d62a], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, In Quarantäne, [6bbbb06fb2d8c76fb5644a2dbd46d62a], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}, In Quarantäne, [6bbbb06fb2d8c76fb5644a2dbd46d62a], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, In Quarantäne, [6bbbb06fb2d8c76fb5644a2dbd46d62a], 

Registrierungswerte: 2
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, cor, In Quarantäne, [1c0adf4035550531a22d76343dc67b85]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1747353380-2781431917-137839127-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, zr2X2X1G1S1F2V1S2Q0V, In Quarantäne, [bc6a1d02830745f195d9727dcd37c13f]

Registrierungsdaten: 5
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1411735105&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1411735105&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}),Ersetzt,[ba6ce03fd7b39f97a68104be7f863dc3]
PUP.Optional.Delta.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.delta-homes.com/?type=hp&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9, Gut: (www.google.com), Schlecht: (hxxp://www.delta-homes.com/?type=hp&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9),Ersetzt,[091d77a8800aef47fac791318f7620e0]
PUP.Optional.Delta.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.delta-homes.com/?type=hp&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9, Gut: (www.google.com), Schlecht: (hxxp://www.delta-homes.com/?type=hp&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9),Ersetzt,[9690a47b4b3f092d19ac269c18ed0af6]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.sweet-page.com/web/?type=ds&ts=1411735105&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1411735105&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}),Ersetzt,[1d09d649b2d84fe740ef981fc243fc04]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[4adcb56a2b5fb97da81a13aecd387e82]

Ordner: 89
Rogue.Multiple, C:\ProgramData\374311380, In Quarantäne, [f92df9260387f541bb575ee80cf7639d], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\bookmarks, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\bookmarks\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\bookmarks\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\classification, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\classification\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\classification\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\classification\img\skin, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\img\skin, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\dialog, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\dialog\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\dialog\img\skin, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\extensions, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\extensions\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\extensions\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\gameCenter, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\gameCenter\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\gameCenter\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\guide, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\guide\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\lastVisited, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\lastVisited\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\lastVisited\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\notice, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\notice\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\played, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\played\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\played\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\search, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\search\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\search\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\setup, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\setup\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\setup\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\setup\img\skin, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\shortcuts, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\shortcuts\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\img\skin, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather\img\skin, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\de, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\en, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\es, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\es_419, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\fr, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\it, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\ja, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\pl, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\pt_BR, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\pt_PT, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\ru, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\tr, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\vi, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\zh_CN, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\zh_TW, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_metadata, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, In Quarantäne, [59cd3be441491d198b1d3b2f0df6728e], 
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, In Quarantäne, [59cd3be441491d198b1d3b2f0df6728e], 
PUP.Optional.Booster.A, C:\ProgramData\Trusted Publisher\GS_Booster, In Quarantäne, [5ec81f00b7d31c1a8019abc1a261e818], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, In Quarantäne, [70b6839c464492a4597b7bf14db6ab55], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log, In Quarantäne, [70b6839c464492a4597b7bf14db6ab55], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, In Quarantäne, [70b6839c464492a4597b7bf14db6ab55], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, In Quarantäne, [74b256c95337a294ec42cca6ff040bf5], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin, In Quarantäne, [74b256c95337a294ec42cca6ff040bf5], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image, In Quarantäne, [74b256c95337a294ec42cca6ff040bf5], 
PUP.Optional.MultiPlug.A, C:\ProgramData\NextCoup, In Quarantäne, [fe28100f9feb989e8296245335ced22e], 
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\NextCoup, In Quarantäne, [6bbbb06fb2d8c76fb5644a2dbd46d62a], 
PUP.Optional.MultiPlug.A, C:\ProgramData\GoSavee, In Quarantäne, [2ff71807deac5bdb6011017a48bb0ff1], 
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\GoSavee, In Quarantäne, [54d2a67947432b0b432f9eddd62da65a], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\_metadata, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 

Dateien: 154
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx, In Quarantäne, [28fe9788d4b6f541f7c4f2a6c53e42be], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\background.html, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\index.html, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\jump.html, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\manifest.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\bookmarks\bookmarks.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\bookmarks\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\bookmarks\img\logo.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\bookmarks\img\searchButton.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\classification\classification.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\classification\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\classification\img\logo.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\classification\img\skin\del.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\classification\img\skin\main.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\classification\img\skin\selected.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\cloud.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\cloudApp.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\cloudWebsite.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\createWebsite.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\img\logo.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\img\skin\buttonBg.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\img\skin\categoryBg.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\img\skin\icons.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\img\skin\searchBg.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\img\skin\searchButton.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\img\skin\searchLeft.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\img\skin\selected.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\img\skin\tabsBg.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\dialog\img\skin\headerBg.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\extensions\extensions.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\extensions\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\extensions\img\logo.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\gameCenter\gameCenter.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\gameCenter\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\gameCenter\img\logo.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\gameCenter\img\star.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\gameCenter\img\star_bg.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\gameCenter\img\time.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\guide\guide.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\guide\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\lastVisited\lastVisited.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\lastVisited\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\lastVisited\img\logo.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\notice\notice.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\notice\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\played\played.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\played\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\search\search.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\search\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\search\img\google-new-logo.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\search\img\logo.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\search\img\searchicon.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\search\img\searchicon2.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\setup\setup.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\setup\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\setup\img\logo.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\setup\img\skin\dialBoxStyle.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\setup\img\skin\icons.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\shortcuts\img\oBookmarks.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\shortcuts\img\oDownloads.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\shortcuts\img\oExtensions.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\shortcuts\img\oHistory.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\shortcuts\img\oNewtab.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\cloudWallpaper.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\skins.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\img\logo.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\img\skin\categoryBg.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\img\skin\delete.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\img\skin\download.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\img\skin\icons.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\img\skin\loading.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather\weather.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather\img\logo.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather\img\skin\line.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather\img\skin\locationIcon.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather\img\skin\searchButton.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather\img\skin\weather.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\css\all.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\game.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\icon_128.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\icon_16.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\icon_48.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\NEW.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\shopping.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\weather.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\webstore.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\default.jpg, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\iconsprite.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\idialog_s.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\ios5_button.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\left.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\loading.gif, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\loading2.gif, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\qBoxBg.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\q_bg.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\q_bg0.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\q_left.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\q_left0.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\q_right.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\q_right0.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\right.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\selected.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\titleBg.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\js\all.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\js\background.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\js\ga.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\js\jq.mobi.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\js\jump.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\js\pop.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\js\redirect.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\js\xagainit.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\de\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\en\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\es\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\es_419\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\fr\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\it\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\ja\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\pl\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\pt_BR\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\pt_PT\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\ru\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\tr\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\vi\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\zh_CN\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\zh_TW\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_metadata\verified_contents.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-09-26[14-38-45-606].log, In Quarantäne, [70b6839c464492a4597b7bf14db6ab55], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, In Quarantäne, [70b6839c464492a4597b7bf14db6ab55], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\bk_shadow.png, In Quarantäne, [74b256c95337a294ec42cca6ff040bf5], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\btn.png, In Quarantäne, [74b256c95337a294ec42cca6ff040bf5], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\close.png, In Quarantäne, [74b256c95337a294ec42cca6ff040bf5], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\main.xml, In Quarantäne, [74b256c95337a294ec42cca6ff040bf5], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\main.xml.bak, In Quarantäne, [74b256c95337a294ec42cca6ff040bf5], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\ck_box.png, In Quarantäne, [74b256c95337a294ec42cca6ff040bf5], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\ck_check.png, In Quarantäne, [74b256c95337a294ec42cca6ff040bf5], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\radio_bk.png, In Quarantäne, [74b256c95337a294ec42cca6ff040bf5], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\radio_check.png, In Quarantäne, [74b256c95337a294ec42cca6ff040bf5], 
PUP.Optional.MultiPlug.A, C:\ProgramData\NextCoup\HnvAk2zpb3Zoxfr.dat, In Quarantäne, [fe28100f9feb989e8296245335ced22e], 
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\NextCoup\tY44ZQSlTYQaOM.dat, In Quarantäne, [6bbbb06fb2d8c76fb5644a2dbd46d62a], 
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\NextCoup\tY44ZQSlTYQaOM.tlb, In Quarantäne, [6bbbb06fb2d8c76fb5644a2dbd46d62a], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\background.html, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\icon128.png, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\manifest.json, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js\background.js, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js\det.js, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js\inject.js, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js\jquery-1.11.1.min.js, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js\urllist.js, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\_metadata\computed_hashes.json, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\_metadata\verified_contents.json, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

AdwCleaner[S0].txt :

Code:

ATTFilter

# AdwCleaner v4.110 - Bericht erstellt 16/02/2015 um 18:52:13
# Aktualisiert 05/02/2015 von Xplode
# Datenbank : 2015-02-14.2 [Server]
# Betriebssystem : Windows 8.1 Pro  (x64)
# Benutzername : Michael - MICHAEL
# Gestarted von : C:\Users\Michael\Desktop\AdwCleaner_4.110.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : iSafeKrnlMon

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Trusted Publisher
Ordner Gelöscht : C:\ProgramData\YoutuBBeeAdoBlockE
Ordner Gelöscht : C:\ProgramData\cb211c4943aa41a8
Ordner Gelöscht : C:\Program Files (x86)\YoutuBBeeAdoBlockE
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\torch
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\torch
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\Gast\AppData\Local\torch
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\torch
Ordner Gelöscht : C:\Users\Michael\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\Michael\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Michael\AppData\Local\torch
Ordner Gelöscht : C:\Users\Michael\AppData\Local\CrashRpt
Ordner Gelöscht : C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\Michael\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\Michael\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\Michael\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\Michael\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Datei Gelöscht : C:\Windows\System32\log\iSafeKrnlCall.log
Datei Gelöscht : C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Michael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Michael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-576482620
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{50d3832b-4e19-4484-a813-ecefad60baa8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{50d3832b-4e19-4484-a813-ecefad60baa8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{50d3832b-4e19-4484-a813-ecefad60baa8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{50d3832b-4e19-4484-a813-ecefad60baa8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{50d3832b-4e19-4484-a813-ecefad60baa8}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\RegisteredApplicationsEx
Schlüssel Gelöscht : HKCU\Software\V9
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\hdcode
Schlüssel Gelöscht : HKLM\SOFTWARE\V9
Schlüssel Gelöscht : HKLM\SOFTWARE\winzipersvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Google Chrome v40.0.2214.111

[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1406476263&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1406476263&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.qip.ru/search/?query={searchTerms}&from=os
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://start.iminent.com/?appId=4B5B631B-A385-4E12-9D39-48151B169BEE&ref=toolbox&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.sweet-page.com/web/?type=ds&ts=1411735105&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.nationzoom.com/web/?type=ds&ts=1397574389&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1406476263&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1406476263&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.v9.com/web?type=ds&ts=1421836839&from=zbd1&uid=wdcxwd5000lpvx-22v0tt0_wd-wxq1e93rapp9rapp9&q={searchTerms}&ref=YmFzZVVSTH1zZWFyY2g=
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.v9.com/web?type=ds&ts=1421836839&from=zbd1&uid=wdcxwd5000lpvx-22v0tt0_wd-wxq1e93rapp9rapp9&q={searchTerms}&ref=YmFzZVVSTH1zZWFyY2g=

-\\ Comodo Dragon v

[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1406476263&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1406476263&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.qip.ru/search/?query={searchTerms}&from=os
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://start.iminent.com/?appId=4B5B631B-A385-4E12-9D39-48151B169BEE&ref=toolbox&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.sweet-page.com/web/?type=ds&ts=1411735105&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.nationzoom.com/web/?type=ds&ts=1397574389&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1406476263&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1406476263&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.v9.com/web?type=ds&ts=1421836839&from=zbd1&uid=wdcxwd5000lpvx-22v0tt0_wd-wxq1e93rapp9rapp9&q={searchTerms}&ref=YmFzZVVSTH1zZWFyY2g=
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.v9.com/web?type=ds&ts=1421836839&from=zbd1&uid=wdcxwd5000lpvx-22v0tt0_wd-wxq1e93rapp9rapp9&q={searchTerms}&ref=YmFzZVVSTH1zZWFyY2g=

-\\ Chrome Canary v

[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1406476263&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1406476263&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.qip.ru/search/?query={searchTerms}&from=os
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://start.iminent.com/?appId=4B5B631B-A385-4E12-9D39-48151B169BEE&ref=toolbox&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.sweet-page.com/web/?type=ds&ts=1411735105&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.nationzoom.com/web/?type=ds&ts=1397574389&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1406476263&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1406476263&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.v9.com/web?type=ds&ts=1421836839&from=zbd1&uid=wdcxwd5000lpvx-22v0tt0_wd-wxq1e93rapp9rapp9&q={searchTerms}&ref=YmFzZVVSTH1zZWFyY2g=
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.v9.com/web?type=ds&ts=1421836839&from=zbd1&uid=wdcxwd5000lpvx-22v0tt0_wd-wxq1e93rapp9rapp9&q={searchTerms}&ref=YmFzZVVSTH1zZWFyY2g=

*************************

AdwCleaner[R0].txt - [10575 Bytes] - [16/02/2015 18:50:18]
AdwCleaner[S0].txt - [16465 Bytes] - [16/02/2015 18:52:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16525  Bytes] ##########

JRT.txt :

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 8.1 Pro x64
Ran by Michael on 16.02.2015 at 20:02:28,56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.02.2015 at 20:06:53,49
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FireHawk0815 · 16.02.2015, 20:24

mbam.txt :

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 16.02.2015
Suchlauf-Zeit: 18:32:45
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.02.16.06
Rootkit Datenbank: v2015.02.03.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Michael

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 476647
Verstrichene Zeit: 6 Min, 38 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 24
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, In Quarantäne, [ef37aa75414944f29668699d6a996a96], 
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}, In Quarantäne, [879f34eb187238fe00fe7096f80b11ef], 
PUP.Optional.SecurityProtection.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\noajmlkipclmeolfcnflkjhijkigpfjh, In Quarantäne, [36f069b63357f64005b735631ce72bd5], 
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\delta-homesSoftware, In Quarantäne, [2ef8f7286c1e47ef5388e0cf9073fd03], 
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, In Quarantäne, [f135d8474d3d2d09cb683ed1030219e7], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\supWPM, In Quarantäne, [fe28829d2466e74fa7292f7bd42f57a9], 
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\sweet-pageSoftware, In Quarantäne, [ab7be43b0288ad89844a6f9464a1e31d], 
PUP.Optional.SecurityProtection.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\noajmlkipclmeolfcnflkjhijkigpfjh, In Quarantäne, [0c1afb247416c175ae0efd9b49bae51b], 
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [80a6fa254941a78fd920cc2e41c39e62], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, In Quarantäne, [1c0adf4035550531a22d76343dc67b85], 
PUP.Optional.IEPluginServices.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginServices, In Quarantäne, [57cf041bcebc290dd3312e729073817f], 
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, In Quarantäne, [1a0cb46bcebc5cda45c0e6ba34cfe31d], 
PUP.Optional.WebSearches.A, HKU\S-1-5-21-1747353380-2781431917-137839127-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupHpUISoft, In Quarantäne, [c95d3ae51e6c7abc94ea1f8d6d9660a0], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1747353380-2781431917-137839127-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [0521d14e1f6b44f27410b227bb48e31d], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1747353380-2781431917-137839127-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [bc6a1d02830745f195d9727dcd37c13f], 
PUP.Optional.Qone8, HKU\S-1-5-21-1747353380-2781431917-137839127-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [36f0cc535139330317e1926811f350b0], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, In Quarantäne, [6bbbb06fb2d8c76fb5644a2dbd46d62a], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, In Quarantäne, [6bbbb06fb2d8c76fb5644a2dbd46d62a], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, In Quarantäne, [6bbbb06fb2d8c76fb5644a2dbd46d62a], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}, In Quarantäne, [6bbbb06fb2d8c76fb5644a2dbd46d62a], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, In Quarantäne, [6bbbb06fb2d8c76fb5644a2dbd46d62a], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, In Quarantäne, [6bbbb06fb2d8c76fb5644a2dbd46d62a], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}, In Quarantäne, [6bbbb06fb2d8c76fb5644a2dbd46d62a], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, In Quarantäne, [6bbbb06fb2d8c76fb5644a2dbd46d62a], 

Registrierungswerte: 2
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, cor, In Quarantäne, [1c0adf4035550531a22d76343dc67b85]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1747353380-2781431917-137839127-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, zr2X2X1G1S1F2V1S2Q0V, In Quarantäne, [bc6a1d02830745f195d9727dcd37c13f]

Registrierungsdaten: 5
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1411735105&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1411735105&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}),Ersetzt,[ba6ce03fd7b39f97a68104be7f863dc3]
PUP.Optional.Delta.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.delta-homes.com/?type=hp&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9, Gut: (www.google.com), Schlecht: (hxxp://www.delta-homes.com/?type=hp&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9),Ersetzt,[091d77a8800aef47fac791318f7620e0]
PUP.Optional.Delta.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.delta-homes.com/?type=hp&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9, Gut: (www.google.com), Schlecht: (hxxp://www.delta-homes.com/?type=hp&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9),Ersetzt,[9690a47b4b3f092d19ac269c18ed0af6]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.sweet-page.com/web/?type=ds&ts=1411735105&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1411735105&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}),Ersetzt,[1d09d649b2d84fe740ef981fc243fc04]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[4adcb56a2b5fb97da81a13aecd387e82]

Ordner: 89
Rogue.Multiple, C:\ProgramData\374311380, In Quarantäne, [f92df9260387f541bb575ee80cf7639d], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\bookmarks, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\bookmarks\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\bookmarks\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\classification, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\classification\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\classification\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\classification\img\skin, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\img\skin, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\dialog, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\dialog\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\dialog\img\skin, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\extensions, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\extensions\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\extensions\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\gameCenter, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\gameCenter\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\gameCenter\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\guide, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\guide\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\lastVisited, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\lastVisited\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\lastVisited\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\notice, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\notice\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\played, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\played\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\played\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\search, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\search\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\search\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\setup, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\setup\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\setup\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\setup\img\skin, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\shortcuts, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\shortcuts\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\img\skin, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather\img\skin, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\de, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\en, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\es, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\es_419, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\fr, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\it, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\ja, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\pl, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\pt_BR, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\pt_PT, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\ru, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\tr, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\vi, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\zh_CN, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\zh_TW, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_metadata, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, In Quarantäne, [59cd3be441491d198b1d3b2f0df6728e], 
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, In Quarantäne, [59cd3be441491d198b1d3b2f0df6728e], 
PUP.Optional.Booster.A, C:\ProgramData\Trusted Publisher\GS_Booster, In Quarantäne, [5ec81f00b7d31c1a8019abc1a261e818], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, In Quarantäne, [70b6839c464492a4597b7bf14db6ab55], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log, In Quarantäne, [70b6839c464492a4597b7bf14db6ab55], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, In Quarantäne, [70b6839c464492a4597b7bf14db6ab55], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, In Quarantäne, [74b256c95337a294ec42cca6ff040bf5], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin, In Quarantäne, [74b256c95337a294ec42cca6ff040bf5], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image, In Quarantäne, [74b256c95337a294ec42cca6ff040bf5], 
PUP.Optional.MultiPlug.A, C:\ProgramData\NextCoup, In Quarantäne, [fe28100f9feb989e8296245335ced22e], 
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\NextCoup, In Quarantäne, [6bbbb06fb2d8c76fb5644a2dbd46d62a], 
PUP.Optional.MultiPlug.A, C:\ProgramData\GoSavee, In Quarantäne, [2ff71807deac5bdb6011017a48bb0ff1], 
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\GoSavee, In Quarantäne, [54d2a67947432b0b432f9eddd62da65a], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\_metadata, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 

Dateien: 154
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx, In Quarantäne, [28fe9788d4b6f541f7c4f2a6c53e42be], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\background.html, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\index.html, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\jump.html, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\manifest.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\bookmarks\bookmarks.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\bookmarks\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\bookmarks\img\logo.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\bookmarks\img\searchButton.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\classification\classification.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\classification\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\classification\img\logo.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\classification\img\skin\del.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\classification\img\skin\main.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\classification\img\skin\selected.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\cloud.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\cloudApp.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\cloudWebsite.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\createWebsite.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\img\logo.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\img\skin\buttonBg.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\img\skin\categoryBg.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\img\skin\icons.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\img\skin\searchBg.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\img\skin\searchButton.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\img\skin\searchLeft.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\img\skin\selected.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\cloud\img\skin\tabsBg.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\dialog\img\skin\headerBg.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\extensions\extensions.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\extensions\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\extensions\img\logo.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\gameCenter\gameCenter.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\gameCenter\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\gameCenter\img\logo.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\gameCenter\img\star.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\gameCenter\img\star_bg.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\gameCenter\img\time.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\guide\guide.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\guide\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\lastVisited\lastVisited.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\lastVisited\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\lastVisited\img\logo.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\notice\notice.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\notice\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\played\played.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\played\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\search\search.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\search\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\search\img\google-new-logo.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\search\img\logo.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\search\img\searchicon.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\search\img\searchicon2.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\setup\setup.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\setup\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\setup\img\logo.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\setup\img\skin\dialBoxStyle.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\setup\img\skin\icons.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\shortcuts\img\oBookmarks.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\shortcuts\img\oDownloads.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\shortcuts\img\oExtensions.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\shortcuts\img\oHistory.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\shortcuts\img\oNewtab.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\cloudWallpaper.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\skins.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\img\logo.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\img\skin\categoryBg.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\img\skin\delete.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\img\skin\download.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\img\skin\icons.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\skins\img\skin\loading.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather\weather.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather\css\style.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather\img\logo.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather\img\skin\line.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather\img\skin\locationIcon.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather\img\skin\searchButton.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\app\weather\img\skin\weather.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\css\all.css, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\game.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\icon_128.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\icon_16.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\icon_48.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\NEW.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\shopping.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\weather.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\webstore.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\default.jpg, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\iconsprite.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\idialog_s.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\ios5_button.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\left.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\loading.gif, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\loading2.gif, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\qBoxBg.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\q_bg.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\q_bg0.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\q_left.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\q_left0.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\q_right.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\q_right0.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\right.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\selected.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\img\skin\titleBg.png, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\js\all.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\js\background.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\js\ga.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\js\jq.mobi.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\js\jump.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\js\pop.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\js\redirect.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\js\xagainit.js, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\de\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\en\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\es\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\es_419\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\fr\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\it\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\ja\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\pl\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\pt_BR\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\pt_PT\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\ru\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\tr\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\vi\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\zh_CN\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_locales\zh_TW\messages.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.QuickStart.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\_metadata\verified_contents.json, In Quarantäne, [ae78a7788dfd2c0a8d2ede7d8281af51], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-09-26[14-38-45-606].log, In Quarantäne, [70b6839c464492a4597b7bf14db6ab55], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, In Quarantäne, [70b6839c464492a4597b7bf14db6ab55], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\bk_shadow.png, In Quarantäne, [74b256c95337a294ec42cca6ff040bf5], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\btn.png, In Quarantäne, [74b256c95337a294ec42cca6ff040bf5], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\close.png, In Quarantäne, [74b256c95337a294ec42cca6ff040bf5], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\main.xml, In Quarantäne, [74b256c95337a294ec42cca6ff040bf5], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\main.xml.bak, In Quarantäne, [74b256c95337a294ec42cca6ff040bf5], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\ck_box.png, In Quarantäne, [74b256c95337a294ec42cca6ff040bf5], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\ck_check.png, In Quarantäne, [74b256c95337a294ec42cca6ff040bf5], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\radio_bk.png, In Quarantäne, [74b256c95337a294ec42cca6ff040bf5], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\radio_check.png, In Quarantäne, [74b256c95337a294ec42cca6ff040bf5], 
PUP.Optional.MultiPlug.A, C:\ProgramData\NextCoup\HnvAk2zpb3Zoxfr.dat, In Quarantäne, [fe28100f9feb989e8296245335ced22e], 
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\NextCoup\tY44ZQSlTYQaOM.dat, In Quarantäne, [6bbbb06fb2d8c76fb5644a2dbd46d62a], 
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\NextCoup\tY44ZQSlTYQaOM.tlb, In Quarantäne, [6bbbb06fb2d8c76fb5644a2dbd46d62a], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\background.html, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\icon128.png, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\manifest.json, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js\background.js, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js\det.js, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js\inject.js, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js\jquery-1.11.1.min.js, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js\urllist.js, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\_metadata\computed_hashes.json, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 
PUP.Optional.SecurityProtection.A, C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\_metadata\verified_contents.json, In Quarantäne, [f5311b04b2d8d561cbe39aeab053f907], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

AdwCleaner[S0].txt :

Code:

ATTFilter

# AdwCleaner v4.110 - Bericht erstellt 16/02/2015 um 18:52:13
# Aktualisiert 05/02/2015 von Xplode
# Datenbank : 2015-02-14.2 [Server]
# Betriebssystem : Windows 8.1 Pro  (x64)
# Benutzername : Michael - MICHAEL
# Gestarted von : C:\Users\Michael\Desktop\AdwCleaner_4.110.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : iSafeKrnlMon

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Trusted Publisher
Ordner Gelöscht : C:\ProgramData\YoutuBBeeAdoBlockE
Ordner Gelöscht : C:\ProgramData\cb211c4943aa41a8
Ordner Gelöscht : C:\Program Files (x86)\YoutuBBeeAdoBlockE
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\torch
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\torch
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\Gast\AppData\Local\torch
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\torch
Ordner Gelöscht : C:\Users\Michael\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\Michael\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Michael\AppData\Local\torch
Ordner Gelöscht : C:\Users\Michael\AppData\Local\CrashRpt
Ordner Gelöscht : C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\Michael\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\Michael\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\Michael\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\enddoiobiedojngngkoclkagomnmmdnn
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Ordner Gelöscht : C:\Users\Michael\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hijdmjcbgenmmepcfchhibjcaniflpke
Datei Gelöscht : C:\Windows\System32\log\iSafeKrnlCall.log
Datei Gelöscht : C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Michael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Michael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-576482620
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{50d3832b-4e19-4484-a813-ecefad60baa8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{50d3832b-4e19-4484-a813-ecefad60baa8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{50d3832b-4e19-4484-a813-ecefad60baa8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{50d3832b-4e19-4484-a813-ecefad60baa8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{50d3832b-4e19-4484-a813-ecefad60baa8}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\RegisteredApplicationsEx
Schlüssel Gelöscht : HKCU\Software\V9
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\hdcode
Schlüssel Gelöscht : HKLM\SOFTWARE\V9
Schlüssel Gelöscht : HKLM\SOFTWARE\winzipersvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Google Chrome v40.0.2214.111

[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1406476263&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1406476263&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.qip.ru/search/?query={searchTerms}&from=os
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://start.iminent.com/?appId=4B5B631B-A385-4E12-9D39-48151B169BEE&ref=toolbox&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.sweet-page.com/web/?type=ds&ts=1411735105&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.nationzoom.com/web/?type=ds&ts=1397574389&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1406476263&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1406476263&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.v9.com/web?type=ds&ts=1421836839&from=zbd1&uid=wdcxwd5000lpvx-22v0tt0_wd-wxq1e93rapp9rapp9&q={searchTerms}&ref=YmFzZVVSTH1zZWFyY2g=
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.v9.com/web?type=ds&ts=1421836839&from=zbd1&uid=wdcxwd5000lpvx-22v0tt0_wd-wxq1e93rapp9rapp9&q={searchTerms}&ref=YmFzZVVSTH1zZWFyY2g=

-\\ Comodo Dragon v

[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1406476263&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1406476263&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.qip.ru/search/?query={searchTerms}&from=os
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://start.iminent.com/?appId=4B5B631B-A385-4E12-9D39-48151B169BEE&ref=toolbox&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.sweet-page.com/web/?type=ds&ts=1411735105&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.nationzoom.com/web/?type=ds&ts=1397574389&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1406476263&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1406476263&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.v9.com/web?type=ds&ts=1421836839&from=zbd1&uid=wdcxwd5000lpvx-22v0tt0_wd-wxq1e93rapp9rapp9&q={searchTerms}&ref=YmFzZVVSTH1zZWFyY2g=
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.v9.com/web?type=ds&ts=1421836839&from=zbd1&uid=wdcxwd5000lpvx-22v0tt0_wd-wxq1e93rapp9rapp9&q={searchTerms}&ref=YmFzZVVSTH1zZWFyY2g=

-\\ Chrome Canary v

[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1406476263&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1406476263&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.qip.ru/search/?query={searchTerms}&from=os
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://start.iminent.com/?appId=4B5B631B-A385-4E12-9D39-48151B169BEE&ref=toolbox&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.sweet-page.com/web/?type=ds&ts=1411735105&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.nationzoom.com/web/?type=ds&ts=1397574389&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1406476263&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1406476263&from=ild&uid=WDCXWD3200AAKS-00B3A0_WD-WMAT1024591845918&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1418833419&from=wpm12173&uid=WDCXWD5000LPVX-22V0TT0_WD-WXQ1E93RAPP9RAPP9&q={searchTerms}
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.v9.com/web?type=ds&ts=1421836839&from=zbd1&uid=wdcxwd5000lpvx-22v0tt0_wd-wxq1e93rapp9rapp9&q={searchTerms}&ref=YmFzZVVSTH1zZWFyY2g=
[C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.v9.com/web?type=ds&ts=1421836839&from=zbd1&uid=wdcxwd5000lpvx-22v0tt0_wd-wxq1e93rapp9rapp9&q={searchTerms}&ref=YmFzZVVSTH1zZWFyY2g=

*************************

AdwCleaner[R0].txt - [10575 Bytes] - [16/02/2015 18:50:18]
AdwCleaner[S0].txt - [16465 Bytes] - [16/02/2015 18:52:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16525  Bytes] ##########

JRT.txt :

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 8.1 Pro x64
Ran by Michael on 16.02.2015 at 20:02:28,56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.02.2015 at 20:06:53,49
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

jetzt hat es die letzte nachricht doppelt geschickt -.-

schrauber · 17.02.2015, 11:34

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Windows 8.1 Pro Downloads laufen mit normaler Downloadgeschwindigkeit bis ca. 99%, werden dann aber nicht beendet

Log-Analyse und Auswertung: Windows 8.1 Pro Downloads laufen mit normaler Downloadgeschwindigkeit bis ca. 99%, werden dann aber nicht beendet