NSIS/StartPage.CC Trojaner

Nashvilla · 22.02.2015, 18:13

Hallo an Alle,

ich möchte euch um Hilfe bei meinem Problem bitten, welches folgendes ist:

Seit letztem Wochenende verschwand meine Internetverbindung immer mal wieder ohne für mich erkennbaren Grund. Daraufhin habe ich auf Anraten eines Freundes einen Eset Smart Installer Scan gemacht. Das Erbebnis sind 5 Funde, die in Quarantäne verschoben wurden. Beim ersten Mal habe ich diese aus der Quarantäne gelöscht. Daraufhin meldete Firefox, dass kein Proxy Server gefunden würde. Dann habe ich in den Einstellungen Automatisches Erkennen aktiviert, damit ging Firefox wieder. Aber beim Hochfahren kommt die Meldung:
"C:\Program Files (x86)\Search Extensions\Client.exe" konnte nicht gefunden werden.
Ich habe dann eine Systemwiederherstellung auf den 13.02.15 gemacht und danach noch einen Eset Scan mit dem gleichen Ergebnis. Diesmal habe ich die Quarantäne nicht gelöscht, aber die Folgen sind identisch die gleichen, kein Firefox und die fehlende Client.exe Meldung beim Hochfahren. Anbei die log vom Eset Scan von heute.
Vielen Dank schon mal im voraus,

Nashvilla

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=68cea197872f964aacb23890d1ab771a
# engine=22590
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-02-22 03:55:39
# local_time=2015-02-22 04:55:39 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 15448 14924858 0 0
# scanned=907691
# found=5
# cleaned=5
# scan_time=11103
sh=93F0172E398465FE8830AB01A70FDCA12EB11C4C ft=1 fh=4084d826ec2cd038 vn="Variante von Win32/Adware.Synatix.A Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Anwendungsdaten\Windows Net Data\uninstaller.exe"
sh=DC19698180A3851457A7593A141BDB03E2D3ECFF ft=1 fh=58c76f141534a4e4 vn="Variante von Win32/Adware.Synatix.A Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Lokale Einstellungen\Temp\vis-de.exe"
sh=EAA07477B20136AA8945B9BE3F2A7D8F93297D33 ft=1 fh=c71c001144d1e9e1 vn="Variante von MSIL/Adware.iBryte.S Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Search Extensions\Client.exe"
sh=ADB750BF6B31BEC9A6544503895528F8E474B5C8 ft=1 fh=0fcddc0452263ba6 vn="Variante von MSIL/Adware.iBryte.G Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Search Extensions\uninstall.exe"
sh=86FD2D88F3C4675471D14644D2A2D8A0B08BA2F4 ft=1 fh=5d2300031434a965 vn="NSIS/StartPage.CC Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Tina\Downloads\vlc-2.1.2-win64.exe"
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internet

cosinus · 22.02.2015, 18:13

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Nashvilla · 22.02.2015, 18:27

Hallo und danke,

ich habe keine andere Log. Hier die FRST Logs:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-02-2015
Ran by Tina (administrator) on I5-4771 on 22-02-2015 18:23:19
Running from C:\Users\Tina\Desktop
Loaded Profiles: Tina (Available profiles: Tina)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Jumping Bytes) C:\Program Files (x86)\Mobile Master\MMAgent.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
() C:\Program Files (x86)\X-Rite\ColorMunki Display\ColorMunkiDisplayTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Jumping Bytes) C:\Program Files (x86)\Mobile Master\MMScan.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Micro-Star INT'L CO.,LTD.) C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Fred's Software) C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7205592 2013-12-03] (Realtek Semiconductor)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [764472 2012-09-19] ()
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-17] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-08-13] (MSI)
HKLM-x32\...\Run: [Live Update 5] => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe [315392 2012-01-30] ()
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3133213367-1338719558-82200134-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3133213367-1338719558-82200134-1001\...\Run: [MMAgent] => C:\Program Files (x86)\Mobile Master\MMAgent.exe [1412080 2014-04-01] (Jumping Bytes)
HKU\S-1-5-21-3133213367-1338719558-82200134-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3133213367-1338719558-82200134-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3133213367-1338719558-82200134-1001\...\MountPoints2: {8203be42-666e-11e3-be65-806e6f6e6963} - "D:\machinarium_install.exe" 
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ColorMunki Display Tray.lnk
ShortcutTarget: ColorMunki Display Tray.lnk -> C:\Program Files (x86)\X-Rite\ColorMunki Display\ColorMunkiDisplayTray.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk
ShortcutTarget: Printkey2000.lnk -> C:\Program Files (x86)\PrintKey2000\Printkey2000.exe (Fred's Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\XRGamma.lnk
ShortcutTarget: XRGamma.lnk -> C:\Program Files (x86)\X-Rite\ColorMunki Display\XRGamma.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
Startup: C:\Users\Tina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3133213367-1338719558-82200134-1001] => http=127.0.0.1:49298;https=127.0.0.1:49298
HKU\S-1-5-21-3133213367-1338719558-82200134-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.100

FireFox:
========
FF ProfilePath: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\zhstxkhm.default
FF NewTab: google.de
FF SearchEngineOrder.1: SuchMaschine
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3133213367-1338719558-82200134-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Tina\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\zhstxkhm.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\zhstxkhm.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\zhstxkhm.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\zhstxkhm.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\zhstxkhm.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\zhstxkhm.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\zhstxkhm.default\searchplugins\webde-suche.xml
FF Extension: WEB.DE MailCheck - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\zhstxkhm.default\Extensions\toolbar@web.de [2014-12-17]
FF Extension: Best Video Downloader 2 - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\zhstxkhm.default\Extensions\{170503FA-3349-4F17-BC86-001888A5C8E2}.xpi [2014-04-20]
FF Extension: ProxTube - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\zhstxkhm.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2014-09-13]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-26]
FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2015-01-26]
FF HKLM-x32\...\Thunderbird\Extensions: [{857610fe-b36c-47f2-b4fa-6b7affe0cf5a}] - C:\Program Files (x86)\Mobile Master\ext\1
FF Extension: Mobile Master Add-In - C:\Program Files (x86)\Mobile Master\ext\1 [2014-10-21]
FF HKU\S-1-5-21-3133213367-1338719558-82200134-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\zhstxkhm.default\extensions\cliqz@cliqz.com
FF HKU\S-1-5-21-3133213367-1338719558-82200134-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43112 2012-02-16] (ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-09-07] (Adobe Systems) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-12-31] (Garmin Ltd or its subsidiaries)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [103992 2012-10-26] (MSI)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-08-19] (MSI)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [83312 2014-04-10] (X-Rite Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50976 2014-10-03] (AVG Technologies)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-01] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_1_0_6; C:\Program Files (x86)\Setup Files\Ms7817vA20\NTIOLib_X64.sys [11888 2011-01-06] (MSI) [File not signed]
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation                           )
R3 stdriver; C:\Windows\system32\DRIVERS\stdriverx64.sys [33488 2014-07-11] ()
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R2 WinI2C-DDC; C:\WINDOWS\system32\drivers\DDCDrv.sys [20832 2011-10-06] (Nicomsoft Ltd.)
R2 WinI2C-DDC; C:\WINDOWS\SysWOW64\drivers\DDCDrv.sys [10240 2011-10-12] (Nicomsoft Ltd.) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-22 18:23 - 2015-02-22 18:23 - 00017984 _____ () C:\Users\Tina\Desktop\FRST.txt
2015-02-22 18:22 - 2015-02-22 18:23 - 00000000 ____D () C:\FRST
2015-02-22 18:21 - 2015-02-22 18:21 - 02087424 _____ (Farbar) C:\Users\Tina\Desktop\FRST64.exe
2015-02-22 17:14 - 2015-02-22 17:14 - 00000776 _____ () C:\Users\Tina\Downloads\Eset Scan 22.02.15
2015-02-22 13:46 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-22 13:46 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-22 13:46 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-22 13:46 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-02-22 13:46 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-02-22 13:46 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-02-22 13:46 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-02-22 13:46 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-02-22 13:46 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-02-22 13:46 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-02-22 13:46 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-02-22 13:45 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-22 13:45 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-22 13:45 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-22 13:45 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-22 13:45 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-22 13:45 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-22 13:45 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-22 13:45 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-22 13:45 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-22 13:45 - 2015-01-12 03:32 - 06041088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-22 13:45 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-22 13:45 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-22 13:45 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-22 13:45 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-22 13:45 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-22 13:45 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-22 13:45 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-22 13:45 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-22 13:45 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-22 13:45 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-22 13:45 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-22 13:45 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-22 13:45 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-22 13:45 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-22 13:45 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-22 13:45 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-22 13:45 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-22 13:45 - 2015-01-12 02:29 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-22 13:45 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-22 13:45 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-22 13:45 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-22 13:45 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-22 13:45 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-22 13:45 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-22 13:45 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-22 13:45 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-22 13:45 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-22 13:45 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-22 13:45 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-22 13:45 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-22 13:45 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-22 13:45 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-22 13:45 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-22 13:45 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-22 13:45 - 2014-12-09 00:12 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-22 13:45 - 2014-10-29 03:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2015-02-22 13:45 - 2014-10-29 03:50 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2015-02-22 13:45 - 2014-10-29 03:06 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2015-02-22 13:45 - 2014-10-29 03:06 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2015-02-22 13:45 - 2014-10-29 02:31 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-02-22 13:44 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-22 13:44 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-22 13:41 - 2015-02-22 13:41 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-02-22 13:39 - 2015-02-22 13:45 - 81641472 _____ () C:\Users\Tina\Downloads\ess8_nt64_deu.msi
2015-02-22 13:39 - 2015-02-22 13:41 - 02347384 _____ (ESET) C:\Users\Tina\Downloads\esetsmartinstaller_deu.exe
2015-02-22 13:39 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-22 13:39 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-22 13:38 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-22 13:38 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-22 13:35 - 2015-02-22 13:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2015-02-19 17:54 - 2015-02-19 17:54 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Garmin
2015-02-19 17:54 - 2015-02-19 17:54 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Garmin
2015-02-10 08:33 - 2015-02-22 13:23 - 00000000 ____D () C:\Users\Tina\AppData\Local\10277bbb-e5ec-4000-9816-425134626346
2015-02-03 19:07 - 2015-02-22 16:54 - 00000000 ____D () C:\Program Files (x86)\Search Extensions
2015-02-03 19:07 - 2015-02-03 19:07 - 00004320 _____ () C:\WINDOWS\System32\Tasks\RocketTab Update Task
2015-02-03 19:07 - 2015-02-03 19:07 - 00003532 _____ () C:\WINDOWS\System32\Tasks\RocketTab
2015-02-03 19:05 - 2015-02-22 13:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2015-02-03 19:05 - 2015-02-03 19:06 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2015-02-03 19:05 - 2015-02-03 19:05 - 00000000 ____D () C:\Program Files (x86)\YTD Video Downloader
2015-02-03 19:03 - 2015-02-03 19:03 - 00105808 _____ (GreenTree Applications SRL) C:\Users\Tina\Downloads\YTDSetup.exe
2015-01-26 19:11 - 2015-01-26 19:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-25 19:50 - 2015-01-25 19:50 - 00001172 _____ () C:\Users\Public\Desktop\Machinarium.lnk
2015-01-25 19:50 - 2015-01-25 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daedalic Entertainment
2015-01-25 19:48 - 2015-01-25 19:48 - 00000000 ____D () C:\Program Files (x86)\Daedalic Entertainment
2015-01-25 13:17 - 2015-01-25 13:17 - 00001055 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-01-25 13:17 - 2015-01-25 13:17 - 00001043 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-01-25 13:17 - 2015-01-25 13:17 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-01-25 13:17 - 2014-12-15 11:45 - 00035112 _____ (TeamViewer GmbH) C:\WINDOWS\system32\Drivers\teamviewervpn.sys
2015-01-25 13:16 - 2015-01-25 13:16 - 07718224 _____ (TeamViewer GmbH) C:\Users\Tina\Downloads\TeamViewer_Setup_de.exe
2015-01-25 13:07 - 2015-01-25 13:08 - 00000000 ____D () C:\Program Files\Defraggler
2015-01-25 13:07 - 2015-01-25 13:07 - 00001736 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2015-01-25 13:07 - 2015-01-25 13:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2015-01-25 13:06 - 2015-01-25 13:06 - 04362512 _____ (Piriform Ltd) C:\Users\Tina\Downloads\dfsetup218.exe
2015-01-24 19:55 - 2015-01-24 19:55 - 00001640 _____ () C:\Users\Tina\Desktop\GameMaker-Studio.exe - Verknüpfung.lnk
2015-01-24 16:42 - 2015-01-24 16:42 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\dvdcss
2015-01-24 12:49 - 2015-01-24 12:49 - 00000000 ____D () C:\Users\Tina\AppData\Local\Logitech® Webcam-Software
2015-01-24 12:45 - 2015-01-25 21:47 - 00008198 _____ () C:\WINDOWS\system32\lvcoinst.log
2015-01-24 12:45 - 2015-01-24 12:45 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\Leadertech
2015-01-24 12:45 - 2015-01-24 12:45 - 00000000 ____D () C:\ProgramData\LogiShrd
2015-01-24 12:44 - 2015-01-24 12:45 - 00003791 _____ () C:\WINDOWS\LDPINST.LOG
2015-01-24 12:44 - 2015-01-24 12:45 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2015-01-24 12:44 - 2015-01-24 12:45 - 00000000 ____D () C:\Program Files (x86)\Logitech
2015-01-24 12:44 - 2015-01-24 12:44 - 00001656 _____ () C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
2015-01-24 12:44 - 2015-01-24 12:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-01-24 12:32 - 2015-01-24 12:37 - 74520472 _____ (Logitech, Inc.) C:\Users\Tina\Downloads\lws280.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-22 18:02 - 2013-12-16 22:01 - 01403409 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-22 18:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-22 17:46 - 2013-12-16 17:34 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3133213367-1338719558-82200134-1001
2015-02-22 17:44 - 2013-11-14 08:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-22 17:44 - 2013-11-14 08:11 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-22 17:44 - 2013-11-14 08:11 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-22 17:44 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-22 17:42 - 2014-05-29 19:51 - 00000572 _____ () C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3133213367-1338719558-82200134-1001.job
2015-02-22 17:41 - 2013-12-29 14:26 - 00000000 ___DO () C:\Users\Tina\SkyDrive
2015-02-22 17:37 - 2013-08-22 15:46 - 00336209 _____ () C:\WINDOWS\setupact.log
2015-02-22 17:37 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-22 17:37 - 2013-08-22 15:44 - 00392120 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-22 17:36 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-22 15:41 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-22 13:35 - 2014-11-09 19:25 - 00003556 _____ () C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2015-02-22 13:35 - 2014-11-09 19:25 - 00001904 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2015-02-22 13:35 - 2014-11-09 19:25 - 00000000 ____D () C:\ProgramData\Garmin
2015-02-22 13:35 - 2014-11-09 19:25 - 00000000 ____D () C:\Program Files (x86)\Garmin
2015-02-22 13:35 - 2014-11-09 19:22 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-22 13:33 - 2013-12-19 09:01 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\Skype
2015-02-22 13:24 - 2013-12-16 21:57 - 00000000 ____D () C:\Users\Tina
2015-02-22 13:23 - 2014-12-02 19:20 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-02-22 13:23 - 2014-09-25 08:09 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-22 13:23 - 2013-12-19 00:00 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\Winamp
2015-02-22 13:23 - 2013-12-16 19:38 - 00000000 ___HD () C:\SuperChargerProfile
2015-02-22 13:23 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-02-22 13:23 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinMetadata
2015-02-22 13:23 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-02-22 13:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-22 13:23 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-02-22 13:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\registration
2015-02-22 13:18 - 2013-12-19 09:01 - 00000000 ____D () C:\ProgramData\Skype
2015-02-22 13:14 - 2013-12-28 19:31 - 00000000 ____D () C:\Users\Tina\AppData\Local\SoulseekQt
2015-02-17 18:20 - 2013-12-19 14:25 - 00434176 ___SH () C:\Users\Tina\Desktop\Thumbs.db
2015-02-16 06:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-14 22:04 - 2013-12-16 20:25 - 00000000 ____D () C:\Users\Tina\AppData\Local\CrashDumps
2015-02-13 22:03 - 2013-12-16 19:39 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-11 19:08 - 2014-05-29 19:51 - 00003568 _____ () C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-3133213367-1338719558-82200134-1001
2015-02-11 18:37 - 2014-10-21 19:28 - 00003850 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1413915750
2015-02-11 18:37 - 2014-10-21 19:22 - 00001057 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-02-11 18:37 - 2014-10-21 19:22 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-02-08 09:57 - 2013-11-13 23:18 - 00034918 _____ () C:\WINDOWS\PFRO.log
2015-02-07 20:24 - 2015-01-17 22:30 - 00000000 ____D () C:\Human Trust
2015-02-03 20:31 - 2013-08-22 16:38 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2013-08-22 16:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-03 19:05 - 2014-04-20 12:30 - 00001072 _____ () C:\Users\Public\Desktop\YTD Video Downloader.lnk
2015-01-29 17:42 - 2013-12-16 19:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-25 21:11 - 2014-12-13 12:46 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\GameMaker-Studio
2015-01-25 21:11 - 2014-12-13 12:27 - 00000000 ____D () C:\Users\Tina\AppData\Local\GameMaker-Studio
2015-01-24 18:19 - 2015-01-10 20:42 - 00000000 ____D () C:\Movie
2015-01-24 18:18 - 2013-12-22 18:21 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\vlc
2015-01-24 12:30 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-24 12:25 - 2013-12-16 17:28 - 00000000 ____D () C:\Users\Tina\AppData\Local\Packages

==================== Files in the root of some directories =======

2014-06-08 19:25 - 2014-06-08 19:25 - 0000268 ___RH () C:\Users\Tina\AppData\Roaming\Images
2014-06-08 19:25 - 2014-06-08 19:25 - 0000268 ___RH () C:\Users\Tina\AppData\Roaming\Importer
2014-06-08 19:25 - 2014-06-08 19:25 - 0000268 ___RH () C:\Users\Tina\AppData\Roaming\InkjetPrinter
2014-07-11 18:24 - 2014-07-11 18:24 - 0001167 _____ () C:\Users\Tina\AppData\Roaming\trace_FilterInstaller.txt
2014-07-11 18:24 - 2014-07-11 18:24 - 0000000 _____ () C:\Users\Tina\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2015-01-11 18:49 - 2015-01-11 18:49 - 0007622 _____ () C:\Users\Tina\AppData\Local\recently-used.xbel
2013-12-25 18:37 - 2013-12-25 18:37 - 0000017 _____ () C:\Users\Tina\AppData\Local\resmon.resmoncfg
2013-12-16 21:55 - 2013-12-16 21:55 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-06-08 19:25 - 2014-06-08 19:25 - 0000268 ___RH () C:\ProgramData\Instrument Library
2014-06-08 19:25 - 2014-06-08 19:25 - 0000268 ___RH () C:\ProgramData\Internet Plug-Ins
2014-06-08 19:25 - 2014-06-08 19:25 - 0000268 ___RH () C:\ProgramData\Internet Services
2014-06-08 19:25 - 2014-06-08 19:25 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2014-06-08 19:25 - 2014-08-31 09:43 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-06-08 19:25 - 2014-08-31 09:43 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT

Some content of TEMP:
====================
C:\Users\Tina\AppData\Local\Temp\Execute2App.exe
C:\Users\Tina\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Tina\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Tina\AppData\Local\Temp\fp_pl_pfs_installer-2.exe
C:\Users\Tina\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Tina\AppData\Local\Temp\Kies2RemoveAll.exe
C:\Users\Tina\AppData\Local\Temp\msvcp90.dll
C:\Users\Tina\AppData\Local\Temp\msvcr90.dll
C:\Users\Tina\AppData\Local\Temp\nsaF704.exe
C:\Users\Tina\AppData\Local\Temp\nseAB8F.exe
C:\Users\Tina\AppData\Local\Temp\nsiAA26.exe
C:\Users\Tina\AppData\Local\Temp\nslEB29.exe
C:\Users\Tina\AppData\Local\Temp\nslF87C.exe
C:\Users\Tina\AppData\Local\Temp\nsu94A7.exe
C:\Users\Tina\AppData\Local\Temp\nswECA1.exe
C:\Users\Tina\AppData\Local\Temp\nsz92F1.exe
C:\Users\Tina\AppData\Local\Temp\oi_{975A464C-6C9B-429E-BE67-7501BD5BDD21}.exe
C:\Users\Tina\AppData\Local\Temp\PrefJsonCpp.exe
C:\Users\Tina\AppData\Local\Temp\Quarantine.exe
C:\Users\Tina\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Tina\AppData\Local\Temp\SPSetup.exe
C:\Users\Tina\AppData\Local\Temp\sqlite3.dll
C:\Users\Tina\AppData\Local\Temp\sqlite3.exe
C:\Users\Tina\AppData\Local\Temp\sysad.exe
C:\Users\Tina\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Tina\AppData\Local\Temp\System.Data.SQLite10277bbb-e5ec-4000-9816-425134626346.dll
C:\Users\Tina\AppData\Local\Temp\vlc-2.1.4-win64.exe
C:\Users\Tina\AppData\Local\Temp\vlc-2.1.5-win64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-19 18:36

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-02-2015
Ran by Tina at 2015-02-22 18:23:45
Running from C:\Users\Tina\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

“RocketTab” (HKLM-x32\...\RocketTab) (Version:  - “RocketTab”)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.4 64-bit (HKLM\...\{558B5965-CC1B-4AF1-BA07-5D6832404050}) (Version: 5.4.0 - Adobe Systems Incorporated)
Adobe Premiere Pro 2.0 (HKLM-x32\...\Adobe Premiere Pro 2.0) (Version: 2.000.000 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-3133213367-1338719558-82200134-1001\...\Amazon Kindle) (Version:  - Amazon)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Any Video Converter 5.7.0 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
ArcSoft Panorama Maker 6 (HKLM-x32\...\{8A7D0970-C0A4-4B56-94D4-E3A175AB45BB}) (Version: 6.0.0.94 - ArcSoft)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Citrix Online Launcher (HKLM-x32\...\{F17C3DC2-2ACA-4B0E-BDBF-ACE61B14E7CD}) (Version: 1.0.183 - Citrix)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
CloudReading (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.1.47.1220 - Foxit Corporation)
ColorMunki Display 1.1.1 (HKLM-x32\...\ColorMunki Display_is1) (Version:  - X-Rite)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Elevated Installer (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.0.9 - MSI)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.2.1224 - Foxit Corporation)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free Video to JPG Converter version 5.0.46.820 (HKLM-x32\...\Free Video to JPG Converter_is1) (Version: 5.0.46.820 - DVDVideoSoft Ltd.)
GameMaker: Player (HKLM-x32\...\GameMakerPlayer) (Version: 1.4.242.35310 - YoYo Games Ltd.)
GameMaker-Studio 1.4 (HKU\S-1-5-21-3133213367-1338719558-82200134-1001\...\GameMaker-Studio14) (Version:  - YoYo Games Ltd.)
Garmin Express (HKLM-x32\...\{855d8086-4275-4bd3-a7a8-b44da3a56d7a}) (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
GoToMeeting 6.4.12.2331 (HKU\S-1-5-21-3133213367-1338719558-82200134-1001\...\GoToMeeting) (Version: 6.4.12.2331 - CitrixOnline)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{B1AC3709-3E98-4F2C-A84E-4BCA2A452E64}) (Version: 4.2.40.2418 - Intel Corporation)
LibreOffice 4.1 Help Pack (German) (HKLM-x32\...\{0779889E-1A20-4E21-9150-7F42BD09ED63}) (Version: 4.1.3.2 - The Document Foundation)
LibreOffice 4.1.3.2 (HKLM-x32\...\{4F3722AD-197D-4DBB-BDFB-D2F0D6776354}) (Version: 4.1.3.2 - The Document Foundation)
Live Update 5 (HKLM-x32\...\{E8BAA541-D161-4C9B-85BF-01F05A56BD7F}}_is1) (Version: 5.0.113 - MSI)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Machinarium (HKLM-x32\...\{4D96D2F0-8FB4-45C2-9B80-2DCB88016316}_is1) (Version:  - Daedalic Entertainment)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Messer v0.992 (HKLM-x32\...\Messer_is1) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mobile Master (x32 Version: 8.9.4 - Jumping Bytes) Hidden
Mobile Master 8.9.4 (HKLM-x32\...\Mobile Master) (Version: 8.9.4 - Jumping Bytes)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MyFreeCodec (HKU\S-1-5-21-3133213367-1338719558-82200134-1001\...\MyFreeCodec) (Version:  - )
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.3.1 - Nikon)
Opera Stable 27.0.1689.69 (HKLM-x32\...\Opera 27.0.1689.69) (Version: 27.0.1689.69 - Opera Software ASA)
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.4.3 - Nikon)
PrintKey2000 (HKLM-x32\...\PrintKey2000) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7106 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14074.11 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14074.11 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SoulseekQt (HKLM-x32\...\SoulseekQt) (Version:  - )
SoundTap Audiostream-Rekorder (HKLM-x32\...\SoundTap) (Version: 2.27 - NCH Software)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.019 - MSI)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
ViewNX 2 (HKLM-x32\...\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}) (Version: 2.3.2 - Nikon)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 2.10.1.1735 - 1&1 Mail & Media GmbH)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
X-Rite Device Services Manager (HKLM-x32\...\{64B461D5-ABCA-4394-9336-848F7C283B1C}) (Version: 2.3.81 - X-Rite)
YTD Video Downloader 4.8.9 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.9 - GreenTree Applications SRL) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3133213367-1338719558-82200134-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Tina\AppData\Local\Citrix\GoToMeeting\1350\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

==================== Restore Points  =========================

05-02-2015 19:06:09 Geplanter Prüfpunkt
13-02-2015 22:01:36 Windows Update
19-02-2015 17:53:49 Garmin Express
22-02-2015 13:16:58 Wiederherstellungsvorgang

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1647D0BB-CF9B-4287-AF9C-98693A4BB18B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-14] (Microsoft Corporation)
Task: {4999D487-C5F2-446D-A4E3-E42FF10B3529} - System32\Tasks\X-Rite Device Services Software Updater => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe [2014-04-10] (X-Rite Inc.)
Task: {6F8E63F0-4A44-4609-8557-8B950640EC4D} - System32\Tasks\RocketTab => cmd.exe /C start "" "C:\Program Files (x86)\Search Extensions\Client.exe" /Preferred=true <==== ATTENTION
Task: {84C51814-E60D-4516-A7DE-7FB657A38CB1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {8C55BCF0-B883-4904-92D0-E5CE2F4F1200} - System32\Tasks\G2MUpdateTask-S-1-5-21-3133213367-1338719558-82200134-1001 => C:\Users\Tina\AppData\Local\Citrix\GoToMeeting\2331\g2mupdate.exe [2015-02-11] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {9AE9D2FA-0569-4E45-AD02-8920F16952B1} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-12-31] ()
Task: {C9DE50F8-519D-46C3-9C71-81BED86AB5F5} - System32\Tasks\{6D515B0D-1727-46D2-B479-B3E5F8AC3E0C} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe" -c -runfromtemp -l0x0409  -removeonly
Task: {CE73133D-6DFC-4F46-8FE2-D73A051CFA60} - System32\Tasks\Opera scheduled Autoupdate 1413915750 => C:\Program Files (x86)\Opera\launcher.exe [2015-02-10] (Opera Software)
Task: {E45C231A-0FF2-41E3-B4CA-C1C390A88E15} - System32\Tasks\RocketTab Update Task => C:\Program Files (x86)\Search Extensions\uninstall.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3133213367-1338719558-82200134-1001.job => C:\Users\Tina\AppData\Local\Citrix\GoToMeeting\2331\g2mupdate.exe
Task: C:\WINDOWS\Tasks\X-Rite Device Services Software Updater.job => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe

==================== Loaded Modules (whitelisted) ==============

2013-08-01 17:31 - 2013-08-01 17:31 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-08-01 17:31 - 2013-08-01 17:31 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-01 17:31 - 2013-08-01 17:31 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-08-31 13:59 - 2014-06-18 13:58 - 02218496 _____ () C:\Program Files (x86)\X-Rite\ColorMunki Display\ColorMunkiDisplayTray.exe
2012-09-13 00:38 - 2012-09-13 00:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2013-08-22 08:19 - 2013-08-22 07:54 - 00174592 _____ () C:\WINDOWS\system32\WinMetadata\Windows.UI.winmd
2013-06-21 12:29 - 2013-06-21 12:29 - 01588224 _____ () C:\Program Files (x86)\X-Rite\Devices\rm200\GoldenEye.dll
2013-06-21 12:29 - 2013-06-21 12:29 - 02633728 _____ () C:\Program Files (x86)\X-Rite\Devices\colormunki\colormunki.dll
2013-12-16 18:30 - 2013-09-17 03:19 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-01-26 19:11 - 2015-01-26 19:11 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-08-31 13:58 - 2014-06-18 12:12 - 44451328 _____ () C:\Program Files (x86)\X-Rite\ColorMunki Display\Prism.dll
2014-08-31 13:59 - 2010-06-01 21:44 - 07982592 _____ () C:\Program Files (x86)\X-Rite\ColorMunki Display\QtGui4.dll
2014-08-31 13:59 - 2010-12-14 11:25 - 02147328 _____ () C:\Program Files (x86)\X-Rite\ColorMunki Display\QtCore4.dll
2014-08-31 13:58 - 2014-06-18 12:12 - 03449344 _____ () C:\Program Files (x86)\X-Rite\ColorMunki Display\CxF2_VC90MD_2.1.dll
2014-08-31 13:58 - 2014-06-18 12:12 - 00898560 _____ () C:\Program Files (x86)\X-Rite\ColorMunki Display\libxml2.dll
2014-08-31 13:58 - 2014-06-18 12:12 - 00073728 _____ () C:\Program Files (x86)\X-Rite\ColorMunki Display\zlib1.dll
2014-08-31 13:58 - 2010-10-28 16:17 - 00131072 _____ () C:\Program Files (x86)\X-Rite\ColorMunki Display\imageformats\qjpeg4.dll
2014-08-31 13:58 - 2010-10-28 16:17 - 00278528 _____ () C:\Program Files (x86)\X-Rite\ColorMunki Display\imageformats\qtiff4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Tina\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3133213367-1338719558-82200134-1001\Control Panel\Desktop\\Wallpaper -> E:\Backup Elvis Presley\Arno\1148829_228217750661710_1558444982_n.jpg
DNS Servers: 192.168.178.100

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "Live Update 5"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"

==================== Accounts: =============================

Administrator (S-1-5-21-3133213367-1338719558-82200134-500 - Administrator - Disabled)
Elvis (S-1-5-21-3133213367-1338719558-82200134-1006 - Limited - Enabled)
Gast (S-1-5-21-3133213367-1338719558-82200134-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3133213367-1338719558-82200134-1005 - Limited - Enabled)
Tina (S-1-5-21-3133213367-1338719558-82200134-1001 - Administrator - Enabled) => C:\Users\Tina

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/22/2015 05:20:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (02/22/2015 05:18:10 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (02/22/2015 05:18:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (02/22/2015 05:14:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (02/22/2015 02:32:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.4.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1308

Startzeit: 01d04ea2e32d9b22

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 26767f03-ba97-11e4-bea2-d43d7ee3d7ac

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (02/22/2015 02:00:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1244) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\WINDOWS\system32\SRU\SRU005C9.log.

Error: (02/22/2015 01:41:46 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (02/22/2015 01:41:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (02/22/2015 01:41:40 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (02/19/2015 07:07:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.


System errors:
=============
Error: (02/22/2015 05:34:19 PM) (Source: DCOM) (EventID: 10010) (User: I5-4771)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (02/22/2015 05:34:19 PM) (Source: DCOM) (EventID: 10010) (User: I5-4771)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (02/22/2015 01:34:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/22/2015 01:27:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (02/22/2015 01:27:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Core Update Service erreicht.

Error: (02/22/2015 01:25:29 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error: (02/22/2015 01:17:36 PM) (Source: DCOM) (EventID: 10010) (User: I5-4771)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (02/19/2015 05:54:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/18/2015 06:07:00 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (02/18/2015 06:06:59 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.


Microsoft Office Sessions:
=========================
Error: (02/22/2015 05:20:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (02/22/2015 05:18:10 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Tina\Downloads\esetsmartinstaller_deu.exe

Error: (02/22/2015 05:18:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Tina\Downloads\esetsmartinstaller_deu.exe

Error: (02/22/2015 05:14:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Tina\Downloads\esetsmartinstaller_deu.exe

Error: (02/22/2015 02:32:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.4.9600.16384130801d04ea2e32d9b224294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\LiveComm.exe26767f03-ba97-11e4-bea2-d43d7ee3d7acmicrosoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (02/22/2015 02:00:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost1244SRUJet: C:\WINDOWS\system32\SRU\SRU005C9.log-1811 (0xfffff8ed)

Error: (02/22/2015 01:41:46 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Tina\Downloads\esetsmartinstaller_deu.exe

Error: (02/22/2015 01:41:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Tina\Downloads\esetsmartinstaller_deu.exe

Error: (02/22/2015 01:41:40 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Tina\Downloads\esetsmartinstaller_deu.exe

Error: (02/19/2015 07:07:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Tina\Downloads\esetsmartinstaller_deu.exe


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4771 CPU @ 3.50GHz
Percentage of memory in use: 26%
Total physical RAM: 8054.05 MB
Available physical RAM: 5919.63 MB
Total Pagefile: 9334.05 MB
Available Pagefile: 7268.88 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.67 GB) (Free:1279.17 GB) NTFS
Drive d: (Machinarium) (CDROM) (Total:0.4 GB) (Free:0 GB) CDFS
Drive e: (Storage) (Fixed) (Total:1863.01 GB) (Free:341.66 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 1E935561)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 30DCFACE)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End Of Log ============================

cosinus · 22.02.2015, 18:29

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

YTD Video Downloader 4.8.9
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Nashvilla · 22.02.2015, 18:38

Ok, ich habe alles befolgt und es wurden keine Reste mehr gefunden.

cosinus · 22.02.2015, 18:40

Okay, dann Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Nashvilla · 22.02.2015, 22:10

Hier die Kontrollscans:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 22.02.2015
Suchlauf-Zeit: 18:50:06
Logdatei: mbam.txt
Administrator: Nein

Version: 2.00.4.1028
Malware Datenbank: v2015.02.22.05
Rootkit Datenbank: v2015.02.22.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Tina

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 373417
Verstrichene Zeit: 7 Min, 18 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 5
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, In Quarantäne, [fd80d34e5c2e2016976d36e5a75ea55b], 
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, In Quarantäne, [295478a986046accf70cba61ca3b03fd], 
PUP.Optional.RocketTab.A, HKLM\SOFTWARE\WOW6432NODE\RocketTab, In Quarantäne, [ec919889345675c1b3970aa60af97a86], 
PUP.Optional.RocketTab.A, HKU\S-1-5-21-3133213367-1338719558-82200134-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\RocketTabInstalled, In Quarantäne, [90ed5dc4e9a19a9cfa51f9b7976c9c64], 
PUP.Optional.RocketTab.A, HKU\S-1-5-21-3133213367-1338719558-82200134-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SEARCH EXTENSIONS, In Quarantäne, [e994aa7789017eb800f166b722e3817f], 

Registrierungswerte: 1
PUP.Optional.RocketTab.A, HKU\S-1-5-21-3133213367-1338719558-82200134-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SEARCH EXTENSIONS|RocketTab, 1, In Quarantäne, [e994aa7789017eb800f166b722e3817f]

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 3
PUP.Optional.SearchExtensions.A, C:\Program Files (x86)\Search Extensions, In Quarantäne, [e7968b96bad0310549a5a37a6c997888], 
PUP.Optional.SearchExtensions.A, C:\Program Files (x86)\Search Extensions\Resources, In Quarantäne, [e7968b96bad0310549a5a37a6c997888], 
PUP.Optional.MindSpark.A, C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\zhstxkhm.default\TelevisionFanatic, In Quarantäne, [6e0f958c55350432c6a4e1833ac9d927], 

Dateien: 55
PUP.Optional.Conduit.A, C:\Users\Tina\AppData\Local\Temp\nsaF704.exe, In Quarantäne, [7508b36e226887afa7af08a321e04bb5], 
PUP.Optional.SearchProtect.A, C:\Users\Tina\AppData\Local\Temp\nseAB8F.exe, In Quarantäne, [f984b56c098187afb24955fc0cf53ec2], 
PUP.Optional.SearchProtect.A, C:\Users\Tina\AppData\Local\Temp\SPSetup.exe, In Quarantäne, [a8d5051c55352e0892e12f8656abef11], 
PUP.Optional.SearchProtect.A, C:\Users\Tina\AppData\Local\Temp\nsz92F1.exe, In Quarantäne, [c8b562bfc5c5de58ed0ed18025dce51b], 
PUP.Optional.SearchProtect.A, C:\Users\Tina\AppData\Local\Temp\nsiAA26.exe, In Quarantäne, [a0dd948d12780b2b32c99ab7f01159a7], 
PUP.Optional.Conduit.A, C:\Users\Tina\AppData\Local\Temp\nslEB29.exe, In Quarantäne, [ee8f2ff2711944f22036901be51c5ba5], 
PUP.Optional.Conduit.A, C:\Users\Tina\AppData\Local\Temp\nslF87C.exe, In Quarantäne, [fc816cb56f1b44f261f529824fb2af51], 
PUP.Optional.SearchProtect.A, C:\Users\Tina\AppData\Local\Temp\nsu94A7.exe, In Quarantäne, [6c1139e818729e98c03bb89945bcba46], 
PUP.Optional.SearchProtect.A, C:\Users\Tina\AppData\Local\Temp\nsuDDBF.tmp, In Quarantäne, [a6d751d08ffb5bdbc3b0e4d1fe03de22], 
PUP.Optional.Conduit.A, C:\Users\Tina\AppData\Local\Temp\nswECA1.exe, In Quarantäne, [314c0b16deacc0764b0baa012ad7b54b], 
PUP.Optional.ClientConnect, C:\Users\Tina\AppData\Local\Temp\e15faff0-a1eb-40b5-aa77-af9f6cbdf489\Samsung_Kies__Kies_3.exe, In Quarantäne, [abd27fa20684a3932535ffc952afcd33], 
PUP.Optional.Conduit.A, C:\Users\Tina\AppData\Local\Temp\nszFA98\SpSetup.exe, In Quarantäne, [522bf82941496ccae00f00465ba6837d], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nsgBAEE.exe, In Quarantäne, [a4d94ad790fa053131257c2ff20f6799], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nsn36EA.exe, In Quarantäne, [acd1bd64b1d9171f8dc94b601be64fb1], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nsn4FC.exe, In Quarantäne, [d4a967bab4d6999de2741695f40d3ec2], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nsn8D3D.exe, In Quarantäne, [35482df44b3f23135cfa6447da270bf5], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nst2AA5.exe, In Quarantäne, [4e2f6fb25a304cea20365853956c946c], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nst9BD3.exe, In Quarantäne, [6914c25f3a50e55140163f6c768bd32d], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nsu4B09.exe, In Quarantäne, [621b968bb2d8b48224322b80847d2ad6], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nsu4E37.exe, In Quarantäne, [0974998899f18ea8dd79dccfbf4226da], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nsw643B.exe, In Quarantäne, [5d20f72a2466251158feb1fab15049b7], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nsyFAF0.exe, In Quarantäne, [4637e938b5d5979f66f077341fe2b848], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nszD82C.exe, In Quarantäne, [e697ef32e1a9dc5a490df2b98978926e], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nsh5779.exe, In Quarantäne, [314cd64b7614ce68d97dd5d6788954ac], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nshB19E.exe, In Quarantäne, [bfbe928f90fac373b79f515a966b7f81], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nshF56B.exe, In Quarantäne, [2558ae73d4b6e25487cf129971908c74], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nsk3F50.exe, In Quarantäne, [c7b66fb26d1d40f6d086acff926fd22e], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nslE6D9.exe, In Quarantäne, [700d67ba59312a0cb6a0307b709107f9], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nsaA097.exe, In Quarantäne, [e4991b067812db5b26306645a45d669a], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nsaBE9.exe, In Quarantäne, [dca1869b6d1d6cca8dc9e1cafb060af6], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nscF65B.exe, In Quarantäne, [7a034ed353374aec7bdb3d6e5aa78977], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nseCED5.exe, In Quarantäne, [0a7381a0f595a0965afc17944eb35da3], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nsf3733.exe, In Quarantäne, [0776f0319feb68ce3323377453ae23dd], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nsfCCD1.exe, In Quarantäne, [5c21c25f7b0fa690b79f4d5e4ab7d828], 
PUP.Optional.ClientConnect, C:\Users\Tina\Downloads\Kies3Setup.exe, In Quarantäne, [18652df45d2d72c46bef18b09a672dd3], 
PUP.Optional.Softonic.A, C:\Users\Tina\Downloads\SoftonicDownloader_fuer_messer-â??-memo-session-sound-recorder.exe, In Quarantäne, [522b67badfab4beb852c2d1b8c75db25], 
PUP.Optional.Spigot, C:\Users\Tina\Downloads\YTDSetup_4.8.0.4.exe, In Quarantäne, [ed90c160bad00c2a3886596a6f9233cd], 
PUP.Optional.Downloader, C:\Users\Tina\Downloads\Panorama Maker - CHIP-Installer.exe, In Quarantäne, [5a23061bd9b166d0adee0863ca366799], 
PUP.Optional.DownloadSponsor, C:\Users\Tina\Downloads\Samsung Kies - CHIP-Installer.exe, In Quarantäne, [c5b8e33e6723082ec0a000234fb31ce4], 
PUP.Optional.SearchProtect.A, C:\Windows\apppatch\apppatch64\VCLdr64.dll, In Quarantäne, [3c41c16096f4d3634c27e4d117ea0000], 
PUP.Optional.SearchProtect.A, C:\Windows\apppatch\nbin\VC32Loader.dll, In Quarantäne, [d3aa1e03503a0036aac9feb7639ed42c], 
PUP.Optional.RocketTab.A, C:\Windows\System32\Tasks\RocketTab, In Quarantäne, [7409a67bfd8dff376ce1664af80be21e], 
PUP.Optional.RocketTab.A, C:\Windows\System32\Tasks\RocketTab Update Task, In Quarantäne, [4f2e2ff292f81f177bd2d8d821e226da], 
PUP.Optional.SearchProtect, C:\Windows\apppatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb, In Quarantäne, [126b79a88cfed561eb1c5dbeed18b64a], 
PUP.Optional.SearchExtensions.A, C:\Program Files (x86)\Search Extensions\TrustedRoot.cer, In Quarantäne, [e7968b96bad0310549a5a37a6c997888], 
PUP.Optional.SearchExtensions.A, C:\Program Files (x86)\Search Extensions\certmanager.exe, In Quarantäne, [e7968b96bad0310549a5a37a6c997888], 
PUP.Optional.SearchExtensions.A, C:\Program Files (x86)\Search Extensions\config.dat, In Quarantäne, [e7968b96bad0310549a5a37a6c997888], 
PUP.Optional.SearchExtensions.A, C:\Program Files (x86)\Search Extensions\makecert.exe, In Quarantäne, [e7968b96bad0310549a5a37a6c997888], 
PUP.Optional.SearchExtensions.A, C:\Program Files (x86)\Search Extensions\Resources\certutil.exe, In Quarantäne, [e7968b96bad0310549a5a37a6c997888], 
PUP.Optional.SearchExtensions.A, C:\Program Files (x86)\Search Extensions\Resources\libnspr4.dll, In Quarantäne, [e7968b96bad0310549a5a37a6c997888], 
PUP.Optional.SearchExtensions.A, C:\Program Files (x86)\Search Extensions\Resources\libplc4.dll, In Quarantäne, [e7968b96bad0310549a5a37a6c997888], 
PUP.Optional.SearchExtensions.A, C:\Program Files (x86)\Search Extensions\Resources\libplds4.dll, In Quarantäne, [e7968b96bad0310549a5a37a6c997888], 
PUP.Optional.SearchExtensions.A, C:\Program Files (x86)\Search Extensions\Resources\nss3.dll, In Quarantäne, [e7968b96bad0310549a5a37a6c997888], 
PUP.Optional.SearchExtensions.A, C:\Program Files (x86)\Search Extensions\Resources\smime3.dll, In Quarantäne, [e7968b96bad0310549a5a37a6c997888], 
PUP.Optional.SearchExtensions.A, C:\Program Files (x86)\Search Extensions\Resources\softokn3.dll, In Quarantäne, [e7968b96bad0310549a5a37a6c997888], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

Code:

ATTFilter

C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe.vir	Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe_1416037984690.vir	Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll.vir	Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\sptool.dll_1417539060157.vir	Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\sptool.dll_1418662223629.vir	Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\sptool.dll_1419940849242.vir	Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\sptool.dll_1420735518522.vir	Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe.vir	Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe.vir	Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\RN32.dll.vir	Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPtool64.exe.vir	Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32.dll.vir	Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll.vir	Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64.dll.vir	Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll.vir	Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe.vir	Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\ProgramData\ytd video downloader\ytd_installer.exe.vir	Win32/Toolbar.Widgi evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Tina\AppData\Roaming\OpenCandy\AC258E1265D9489E893E26CCE5B41AB0\sp-downloader.exe.vir	Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung
C:\PC Tina\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\YouTube Downloader\ytd_installer.exe	Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung
C:\PC Tina\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\YTD Video Downloader\ytd_installer.exe	Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung
C:\PC Tina\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\YTD YouTube Downloader & Converter\ytd_installer.exe	Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung
C:\PC Tina\Dokumente und Einstellungen\All Users.WINDOWS\VisualBee\VisualBeeSoftware.exe	Variante von Win32/Toolbar.Babylon.A evtl. unerwünschte Anwendung
C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Anwendungsdaten\OpenCandy\968950F709EE4A0294EBDC21E3B9DF89\Setupsft_chr_p1v7.exe	Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung
C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Eigene Dateien\Downloads\SoftonicDownloader_fuer_facemixer.exe	Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung
C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Lokale Einstellungen\Temporary Internet Files\Content.IE5\01M07FMK\MinibarChrome[1].exe	Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung
C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Lokale Einstellungen\Temporary Internet Files\Content.IE5\CAZ008JS\IMinentToolbar[1].exe	Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung
C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Lokale Einstellungen\Temporary Internet Files\Content.IE5\P9G9I1BJ\MinibarFirefox[1].exe	Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung
C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Lokale Einstellungen\Temporary Internet Files\Content.IE5\SS2M12VB\IminentMinibarIE[1].exe	Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung
C:\PC Tina\Tina2f\Programme\Gemeinsame Dateien\DVDVideoSoft\TB\DVDVideoSoftTB.exe	Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung
C:\PC Tina\Tina2f\Programme\Softonic\Softonic\1.8.21.14\SoftonicApp.dll	Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung
C:\PC Tina\Tina2f\Programme\Softonic\Softonic\1.8.21.14\SoftonicEng.dll	Variante von Win32/Toolbar.Montiera.U evtl. unerwünschte Anwendung
C:\PC Tina\Tina2f\Programme\Softonic\Softonic\1.8.21.14\Softonicsrv.exe	Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung
C:\PC Tina\Tina2f\Programme\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll	Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung
C:\PC Tina\Tina2f\Programme\Softonic\Softonic\1.8.21.14\uninstall.exe	Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung
C:\PC Tina\Tina2f\Programme\Softonic\Softonic\1.8.21.14\bh\Softonic.dll	Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung
C:\PC Tina\Tina2g\FreeStudio.exe	Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung
C:\PC Tina\Tina2g\FreeYouTubeToMp3Converter39.exe	Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\9SZQGA86\sp-downloader[1].exe	Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\9SZQGA86\SPSetup[1].exe	Win32/Conduit.SearchProtect.Q evtl. unerwünschte Anwendung
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\AGMQW810\spstub[1].exe	Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\SPSetup[1].exe	Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung
C:\Users\Tina\AppData\Local\Temp\DMR\dmr_72.exe	Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung
C:\Users\Tina\Downloads\MyPhoneExplorer_Setup_1.8.6_CB-DL-Manager.exe	Variante von Win32/InstallCore.QW evtl. unerwünschte Anwendung

cosinus · 22.02.2015, 22:58

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Nashvilla · 23.02.2015, 07:24

Welche Virenscanner meinst du genau?

cosinus · 23.02.2015, 09:56

Falls du einen Virenscanner hast...

Nashvilla · 23.02.2015, 20:10

Ich habe McAfee deinstalliert und habe sonst keine Virenscanner gefunden...

Code:

ATTFilter

# AdwCleaner v4.111 - Bericht erstellt 23/02/2015 um 19:51:54
# Aktualisiert 18/02/2015 von Xplode
# Datenbank : 2015-02-18.3 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Tina - I5-4771
# Gestarted von : C:\Users\Tina\Desktop\AdwCleaner_4.111.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\Users\Tina\Favorites\Links\Startfenster.lnk

***** [ Geplante Tasks ] *****

Task Gelöscht : RocketTab Update Task
Task Gelöscht : RocketTab

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\rttasks
Schlüssel Gelöscht : HKLM\SOFTWARE\SPPDCOM
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RocketTab
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:49298;hxxps=127.0.0.1:49298

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v35.0.1 (x86 de)


-\\ Opera v27.0.1689.69


*************************

AdwCleaner[R1].txt - [1471 Bytes] - [23/02/2015 19:46:57]
AdwCleaner[R2].txt - [1530 Bytes] - [23/02/2015 19:48:30]
AdwCleaner[S1].txt - [1337 Bytes] - [23/02/2015 19:51:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1396  Bytes] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 8.1 x64
Ran by Tina on 23.02.2015 at 20:01:55,10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Tina\AppData\Roaming\mozilla\firefox\profiles\zhstxkhm.default\extensions\toolbar@web.de
Emptied folder: C:\Users\Tina\AppData\Roaming\mozilla\firefox\profiles\zhstxkhm.default\minidumps [3 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.02.2015 at 20:03:17,86
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-02-2015
Ran by Tina (administrator) on I5-4771 on 23-02-2015 20:06:46
Running from C:\Users\Tina\Desktop
Loaded Profiles: Tina (Available profiles: Tina)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Jumping Bytes) C:\Program Files (x86)\Mobile Master\MMAgent.exe
(Jumping Bytes) C:\Program Files (x86)\Mobile Master\MMScan.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
() C:\Program Files (x86)\X-Rite\ColorMunki Display\ColorMunkiDisplayTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Micro-Star INT'L CO.,LTD.) C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
(Fred's Software) C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7205592 2013-12-03] (Realtek Semiconductor)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [764472 2012-09-19] ()
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-17] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-08-13] (MSI)
HKLM-x32\...\Run: [Live Update 5] => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe [315392 2012-01-30] ()
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3133213367-1338719558-82200134-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3133213367-1338719558-82200134-1001\...\Run: [MMAgent] => C:\Program Files (x86)\Mobile Master\MMAgent.exe [1412080 2014-04-01] (Jumping Bytes)
HKU\S-1-5-21-3133213367-1338719558-82200134-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3133213367-1338719558-82200134-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3133213367-1338719558-82200134-1001\...\MountPoints2: {8203be42-666e-11e3-be65-806e6f6e6963} - "D:\machinarium_install.exe" 
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ColorMunki Display Tray.lnk
ShortcutTarget: ColorMunki Display Tray.lnk -> C:\Program Files (x86)\X-Rite\ColorMunki Display\ColorMunkiDisplayTray.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk
ShortcutTarget: Printkey2000.lnk -> C:\Program Files (x86)\PrintKey2000\Printkey2000.exe (Fred's Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\XRGamma.lnk
ShortcutTarget: XRGamma.lnk -> C:\Program Files (x86)\X-Rite\ColorMunki Display\XRGamma.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
Startup: C:\Users\Tina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3133213367-1338719558-82200134-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.100

FireFox:
========
FF ProfilePath: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\zhstxkhm.default
FF NewTab: google.de
FF SearchEngineOrder.1: SuchMaschine
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3133213367-1338719558-82200134-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Tina\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\zhstxkhm.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\zhstxkhm.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\zhstxkhm.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\zhstxkhm.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\zhstxkhm.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\zhstxkhm.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\zhstxkhm.default\searchplugins\webde-suche.xml
FF Extension: Best Video Downloader 2 - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\zhstxkhm.default\Extensions\{170503FA-3349-4F17-BC86-001888A5C8E2}.xpi [2014-04-20]
FF Extension: ProxTube - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\zhstxkhm.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2014-09-13]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-26]
FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2015-01-26]
FF HKLM-x32\...\Thunderbird\Extensions: [{857610fe-b36c-47f2-b4fa-6b7affe0cf5a}] - C:\Program Files (x86)\Mobile Master\ext\1
FF Extension: Mobile Master Add-In - C:\Program Files (x86)\Mobile Master\ext\1 [2014-10-21]
FF HKU\S-1-5-21-3133213367-1338719558-82200134-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\zhstxkhm.default\extensions\cliqz@cliqz.com

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43112 2012-02-16] (ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-09-07] (Adobe Systems) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-12-31] (Garmin Ltd or its subsidiaries)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [103992 2012-10-26] (MSI)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-08-19] (MSI)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [83312 2014-04-10] (X-Rite Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50976 2014-10-03] (AVG Technologies)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-01] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_1_0_6; C:\Program Files (x86)\Setup Files\Ms7817vA20\NTIOLib_X64.sys [11888 2011-01-06] (MSI) [File not signed]
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation                           )
R3 stdriver; C:\Windows\system32\DRIVERS\stdriverx64.sys [33488 2014-07-11] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R2 WinI2C-DDC; C:\WINDOWS\system32\drivers\DDCDrv.sys [20832 2011-10-06] (Nicomsoft Ltd.)
R2 WinI2C-DDC; C:\WINDOWS\SysWOW64\drivers\DDCDrv.sys [10240 2011-10-12] (Nicomsoft Ltd.) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-23 20:03 - 2015-02-23 20:03 - 00000873 _____ () C:\Users\Tina\Desktop\JRT.txt
2015-02-23 20:01 - 2015-02-23 20:01 - 01388274 _____ (Thisisu) C:\Users\Tina\Desktop\JRT.exe
2015-02-23 19:56 - 2015-02-23 19:56 - 00001476 _____ () C:\Users\Tina\Desktop\AdwCleaner[S1].txt
2015-02-23 19:45 - 2015-02-23 19:51 - 00000000 ____D () C:\AdwCleaner
2015-02-23 19:44 - 2015-02-23 19:44 - 02126848 _____ () C:\Users\Tina\Desktop\AdwCleaner_4.111.exe
2015-02-22 22:20 - 2015-02-22 22:20 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-02-22 19:08 - 2015-02-22 19:08 - 00009464 _____ () C:\Users\Tina\Desktop\mbam.txt
2015-02-22 18:49 - 2015-02-23 19:55 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-22 18:48 - 2015-02-22 18:48 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-22 18:48 - 2015-02-22 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-02-22 18:48 - 2015-02-22 18:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-22 18:48 - 2015-02-22 18:48 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-22 18:48 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-22 18:48 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-02-22 18:48 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-02-22 18:42 - 2015-02-22 18:43 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Tina\Desktop\mbam-setup-2.0.4.1028.exe
2015-02-22 18:32 - 2015-02-22 18:32 - 00001280 _____ () C:\Users\Tina\Desktop\Revo Uninstaller.lnk
2015-02-22 18:32 - 2015-02-22 18:32 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-22 18:31 - 2015-02-22 18:31 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Tina\Desktop\revosetup95.exe
2015-02-22 18:23 - 2015-02-23 20:06 - 00017135 _____ () C:\Users\Tina\Desktop\FRST.txt
2015-02-22 18:23 - 2015-02-22 18:24 - 00034452 _____ () C:\Users\Tina\Desktop\Addition.txt
2015-02-22 18:22 - 2015-02-23 20:06 - 00000000 ____D () C:\FRST
2015-02-22 18:21 - 2015-02-22 18:21 - 02087424 _____ (Farbar) C:\Users\Tina\Desktop\FRST64.exe
2015-02-22 17:46 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-22 17:46 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-22 17:14 - 2015-02-22 17:14 - 00000776 _____ () C:\Users\Tina\Downloads\Eset Scan 22.02.15
2015-02-22 13:46 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-22 13:46 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-22 13:46 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-22 13:46 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-02-22 13:46 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-02-22 13:46 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-02-22 13:46 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-02-22 13:46 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-02-22 13:46 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-02-22 13:46 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-02-22 13:46 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-02-22 13:45 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-22 13:45 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-22 13:45 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-22 13:45 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-22 13:45 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-22 13:45 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-22 13:45 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-22 13:45 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-22 13:45 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-22 13:45 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-22 13:45 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-22 13:45 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-22 13:45 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-22 13:45 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-22 13:45 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-22 13:45 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-22 13:45 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-22 13:45 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-22 13:45 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-22 13:45 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-22 13:45 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-22 13:45 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-22 13:45 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-22 13:45 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-22 13:45 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-22 13:45 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-22 13:45 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-22 13:45 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-22 13:45 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-22 13:45 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-22 13:45 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-22 13:45 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-22 13:45 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-22 13:45 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-22 13:45 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-22 13:45 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-22 13:45 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-22 13:45 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-22 13:45 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-22 13:45 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-22 13:45 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-22 13:45 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-22 13:45 - 2014-12-09 00:12 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-22 13:45 - 2014-10-29 03:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2015-02-22 13:45 - 2014-10-29 03:50 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2015-02-22 13:45 - 2014-10-29 03:06 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2015-02-22 13:45 - 2014-10-29 03:06 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2015-02-22 13:45 - 2014-10-29 02:31 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-02-22 13:44 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-22 13:44 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-22 13:39 - 2015-02-22 22:20 - 02347384 _____ (ESET) C:\Users\Tina\Downloads\esetsmartinstaller_deu.exe
2015-02-22 13:39 - 2015-02-22 13:45 - 81641472 _____ () C:\Users\Tina\Downloads\ess8_nt64_deu.msi
2015-02-22 13:39 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-22 13:39 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-22 13:38 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-22 13:38 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-22 13:35 - 2015-02-22 13:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2015-02-19 17:54 - 2015-02-19 17:54 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Garmin
2015-02-19 17:54 - 2015-02-19 17:54 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Garmin
2015-02-10 08:33 - 2015-02-22 13:23 - 00000000 ____D () C:\Users\Tina\AppData\Local\10277bbb-e5ec-4000-9816-425134626346
2015-02-03 19:03 - 2015-02-03 19:03 - 00105808 _____ (GreenTree Applications SRL) C:\Users\Tina\Downloads\YTDSetup.exe
2015-01-26 19:11 - 2015-01-26 19:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-25 19:50 - 2015-01-25 19:50 - 00001172 _____ () C:\Users\Public\Desktop\Machinarium.lnk
2015-01-25 19:50 - 2015-01-25 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daedalic Entertainment
2015-01-25 19:48 - 2015-01-25 19:48 - 00000000 ____D () C:\Program Files (x86)\Daedalic Entertainment
2015-01-25 13:17 - 2015-01-25 13:17 - 00001055 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-01-25 13:17 - 2015-01-25 13:17 - 00001043 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-01-25 13:17 - 2015-01-25 13:17 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-01-25 13:17 - 2014-12-15 11:45 - 00035112 _____ (TeamViewer GmbH) C:\WINDOWS\system32\Drivers\teamviewervpn.sys
2015-01-25 13:16 - 2015-01-25 13:16 - 07718224 _____ (TeamViewer GmbH) C:\Users\Tina\Downloads\TeamViewer_Setup_de.exe
2015-01-25 13:07 - 2015-01-25 13:08 - 00000000 ____D () C:\Program Files\Defraggler
2015-01-25 13:07 - 2015-01-25 13:07 - 00001736 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2015-01-25 13:07 - 2015-01-25 13:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2015-01-25 13:06 - 2015-01-25 13:06 - 04362512 _____ (Piriform Ltd) C:\Users\Tina\Downloads\dfsetup218.exe
2015-01-24 19:55 - 2015-01-24 19:55 - 00001640 _____ () C:\Users\Tina\Desktop\GameMaker-Studio.exe - Verknüpfung.lnk
2015-01-24 16:42 - 2015-01-24 16:42 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\dvdcss
2015-01-24 12:49 - 2015-01-24 12:49 - 00000000 ____D () C:\Users\Tina\AppData\Local\Logitech® Webcam-Software
2015-01-24 12:45 - 2015-01-25 21:47 - 00008198 _____ () C:\WINDOWS\system32\lvcoinst.log
2015-01-24 12:45 - 2015-01-24 12:45 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\Leadertech
2015-01-24 12:45 - 2015-01-24 12:45 - 00000000 ____D () C:\ProgramData\LogiShrd
2015-01-24 12:44 - 2015-01-24 12:45 - 00003791 _____ () C:\WINDOWS\LDPINST.LOG
2015-01-24 12:44 - 2015-01-24 12:45 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2015-01-24 12:44 - 2015-01-24 12:45 - 00000000 ____D () C:\Program Files (x86)\Logitech
2015-01-24 12:44 - 2015-01-24 12:44 - 00001656 _____ () C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
2015-01-24 12:44 - 2015-01-24 12:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-01-24 12:32 - 2015-01-24 12:37 - 74520472 _____ (Logitech, Inc.) C:\Users\Tina\Downloads\lws280.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-23 20:06 - 2013-12-16 22:01 - 01320511 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-23 20:00 - 2013-12-16 17:34 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3133213367-1338719558-82200134-1001
2015-02-23 20:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-23 19:57 - 2013-11-14 08:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-23 19:57 - 2013-11-14 08:11 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-23 19:57 - 2013-11-14 08:11 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-23 19:55 - 2013-12-29 14:26 - 00000000 ___DO () C:\Users\Tina\SkyDrive
2015-02-23 19:53 - 2013-08-22 15:46 - 00337737 _____ () C:\WINDOWS\setupact.log
2015-02-23 19:52 - 2013-11-13 23:18 - 00049948 _____ () C:\WINDOWS\PFRO.log
2015-02-23 19:52 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-23 19:52 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-23 19:42 - 2014-05-29 19:51 - 00000572 _____ () C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3133213367-1338719558-82200134-1001.job
2015-02-23 19:42 - 2013-12-19 09:01 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\Skype
2015-02-23 17:43 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-23 04:48 - 2013-12-16 19:39 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-23 04:47 - 2013-12-16 19:39 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-23 04:47 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-22 22:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-22 17:37 - 2013-08-22 15:44 - 00392120 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-22 13:35 - 2014-11-09 19:25 - 00003556 _____ () C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2015-02-22 13:35 - 2014-11-09 19:25 - 00001904 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2015-02-22 13:35 - 2014-11-09 19:25 - 00000000 ____D () C:\ProgramData\Garmin
2015-02-22 13:35 - 2014-11-09 19:25 - 00000000 ____D () C:\Program Files (x86)\Garmin
2015-02-22 13:35 - 2014-11-09 19:22 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-22 13:24 - 2013-12-16 21:57 - 00000000 ____D () C:\Users\Tina
2015-02-22 13:23 - 2014-09-25 08:09 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-22 13:23 - 2013-12-19 00:00 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\Winamp
2015-02-22 13:23 - 2013-12-16 19:38 - 00000000 ___HD () C:\SuperChargerProfile
2015-02-22 13:23 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-02-22 13:23 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinMetadata
2015-02-22 13:23 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-02-22 13:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-22 13:23 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-02-22 13:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\registration
2015-02-22 13:18 - 2013-12-19 09:01 - 00000000 ____D () C:\ProgramData\Skype
2015-02-22 13:14 - 2013-12-28 19:31 - 00000000 ____D () C:\Users\Tina\AppData\Local\SoulseekQt
2015-02-17 18:20 - 2013-12-19 14:25 - 00434176 ___SH () C:\Users\Tina\Desktop\Thumbs.db
2015-02-16 06:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-14 22:04 - 2013-12-16 20:25 - 00000000 ____D () C:\Users\Tina\AppData\Local\CrashDumps
2015-02-11 19:08 - 2014-05-29 19:51 - 00003568 _____ () C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-3133213367-1338719558-82200134-1001
2015-02-11 18:37 - 2014-10-21 19:28 - 00003850 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1413915750
2015-02-11 18:37 - 2014-10-21 19:22 - 00001057 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-02-11 18:37 - 2014-10-21 19:22 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-02-07 20:24 - 2015-01-17 22:30 - 00000000 ____D () C:\Human Trust
2015-02-03 20:31 - 2013-08-22 16:38 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2013-08-22 16:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-29 17:42 - 2013-12-16 19:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-25 21:11 - 2014-12-13 12:46 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\GameMaker-Studio
2015-01-25 21:11 - 2014-12-13 12:27 - 00000000 ____D () C:\Users\Tina\AppData\Local\GameMaker-Studio
2015-01-24 18:19 - 2015-01-10 20:42 - 00000000 ____D () C:\Movie
2015-01-24 18:18 - 2013-12-22 18:21 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\vlc
2015-01-24 12:25 - 2013-12-16 17:28 - 00000000 ____D () C:\Users\Tina\AppData\Local\Packages

==================== Files in the root of some directories =======

2014-06-08 19:25 - 2014-06-08 19:25 - 0000268 ___RH () C:\Users\Tina\AppData\Roaming\Images
2014-06-08 19:25 - 2014-06-08 19:25 - 0000268 ___RH () C:\Users\Tina\AppData\Roaming\Importer
2014-06-08 19:25 - 2014-06-08 19:25 - 0000268 ___RH () C:\Users\Tina\AppData\Roaming\InkjetPrinter
2014-07-11 18:24 - 2014-07-11 18:24 - 0001167 _____ () C:\Users\Tina\AppData\Roaming\trace_FilterInstaller.txt
2014-07-11 18:24 - 2014-07-11 18:24 - 0000000 _____ () C:\Users\Tina\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2015-01-11 18:49 - 2015-01-11 18:49 - 0007622 _____ () C:\Users\Tina\AppData\Local\recently-used.xbel
2013-12-25 18:37 - 2013-12-25 18:37 - 0000017 _____ () C:\Users\Tina\AppData\Local\resmon.resmoncfg
2013-12-16 21:55 - 2013-12-16 21:55 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-06-08 19:25 - 2014-06-08 19:25 - 0000268 ___RH () C:\ProgramData\Instrument Library
2014-06-08 19:25 - 2014-06-08 19:25 - 0000268 ___RH () C:\ProgramData\Internet Plug-Ins
2014-06-08 19:25 - 2014-06-08 19:25 - 0000268 ___RH () C:\ProgramData\Internet Services
2014-06-08 19:25 - 2014-06-08 19:25 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2014-06-08 19:25 - 2014-08-31 09:43 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-06-08 19:25 - 2014-08-31 09:43 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT

Some content of TEMP:
====================
C:\Users\Tina\AppData\Local\Temp\Execute2App.exe
C:\Users\Tina\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Tina\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Tina\AppData\Local\Temp\fp_pl_pfs_installer-2.exe
C:\Users\Tina\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Tina\AppData\Local\Temp\Kies2RemoveAll.exe
C:\Users\Tina\AppData\Local\Temp\msvcp90.dll
C:\Users\Tina\AppData\Local\Temp\msvcr90.dll
C:\Users\Tina\AppData\Local\Temp\oi_{975A464C-6C9B-429E-BE67-7501BD5BDD21}.exe
C:\Users\Tina\AppData\Local\Temp\PrefJsonCpp.exe
C:\Users\Tina\AppData\Local\Temp\Quarantine.exe
C:\Users\Tina\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Tina\AppData\Local\Temp\sqlite3.dll
C:\Users\Tina\AppData\Local\Temp\sqlite3.exe
C:\Users\Tina\AppData\Local\Temp\sysad.exe
C:\Users\Tina\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Tina\AppData\Local\Temp\System.Data.SQLite10277bbb-e5ec-4000-9816-425134626346.dll
C:\Users\Tina\AppData\Local\Temp\vlc-2.1.4-win64.exe
C:\Users\Tina\AppData\Local\Temp\vlc-2.1.5-win64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-19 18:36

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-02-2015
Ran by Tina at 2015-02-23 20:06:58
Running from C:\Users\Tina\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.4 64-bit (HKLM\...\{558B5965-CC1B-4AF1-BA07-5D6832404050}) (Version: 5.4.0 - Adobe Systems Incorporated)
Adobe Premiere Pro 2.0 (HKLM-x32\...\Adobe Premiere Pro 2.0) (Version: 2.000.000 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-3133213367-1338719558-82200134-1001\...\Amazon Kindle) (Version:  - Amazon)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Any Video Converter 5.7.0 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
ArcSoft Panorama Maker 6 (HKLM-x32\...\{8A7D0970-C0A4-4B56-94D4-E3A175AB45BB}) (Version: 6.0.0.94 - ArcSoft)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Citrix Online Launcher (HKLM-x32\...\{F17C3DC2-2ACA-4B0E-BDBF-ACE61B14E7CD}) (Version: 1.0.183 - Citrix)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
CloudReading (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.1.47.1220 - Foxit Corporation)
ColorMunki Display 1.1.1 (HKLM-x32\...\ColorMunki Display_is1) (Version:  - X-Rite)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Elevated Installer (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.0.9 - MSI)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.2.1224 - Foxit Corporation)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free Video to JPG Converter version 5.0.46.820 (HKLM-x32\...\Free Video to JPG Converter_is1) (Version: 5.0.46.820 - DVDVideoSoft Ltd.)
GameMaker: Player (HKLM-x32\...\GameMakerPlayer) (Version: 1.4.242.35310 - YoYo Games Ltd.)
GameMaker-Studio 1.4 (HKU\S-1-5-21-3133213367-1338719558-82200134-1001\...\GameMaker-Studio14) (Version:  - YoYo Games Ltd.)
Garmin Express (HKLM-x32\...\{855d8086-4275-4bd3-a7a8-b44da3a56d7a}) (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
GoToMeeting 6.4.12.2331 (HKU\S-1-5-21-3133213367-1338719558-82200134-1001\...\GoToMeeting) (Version: 6.4.12.2331 - CitrixOnline)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{B1AC3709-3E98-4F2C-A84E-4BCA2A452E64}) (Version: 4.2.40.2418 - Intel Corporation)
LibreOffice 4.1 Help Pack (German) (HKLM-x32\...\{0779889E-1A20-4E21-9150-7F42BD09ED63}) (Version: 4.1.3.2 - The Document Foundation)
LibreOffice 4.1.3.2 (HKLM-x32\...\{4F3722AD-197D-4DBB-BDFB-D2F0D6776354}) (Version: 4.1.3.2 - The Document Foundation)
Live Update 5 (HKLM-x32\...\{E8BAA541-D161-4C9B-85BF-01F05A56BD7F}}_is1) (Version: 5.0.113 - MSI)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Machinarium (HKLM-x32\...\{4D96D2F0-8FB4-45C2-9B80-2DCB88016316}_is1) (Version:  - Daedalic Entertainment)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Messer v0.992 (HKLM-x32\...\Messer_is1) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mobile Master (x32 Version: 8.9.4 - Jumping Bytes) Hidden
Mobile Master 8.9.4 (HKLM-x32\...\Mobile Master) (Version: 8.9.4 - Jumping Bytes)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MyFreeCodec (HKU\S-1-5-21-3133213367-1338719558-82200134-1001\...\MyFreeCodec) (Version:  - )
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.3.1 - Nikon)
Opera Stable 27.0.1689.69 (HKLM-x32\...\Opera 27.0.1689.69) (Version: 27.0.1689.69 - Opera Software ASA)
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.4.3 - Nikon)
PrintKey2000 (HKLM-x32\...\PrintKey2000) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7106 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14074.11 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14074.11 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SoulseekQt (HKLM-x32\...\SoulseekQt) (Version:  - )
SoundTap Audiostream-Rekorder (HKLM-x32\...\SoundTap) (Version: 2.27 - NCH Software)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.019 - MSI)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
ViewNX 2 (HKLM-x32\...\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}) (Version: 2.3.2 - Nikon)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 2.10.1.1735 - 1&1 Mail & Media GmbH)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
X-Rite Device Services Manager (HKLM-x32\...\{64B461D5-ABCA-4394-9336-848F7C283B1C}) (Version: 2.3.81 - X-Rite)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3133213367-1338719558-82200134-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Tina\AppData\Local\Citrix\GoToMeeting\1350\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

==================== Restore Points  =========================

05-02-2015 19:06:09 Geplanter Prüfpunkt
13-02-2015 22:01:36 Windows Update
19-02-2015 17:53:49 Garmin Express
22-02-2015 13:16:58 Wiederherstellungsvorgang

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {4999D487-C5F2-446D-A4E3-E42FF10B3529} - System32\Tasks\X-Rite Device Services Software Updater => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe [2014-04-10] (X-Rite Inc.)
Task: {84C51814-E60D-4516-A7DE-7FB657A38CB1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {8C55BCF0-B883-4904-92D0-E5CE2F4F1200} - System32\Tasks\G2MUpdateTask-S-1-5-21-3133213367-1338719558-82200134-1001 => C:\Users\Tina\AppData\Local\Citrix\GoToMeeting\2331\g2mupdate.exe [2015-02-11] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {9AE9D2FA-0569-4E45-AD02-8920F16952B1} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-12-31] ()
Task: {C9DE50F8-519D-46C3-9C71-81BED86AB5F5} - System32\Tasks\{6D515B0D-1727-46D2-B479-B3E5F8AC3E0C} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe" -c -runfromtemp -l0x0409  -removeonly
Task: {CE73133D-6DFC-4F46-8FE2-D73A051CFA60} - System32\Tasks\Opera scheduled Autoupdate 1413915750 => C:\Program Files (x86)\Opera\launcher.exe [2015-02-10] (Opera Software)
Task: {DA97B9F5-BA72-45C6-9BC2-113DDDC3C4BD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-02-23] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3133213367-1338719558-82200134-1001.job => C:\Users\Tina\AppData\Local\Citrix\GoToMeeting\2331\g2mupdate.exe
Task: C:\WINDOWS\Tasks\X-Rite Device Services Software Updater.job => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe

==================== Loaded Modules (whitelisted) ==============

2013-08-01 17:31 - 2013-08-01 17:31 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-08-01 17:31 - 2013-08-01 17:31 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-01 17:31 - 2013-08-01 17:31 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-08-31 13:59 - 2014-06-18 13:58 - 02218496 _____ () C:\Program Files (x86)\X-Rite\ColorMunki Display\ColorMunkiDisplayTray.exe
2012-09-13 00:38 - 2012-09-13 00:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2013-08-22 08:19 - 2013-08-22 07:54 - 00174592 _____ () C:\WINDOWS\system32\WinMetadata\Windows.UI.winmd
2013-06-21 12:29 - 2013-06-21 12:29 - 01588224 _____ () C:\Program Files (x86)\X-Rite\Devices\rm200\GoldenEye.dll
2013-06-21 12:29 - 2013-06-21 12:29 - 02633728 _____ () C:\Program Files (x86)\X-Rite\Devices\colormunki\colormunki.dll
2013-12-16 18:30 - 2013-09-17 03:19 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-08-31 13:58 - 2014-06-18 12:12 - 44451328 _____ () C:\Program Files (x86)\X-Rite\ColorMunki Display\Prism.dll
2014-08-31 13:59 - 2010-06-01 21:44 - 07982592 _____ () C:\Program Files (x86)\X-Rite\ColorMunki Display\QtGui4.dll
2014-08-31 13:59 - 2010-12-14 11:25 - 02147328 _____ () C:\Program Files (x86)\X-Rite\ColorMunki Display\QtCore4.dll
2014-08-31 13:58 - 2014-06-18 12:12 - 03449344 _____ () C:\Program Files (x86)\X-Rite\ColorMunki Display\CxF2_VC90MD_2.1.dll
2014-08-31 13:58 - 2014-06-18 12:12 - 00898560 _____ () C:\Program Files (x86)\X-Rite\ColorMunki Display\libxml2.dll
2014-08-31 13:58 - 2014-06-18 12:12 - 00073728 _____ () C:\Program Files (x86)\X-Rite\ColorMunki Display\zlib1.dll
2014-08-31 13:58 - 2010-10-28 16:17 - 00131072 _____ () C:\Program Files (x86)\X-Rite\ColorMunki Display\imageformats\qjpeg4.dll
2014-08-31 13:58 - 2010-10-28 16:17 - 00278528 _____ () C:\Program Files (x86)\X-Rite\ColorMunki Display\imageformats\qtiff4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2015-01-26 19:11 - 2015-01-26 19:11 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Tina\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3133213367-1338719558-82200134-1001\Control Panel\Desktop\\Wallpaper -> E:\Backup Elvis Presley\Arno\1148829_228217750661710_1558444982_n.jpg
DNS Servers: 192.168.178.100

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "Live Update 5"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"

==================== Accounts: =============================

Administrator (S-1-5-21-3133213367-1338719558-82200134-500 - Administrator - Disabled)
Elvis (S-1-5-21-3133213367-1338719558-82200134-1006 - Limited - Enabled)
Gast (S-1-5-21-3133213367-1338719558-82200134-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3133213367-1338719558-82200134-1005 - Limited - Enabled)
Tina (S-1-5-21-3133213367-1338719558-82200134-1001 - Administrator - Enabled) => C:\Users\Tina

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4771 CPU @ 3.50GHz
Percentage of memory in use: 24%
Total physical RAM: 8054.05 MB
Available physical RAM: 6055.33 MB
Total Pagefile: 9334.05 MB
Available Pagefile: 7312.77 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.67 GB) (Free:1278.58 GB) NTFS
Drive d: (Machinarium) (CDROM) (Total:0.4 GB) (Free:0 GB) CDFS
Drive e: (Storage) (Fixed) (Total:1863.01 GB) (Free:341.7 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 1E935561)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 30DCFACE)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End Of Log ============================

cosinus · 23.02.2015, 21:22

Okay, dann Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Nashvilla · 24.02.2015, 20:18

Hier die Kontrollscans:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 23.02.2015
Suchlauf-Zeit: 21:33:40
Logdatei: mbam1.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.02.23.07
Rootkit Datenbank: v2015.02.22.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Tina

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 373909
Verstrichene Zeit: 6 Min, 44 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=68cea197872f964aacb23890d1ab771a
# engine=22596
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-02-23 12:33:36
# local_time=2015-02-23 01:33:36 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 42925 14955935 0 0
# scanned=908744
# found=43
# cleaned=0
# scan_time=10459
sh=A5D780CD9AE6FAB55661D54A5F4F7A6F5F321857 ft=1 fh=484a71631dfc9a04 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe.vir"
sh=43BD899383C16FF427302905B59E5E5DFA837B81 ft=1 fh=e0114720b91227bd vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe_1416037984690.vir"
sh=6E60B8A3B784B1202D129EDC1C8B9C965DFF89C4 ft=1 fh=d510ac3e9d038def vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll.vir"
sh=46841C1CC9369ACA35462792DB78A40F0DD3558C ft=1 fh=eec53ebc1504d08a vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\sptool.dll_1417539060157.vir"
sh=5DF10841473271A690CDDF6305AE3A2F7607C342 ft=1 fh=70e5f3401d95849e vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\sptool.dll_1418662223629.vir"
sh=848E3DD65157615BDCBC250ECDB645EC0E62437F ft=1 fh=bc3e14e01b8fe924 vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\sptool.dll_1419940849242.vir"
sh=AD800D0EBF9B7169810538490B9AF3A6553B59E8 ft=1 fh=8056c44a101b25c4 vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\sptool.dll_1420735518522.vir"
sh=2A4D96142AC7E3B78D197029FD6B395CC146DBBE ft=1 fh=d807113fc8198262 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe.vir"
sh=1C1691D53A24A5184AE315A00AC461767ADEDC20 ft=1 fh=5b79596457e5e7ad vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe.vir"
sh=8743F255E80C6A0A95A94CC668553686FF170120 ft=1 fh=0e8260637ee8e1d9 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\RN32.dll.vir"
sh=A704B6A7928A66851D5D0C251F975B52F6755053 ft=1 fh=3a141fdd6276f642 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPtool64.exe.vir"
sh=AAB44C79899999D77D4BC45AC1FC31746EE01C39 ft=1 fh=f19b2f7682fe88c5 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32.dll.vir"
sh=3010A616F191A1AB67BAA394F95094E43E1B0F05 ft=1 fh=1d4eab4a3a54531e vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll.vir"
sh=CFD6E953ACB4E21B22DD6D2BBD7360C353AA5049 ft=1 fh=65b60511f931799f vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64.dll.vir"
sh=275F649C7C4613C61B59BD33393AA245AD3D3816 ft=1 fh=ecf7e3ee1d6b314e vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll.vir"
sh=B46AC89336EE49AE7D475F54C6A0847EAA8A174F ft=1 fh=d456ecb0103eab2f vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe.vir"
sh=33D8206FC40CD4ACDF7AC18DCECED4E236D11988 ft=1 fh=1fb4de84ce09f9ee vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\ytd video downloader\ytd_installer.exe.vir"
sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tina\AppData\Roaming\OpenCandy\AC258E1265D9489E893E26CCE5B41AB0\sp-downloader.exe.vir"
sh=8B45D98B3D2AD42ACD832B4C4EC83D9E51CECDBE ft=1 fh=c47817d02d04bbc3 vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\YouTube Downloader\ytd_installer.exe"
sh=58C506D93FA108D2279F0801E3F1CD5C7AB36981 ft=1 fh=3c9d3175fad0644b vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\YTD Video Downloader\ytd_installer.exe"
sh=BE3FFCAEF2EB4420C167F706F19A5EF2FB51559F ft=1 fh=e10e120463c303bc vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\YTD YouTube Downloader & Converter\ytd_installer.exe"
sh=DB7443E84D223B0924EFFE7FDA41D419A152B76F ft=1 fh=df82bdeae5a92cc4 vn="Variante von Win32/Toolbar.Babylon.A evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Dokumente und Einstellungen\All Users.WINDOWS\VisualBee\VisualBeeSoftware.exe"
sh=97C98A20388FD894B92FD8325545966CA945BCFB ft=1 fh=6121d07ea56d1649 vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Anwendungsdaten\OpenCandy\968950F709EE4A0294EBDC21E3B9DF89\Setupsft_chr_p1v7.exe"
sh=A3B6E25B7620650F2F1B419A07AEC8300A088847 ft=1 fh=906fb8f35bd9e6b2 vn="Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Eigene Dateien\Downloads\SoftonicDownloader_fuer_facemixer.exe"
sh=2D6D0CF48AE14BEFCC4F44D3C3ABAC7E27A4C093 ft=1 fh=9b35f6a95e65c49e vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Lokale Einstellungen\Temporary Internet Files\Content.IE5\01M07FMK\MinibarChrome[1].exe"
sh=4682531361ADCF423207CA2CE917CADCB4D5C344 ft=1 fh=2a8cff87100d8aff vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Lokale Einstellungen\Temporary Internet Files\Content.IE5\CAZ008JS\IMinentToolbar[1].exe"
sh=5CD42D20DEC8C10BD9ABA41FBBDBAE0EAD7510E5 ft=1 fh=7136189e87cab029 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Lokale Einstellungen\Temporary Internet Files\Content.IE5\P9G9I1BJ\MinibarFirefox[1].exe"
sh=839E6E1F5A9176E34A973717146FCD1CBFB1F44C ft=1 fh=94e7912e1fc3f926 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Lokale Einstellungen\Temporary Internet Files\Content.IE5\SS2M12VB\IminentMinibarIE[1].exe"
sh=359D977D432E4F90FE627B2717144AE873990AC4 ft=1 fh=63c7b0ee3e7f229d vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Programme\Gemeinsame Dateien\DVDVideoSoft\TB\DVDVideoSoftTB.exe"
sh=CF9209557CC4828F1A8536F5AF66358A81393A75 ft=1 fh=b354853738a44732 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Programme\Softonic\Softonic\1.8.21.14\SoftonicApp.dll"
sh=277966AAC8DD994109B77162DB82849EF1FC8D62 ft=1 fh=f7e7b232febc88cd vn="Variante von Win32/Toolbar.Montiera.U evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Programme\Softonic\Softonic\1.8.21.14\SoftonicEng.dll"
sh=431CA401E93A36C4FB726D12B16B4CC058A2C770 ft=1 fh=7cd1c9f2502352b3 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Programme\Softonic\Softonic\1.8.21.14\Softonicsrv.exe"
sh=09AD2A1BCD218E1EA91FC53F55CB6A61770E1144 ft=1 fh=0234086e10d7e544 vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Programme\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll"
sh=54002848ADA82AC181EAC551104FA02E8CBE4585 ft=1 fh=bfddd9982b578fa9 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Programme\Softonic\Softonic\1.8.21.14\uninstall.exe"
sh=54CBEECF2F4AB81622D6708E8A849E3663853F4D ft=1 fh=a481e6d08e557a48 vn="Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Programme\Softonic\Softonic\1.8.21.14\bh\Softonic.dll"
sh=639B641030E29B44F12837D00DEE95E55C6DD5C7 ft=1 fh=4c3a64e5a398ec7f vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2g\FreeStudio.exe"
sh=C5388074F31DF07BE6C1DDEF0D762EC5A8819E77 ft=1 fh=fcf810b56806cfeb vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2g\FreeYouTubeToMp3Converter39.exe"
sh=119E149747A552877117A6D91EFD3BE4B26418AE ft=1 fh=d60c8402287380a1 vn="Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\9SZQGA86\sp-downloader[1].exe"
sh=FEC19241949864DE766A2D193BC81E3366E379E4 ft=1 fh=ac6e9bcd558de938 vn="Win32/Conduit.SearchProtect.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\9SZQGA86\SPSetup[1].exe"
sh=C8ED85CBB679DFF0D72E7D8C79CE5E74B5EFADE0 ft=1 fh=37dd7ede875c1f3d vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\AGMQW810\spstub[1].exe"
sh=8398427DEE8FECAF5BC25B22C826FC2DC6DF9747 ft=1 fh=81c159dc949cee29 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\SPSetup[1].exe"
sh=08131ADF7C15E801A902E72ADA9DBA8EF81AD101 ft=1 fh=0e19461b6ef503f8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tina\AppData\Local\Temp\DMR\dmr_72.exe"
sh=B5729C03116D82891380A083C4E214709380549B ft=1 fh=7dcb11e9301014bc vn="Variante von Win32/InstallCore.QW evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tina\Downloads\MyPhoneExplorer_Setup_1.8.6_CB-DL-Manager.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=68cea197872f964aacb23890d1ab771a
# engine=22611
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-02-23 11:37:53
# local_time=2015-02-24 12:37:53 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 21759 15038992 0 0
# scanned=906410
# found=25
# cleaned=0
# scan_time=10251
sh=8B45D98B3D2AD42ACD832B4C4EC83D9E51CECDBE ft=1 fh=c47817d02d04bbc3 vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\YouTube Downloader\ytd_installer.exe"
sh=58C506D93FA108D2279F0801E3F1CD5C7AB36981 ft=1 fh=3c9d3175fad0644b vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\YTD Video Downloader\ytd_installer.exe"
sh=BE3FFCAEF2EB4420C167F706F19A5EF2FB51559F ft=1 fh=e10e120463c303bc vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\YTD YouTube Downloader & Converter\ytd_installer.exe"
sh=DB7443E84D223B0924EFFE7FDA41D419A152B76F ft=1 fh=df82bdeae5a92cc4 vn="Variante von Win32/Toolbar.Babylon.A evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Dokumente und Einstellungen\All Users.WINDOWS\VisualBee\VisualBeeSoftware.exe"
sh=97C98A20388FD894B92FD8325545966CA945BCFB ft=1 fh=6121d07ea56d1649 vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Anwendungsdaten\OpenCandy\968950F709EE4A0294EBDC21E3B9DF89\Setupsft_chr_p1v7.exe"
sh=A3B6E25B7620650F2F1B419A07AEC8300A088847 ft=1 fh=906fb8f35bd9e6b2 vn="Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Eigene Dateien\Downloads\SoftonicDownloader_fuer_facemixer.exe"
sh=2D6D0CF48AE14BEFCC4F44D3C3ABAC7E27A4C093 ft=1 fh=9b35f6a95e65c49e vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Lokale Einstellungen\Temporary Internet Files\Content.IE5\01M07FMK\MinibarChrome[1].exe"
sh=4682531361ADCF423207CA2CE917CADCB4D5C344 ft=1 fh=2a8cff87100d8aff vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Lokale Einstellungen\Temporary Internet Files\Content.IE5\CAZ008JS\IMinentToolbar[1].exe"
sh=5CD42D20DEC8C10BD9ABA41FBBDBAE0EAD7510E5 ft=1 fh=7136189e87cab029 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Lokale Einstellungen\Temporary Internet Files\Content.IE5\P9G9I1BJ\MinibarFirefox[1].exe"
sh=839E6E1F5A9176E34A973717146FCD1CBFB1F44C ft=1 fh=94e7912e1fc3f926 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Lokale Einstellungen\Temporary Internet Files\Content.IE5\SS2M12VB\IminentMinibarIE[1].exe"
sh=359D977D432E4F90FE627B2717144AE873990AC4 ft=1 fh=63c7b0ee3e7f229d vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Programme\Gemeinsame Dateien\DVDVideoSoft\TB\DVDVideoSoftTB.exe"
sh=CF9209557CC4828F1A8536F5AF66358A81393A75 ft=1 fh=b354853738a44732 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Programme\Softonic\Softonic\1.8.21.14\SoftonicApp.dll"
sh=277966AAC8DD994109B77162DB82849EF1FC8D62 ft=1 fh=f7e7b232febc88cd vn="Variante von Win32/Toolbar.Montiera.U evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Programme\Softonic\Softonic\1.8.21.14\SoftonicEng.dll"
sh=431CA401E93A36C4FB726D12B16B4CC058A2C770 ft=1 fh=7cd1c9f2502352b3 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Programme\Softonic\Softonic\1.8.21.14\Softonicsrv.exe"
sh=09AD2A1BCD218E1EA91FC53F55CB6A61770E1144 ft=1 fh=0234086e10d7e544 vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Programme\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll"
sh=54002848ADA82AC181EAC551104FA02E8CBE4585 ft=1 fh=bfddd9982b578fa9 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Programme\Softonic\Softonic\1.8.21.14\uninstall.exe"
sh=54CBEECF2F4AB81622D6708E8A849E3663853F4D ft=1 fh=a481e6d08e557a48 vn="Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2f\Programme\Softonic\Softonic\1.8.21.14\bh\Softonic.dll"
sh=639B641030E29B44F12837D00DEE95E55C6DD5C7 ft=1 fh=4c3a64e5a398ec7f vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2g\FreeStudio.exe"
sh=C5388074F31DF07BE6C1DDEF0D762EC5A8819E77 ft=1 fh=fcf810b56806cfeb vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\PC Tina\Tina2g\FreeYouTubeToMp3Converter39.exe"
sh=119E149747A552877117A6D91EFD3BE4B26418AE ft=1 fh=d60c8402287380a1 vn="Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\9SZQGA86\sp-downloader[1].exe"
sh=FEC19241949864DE766A2D193BC81E3366E379E4 ft=1 fh=ac6e9bcd558de938 vn="Win32/Conduit.SearchProtect.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\9SZQGA86\SPSetup[1].exe"
sh=C8ED85CBB679DFF0D72E7D8C79CE5E74B5EFADE0 ft=1 fh=37dd7ede875c1f3d vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\AGMQW810\spstub[1].exe"
sh=8398427DEE8FECAF5BC25B22C826FC2DC6DF9747 ft=1 fh=81c159dc949cee29 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\SPSetup[1].exe"
sh=08131ADF7C15E801A902E72ADA9DBA8EF81AD101 ft=1 fh=0e19461b6ef503f8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tina\AppData\Local\Temp\DMR\dmr_72.exe"
sh=B5729C03116D82891380A083C4E214709380549B ft=1 fh=7dcb11e9301014bc vn="Variante von Win32/InstallCore.QW evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tina\Downloads\MyPhoneExplorer_Setup_1.8.6_CB-DL-Manager.exe"

cosinus · 25.02.2015, 00:12

FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\PC Tina\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\YouTube Downloader\ytd_installer.exe
C:\PC Tina\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\YTD Video Downloader\ytd_installer.exe
C:\PC Tina\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\YTD YouTube Downloader & Converter\ytd_installer.exe
C:\PC Tina\Dokumente und Einstellungen\All Users.WINDOWS\VisualBee\VisualBeeSoftware.exe
C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Anwendungsdaten\OpenCandy\968950F709EE4A0294EBDC21E3B9DF89\Setupsft_chr_p1v7.exe
C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Eigene Dateien\Downloads\SoftonicDownloader_fuer_facemixer.exe
C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Lokale Einstellungen\Temporary Internet Files
C:\PC Tina\Tina2f\Programme\Gemeinsame Dateien\DVDVideoSoft\TB\DVDVideoSoftTB.exe
C:\PC Tina\Tina2f\Programme\Softonic\Softonic
C:\PC Tina\Tina2g\FreeStudio.exe
C:\PC Tina\Tina2g\FreeYouTubeToMp3Converter39.exe
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache
C:\Users\Tina\AppData\Local\Temp\DMR
C:\Users\Tina\Downloads\MyPhoneExplorer_Setup_1.8.6_CB-DL-Manager.exe
EmptyTemp:
Hosts:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Nashvilla · 26.02.2015, 20:41

Hier bitte die Fixlog:

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-02-2015 01
Ran by Tina at 2015-02-25 23:55:08 Run:1
Running from C:\Users\Tina\Desktop
Loaded Profiles: Tina (Available profiles: Tina)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\PC Tina\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\YouTube Downloader\ytd_installer.exe
C:\PC Tina\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\YTD Video Downloader\ytd_installer.exe
C:\PC Tina\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\YTD YouTube Downloader & Converter\ytd_installer.exe
C:\PC Tina\Dokumente und Einstellungen\All Users.WINDOWS\VisualBee\VisualBeeSoftware.exe
C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Anwendungsdaten\OpenCandy\968950F709EE4A0294EBDC21E3B9DF89\Setupsft_chr_p1v7.exe
C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Eigene Dateien\Downloads\SoftonicDownloader_fuer_facemixer.exe
C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Lokale Einstellungen\Temporary Internet Files
C:\PC Tina\Tina2f\Programme\Gemeinsame Dateien\DVDVideoSoft\TB\DVDVideoSoftTB.exe
C:\PC Tina\Tina2f\Programme\Softonic\Softonic
C:\PC Tina\Tina2g\FreeStudio.exe
C:\PC Tina\Tina2g\FreeYouTubeToMp3Converter39.exe
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache
C:\Users\Tina\AppData\Local\Temp\DMR
C:\Users\Tina\Downloads\MyPhoneExplorer_Setup_1.8.6_CB-DL-Manager.exe
EmptyTemp:
Hosts:
*****************

C:\PC Tina\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\YouTube Downloader\ytd_installer.exe => Moved successfully.
C:\PC Tina\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\YTD Video Downloader\ytd_installer.exe => Moved successfully.
C:\PC Tina\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\YTD YouTube Downloader & Converter\ytd_installer.exe => Moved successfully.
C:\PC Tina\Dokumente und Einstellungen\All Users.WINDOWS\VisualBee\VisualBeeSoftware.exe => Moved successfully.
C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Anwendungsdaten\OpenCandy\968950F709EE4A0294EBDC21E3B9DF89\Setupsft_chr_p1v7.exe => Moved successfully.
C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Eigene Dateien\Downloads\SoftonicDownloader_fuer_facemixer.exe => Moved successfully.
C:\PC Tina\Tina2f\Dokumente und Einstellungen\Alle\Lokale Einstellungen\Temporary Internet Files => Moved successfully.
C:\PC Tina\Tina2f\Programme\Gemeinsame Dateien\DVDVideoSoft\TB\DVDVideoSoftTB.exe => Moved successfully.
C:\PC Tina\Tina2f\Programme\Softonic\Softonic => Moved successfully.
C:\PC Tina\Tina2g\FreeStudio.exe => Moved successfully.
C:\PC Tina\Tina2g\FreeYouTubeToMp3Converter39.exe => Moved successfully.

"C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache" directory move:

Could not move "C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\counters.dat" => Scheduled to move on reboot.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\MSIMGSIZ.DAT => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\container.dat => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\3_3_3.Finalorg.ajax4jsf.javascript[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\7AT1VGMQ.htm => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\Arimo_Normal[1].woff => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\background_new[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\countries_list[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\dhtmlmenu_3rd_v3[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\elements[1].css => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\elevatezoom.min[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\en[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\fontawesome-webfont[1].eot => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\jquery.pagination[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\logitech-nav[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\logitech-nav[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\logitech-nav[2].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\logitech-nav[3].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\logitech-nav[4].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\logitech-nav[5].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\logitech-nav[6].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\logitech-nav[7].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\logitech-nav[8].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\logitech-nav[9].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\proxyerror[1] => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\selectyze.jquery.min[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\utag[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\VFRemote[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EFNHHS82\zen-componentsCompatible[1].css => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A1PK5HPT\analytics[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A1PK5HPT\Arimo_Italic[1].woff => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A1PK5HPT\bootstrap-3.0.3.min[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A1PK5HPT\bootstrapValidator.min[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A1PK5HPT\CoveoSearchForSalesforce.WithJsSearch.min[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A1PK5HPT\dCustom0[1].css => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A1PK5HPT\dhtml_1_19_1[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A1PK5HPT\dStandard[1].css => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A1PK5HPT\errorPageStrings[1] => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A1PK5HPT\flag[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A1PK5HPT\jquery.magnific-popup.min[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A1PK5HPT\logitech-nav[10].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A1PK5HPT\logitech-nav[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A1PK5HPT\logitech-nav[2].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A1PK5HPT\logitech-nav[3].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A1PK5HPT\logitech-nav[4].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A1PK5HPT\logitech-nav[5].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A1PK5HPT\logitech-nav[6].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A1PK5HPT\logitech-nav[7].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A1PK5HPT\logitech-nav[8].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A1PK5HPT\logitech-nav[9].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A1PK5HPT\main[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A1PK5HPT\nav-main[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A1PK5HPT\pagination[1].css => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\A1PK5HPT\setup[1].css => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\bootstrap-select[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\cal_sprite[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\CoveoJsSearch.Dependencies.min[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\generated[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\global-nav-arrows[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\global-nav[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\header_logo[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\httpErrorPagesScripts[1] => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\icon_sprite[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\jquery-1.11.0.min[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\jquery-ui-1.10.3.custom.min[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\jquery.bp.rubberband.min[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\jsrender-1.0.pre.min[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\logitech-nav[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\logitech-nav[2].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\logitech-nav[3].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\logitech-nav[4].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\logitech-nav[5].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\logitech-nav[6].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\logitech-nav[7].jpg => Moved successfully.

Code:

ATTFilter

C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\logitech-nav[8].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\picklist[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\SfdcCore[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\sprites[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\s[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8QWY7RAI\VFState[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\Arimo_Bold[1].woff => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\Arimo_Bold_Italic[1].woff => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\common[1].css => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\CoveoFullSearch[1].css => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\CoveoSearchForSalesforce[1].css => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\extended[1].css => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\glyphicons-halflings-regular[1].eot => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\header_v2[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\jquery-1.11.1.min[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\loading_dark[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\logitech-nav[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\logitech-nav[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\logitech-nav[2].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\logitech-nav[2].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\logitech-nav[3].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\logitech-nav[4].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\logitech-nav[5].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\logitech-nav[6].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\logitech-nav[7].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\logitech-nav[8].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\main[1].css => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\NetworkTracking[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\NewErrorPageTemplate[1] => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\register[1].htm => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\select2.min[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\stub[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\IE\8JINH748\toolbar_sprite[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\container.dat not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\3_3_3.Finalorg.ajax4jsf.javascript[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\7AT1VGMQ.htm not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\Arimo_Normal[1].woff not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\background_new[1].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\countries_list[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\dhtmlmenu_3rd_v3[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\elements[1].css not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\elevatezoom.min[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\en[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\fontawesome-webfont[1].eot not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\jquery.pagination[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\logitech-nav[1].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\logitech-nav[1].png not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\logitech-nav[2].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\logitech-nav[3].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\logitech-nav[4].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\logitech-nav[5].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\logitech-nav[6].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\logitech-nav[7].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\logitech-nav[8].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\logitech-nav[9].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\proxyerror[1] not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\selectyze.jquery.min[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\utag[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\VFRemote[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\EFNHHS82\zen-componentsCompatible[1].css not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\A1PK5HPT\analytics[1].js not found.

Code:

ATTFilter

C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\A1PK5HPT\Arimo_Italic[1].woff not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\A1PK5HPT\bootstrap-3.0.3.min[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\A1PK5HPT\bootstrapValidator.min[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\A1PK5HPT\CoveoSearchForSalesforce.WithJsSearch.min[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\A1PK5HPT\dCustom0[1].css not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\A1PK5HPT\dhtml_1_19_1[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\A1PK5HPT\dStandard[1].css not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\A1PK5HPT\errorPageStrings[1] not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\A1PK5HPT\flag[1].gif not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\A1PK5HPT\jquery.magnific-popup.min[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\A1PK5HPT\logitech-nav[10].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\A1PK5HPT\logitech-nav[1].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\A1PK5HPT\logitech-nav[2].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\A1PK5HPT\logitech-nav[3].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\A1PK5HPT\logitech-nav[4].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\A1PK5HPT\logitech-nav[5].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\A1PK5HPT\logitech-nav[6].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\A1PK5HPT\logitech-nav[7].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\A1PK5HPT\logitech-nav[8].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\A1PK5HPT\logitech-nav[9].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\A1PK5HPT\main[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\A1PK5HPT\nav-main[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\A1PK5HPT\pagination[1].css not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\A1PK5HPT\setup[1].css not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\bootstrap-select[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\cal_sprite[1].png not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\CoveoJsSearch.Dependencies.min[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\generated[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\global-nav-arrows[1].png not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\global-nav[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\header_logo[1].png not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\httpErrorPagesScripts[1] not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\icon_sprite[1].png not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\jquery-1.11.0.min[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\jquery-ui-1.10.3.custom.min[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\jquery.bp.rubberband.min[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\jsrender-1.0.pre.min[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\logitech-nav[1].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\logitech-nav[2].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\logitech-nav[3].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\logitech-nav[4].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\logitech-nav[5].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\logitech-nav[6].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\logitech-nav[7].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\logitech-nav[8].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\picklist[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\SfdcCore[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\sprites[1].png not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\s[1].gif not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8QWY7RAI\VFState[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\Arimo_Bold[1].woff not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\Arimo_Bold_Italic[1].woff not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\common[1].css not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\CoveoFullSearch[1].css not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\CoveoSearchForSalesforce[1].css not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\extended[1].css not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\glyphicons-halflings-regular[1].eot not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\header_v2[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\jquery-1.11.1.min[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\loading_dark[1].gif not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\logitech-nav[1].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\logitech-nav[1].png not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\logitech-nav[2].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\logitech-nav[2].png not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\logitech-nav[3].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\logitech-nav[4].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\logitech-nav[5].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\logitech-nav[6].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\logitech-nav[7].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\logitech-nav[8].jpg not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\main[1].css not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\NetworkTracking[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\NewErrorPageTemplate[1] not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\register[1].htm not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\select2.min[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\stub[1].js not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5\8JINH748\toolbar_sprite[1].png not found.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\Low\AntiPhishing\4A72F430-B40C-4D36-A068-CE33ADA5ADF9.dat => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\container.dat => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesetting1ZQQKENA.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesetting2GPXXT0C.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesetting2HD8EOGB.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesetting3QSPDX1X.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesetting3VBQP8D6.js => Moved successfully.

Code:

ATTFilter

C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesetting4X3MYQFJ.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesettingFV0NBH12.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesettingHXDG3OD8.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesettingI5DTB32H.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesettingK4S2KFFE.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesettingN8ZGM8D5.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesettingOOBVDRD2.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesettingQNXRW425.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesettingSZJJ9072.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesettingTOR2QO4F.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesettingV5R52YFK.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesettingYKW3W1O7.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesettingYTS80AGB.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesettingZYSGXJ48.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesetting[10].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesetting[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesetting[2].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesetting[3].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesetting[4].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesetting[5].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesetting[6].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesetting[7].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesetting[8].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\flashcookiesetting[9].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\-[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\000000242804[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\000000349584[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\00003b15100000823[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\00003b15100000823[2].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\00003b15100000823[3].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\0005f751-c984-4850-8836-b0ae7482283a_15[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\011424279214[1].htm => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\02840c3c8c64cd87df66be5f6e0515ae[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\03_Meditation_Die_Heimat_des_hässlichen_Entleins[1].mp3 => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\08_728_90_E_TSI_DE_100ko[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\0R9mJN4bsK_209433621[1].htm => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\0RCqKAmWb9_1604748130[1].htm => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\0_cgSuUBsd[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\1-1x1_GIF[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\1-N201_A_728x90_j[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\1-Opel_SB_FLS_Insignia-ENGAGE_728x90_V01[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\10000119[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\1017[1] => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\1121f7f2-c046-4447-aa74-e422effb6e44_138x115[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\138_frucht_138x115[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\14942[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\15781333001090894836[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\15da4d5fc7249100abdfc733705c1eb0[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\1853a5d1b0e7c66e1d760190a8974a9e[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\18da9756ae7d4603ac49691e3ea6fa5e_1[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\18FHK0J4.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\192304212[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\193932465[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\196085790[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\19647[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\1GK3MQRL.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\1pix[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\1pix[2].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\1pix[3].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\1pix[4].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\1pix[5].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\1pix[6].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\1pix[7].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\1x1[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\1[10].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\1[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\1[2].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\1[3].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\1[4].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\1[5].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\1[6].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\1[7].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\1[8].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\1[9].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\2-pixel1x1[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\207[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\2344f3612ffc129534eef1e7cf5a3e7a[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\24ddc8839037137d3745d30115fe099a[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\2532[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\2588ee8f95e54f59be4114d3d0c229a7_1[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\27f8952d-06b1-4596-a211-5bdc5896b57a[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\2IQCEKGN.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\2rj[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\2_parwise_v31a_728x90[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\381[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\3aa2632f-bf6a-46bc-b94d-df24b3290717_72x60[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\3bdab70738efdfc159f1bb35051b65f4[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\3QKBU45Z.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\405a9c9e30e496422f04efd8a348328f[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\4153505[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\426[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\4418440[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\4418462[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\4538536[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\4741c[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\4829695[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\4829707[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\4[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\5292551[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\5373638[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\53b549ca0c333decd3d71df44849b518[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\544[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\597[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\5e35405d-7bf5-4aa5-81af-a60f8ebfdba1_72x60[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\6075922[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\614[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\626[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\636[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\6517065[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\6517068[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\66d4e12b-fdd3-4318-8762-706b6001b811_24[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\671[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\684[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\698[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\6a411702b58f889004af9217dc010007[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\6c769b4f-cd01-43a8-a115-cd512453435d_72x60[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\6e8b56b8a84822437791d64effe4b748[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\6GXAKDM2.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\7132fe71-710e-463e-bf4e-7a9c65240a22_72x60[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\71[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\71[2].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\721[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\728x90_claim[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\72_4_72x60_M__dchen_Ghana_1[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\72_6_72x60_Maedchen_Vietnam_2[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\72_72x60[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\72_72x60[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\72_72x60[2].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\72_72x60_2[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\72_72x60_JAB[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\72_72x60_nett[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\72_72x60_text_ad_1_GWP_1000[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\72_72_1361977956[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\72_72_gh_72x60[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\72_72_talocasa-ligatus-house_blue-72x60[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\72_72_vwb_pk_140_parken_72x60_20140224[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\72_amex_multicard_sbs_72x60[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\72_bani72[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\72_barclaycard_72[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\72_HeadhunterNetzwerk_72x60[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\72_Logo_72x60[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\72_Logo_72x60[2].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\72_MSF__BTA__Li__08pi__MSF121917__72x60[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\72_pennystocks-72[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\72_rohbau_72x60[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\748d8a048dda6861c5f15436149ae47d[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\75bfe79fc3547f38a539fdb8ee7f587d[1].swf => Moved successfully.

Code:

ATTFilter

:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\762f0ba7-974c-4ced-a9b0-e93915ffffae_72x60[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\762f0ba7-974c-4ced-a9b0-e93915ffffae_72x60[2].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\772[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\7CPP1GJP.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\876[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\8bd74bfeb98e273920ddd064a03cc685[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\90_90x75[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\9412[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\99999[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\9afaec3f-ef2a-48ad-bddc-f268c0e28d12[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\9ca1407b360c3dac1c1aba49d9a02265[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\9ZOZIB59.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\adex[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\adfec47e-fac8-4e41-802b-22ac508ea28b_72x60[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\Adform.Bootstrap[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\Adform.Bootstrap[2].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\Adform.Bootstrap[3].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\Adform.Bootstrap[4].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\Adform.Bootstrap[5].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\Adform.RMB[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\Adform.RMB[2].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\Adform.RMB[3].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\adfstub[1].htm => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\adfstub[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\adfstub[2].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\adfstub[3].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\adimage[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\adimage[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\AdLoader-0ee9685baf8ff395a7119d551063e2d4.min[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\AdLoader-288a31a04e1398b1a794975bf93ce9a4.min[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\AdLoader-725aebe4743338ea770018ce780c157b.min[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\AdLoader-7b473315d0084c71df83cdee72aab144.min[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\AdLoader-7b857a7be889bd57f92da60a9b6146bb.min[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\AdLoader[1].htm => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\AdLoader[2].htm => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\AdLoader[3].htm => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\AdLoader[4].htm => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\AdLoader[5].htm => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\AdLoader[6].htm => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\ads-minified-1.45.1[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\adsapi_3[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\adscreen_background[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\adscreen_pcvisit_signet[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\adsct[1] => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\ads[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\ai[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\ai[2].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\allScripts[2].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\avatar[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\b38e3feacbf58e08c96a3b28a34a7f1e[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\b51f31b7-9efb-4387-9063-1c5e42bd9a3a_31[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\banner00KMOOZO.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\banner030SO8GS.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\banner045UGLKZ.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\banner11G7V2Y5.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\banner14PSOAO9.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\banner31T40PA5.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\banner4L7YV256.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\banner52LE5E52.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\banner66C02979.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\banner6TZ20S3C.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\banner76K1RP30.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\banner7R6ZPFUP.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\banner8VY6IFON.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\banner8Z3SDIL5.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\banner9KX6QQHZ.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerAHORUUKL.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerAYEXSZPY.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerB0IAJLT4.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerBESQOP0J.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerBFWJ4VWO.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerC0FRZJ86.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerC2CGUH3B.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerCICI18ZM.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerCJSC2FRT.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerE752ITCN.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerECXA8GGL.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerFI8C0RVW.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerFOJTMGWH.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerGYJCPYT0.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerHCO4RBEG.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerI5LQXS38.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerIC9OW0OX.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerIT97WXID.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerJQF3XQE7.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerL49A0GXZ.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerLKUTUAUI.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerLRRSIE2J.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerLS9TS8EN.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerLXTEMSSG.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerMBO17MHE.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerN9I67P8C.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerNMJAYIO7.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerNY3M2FIQ.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerO8Y9MZEO.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerODA3GG0G.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerOQCODLCM.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerOWS5DCXD.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerPJZ50ERR.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerPYLGJNJ1.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerQ7ILP9JR.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerQLL2QD2T.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerQZE789CQ.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerRA0N65Z9.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerRCT99DVJ.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerS444G0RA.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerS46W7CN2.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerSTOZ32TV.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerTUHY42CL.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerU3YINVIQ.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerUCYT3GYR.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerV99R0KPS.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerVB8ZLF1B.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerWA3K03RF.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerWO6ZBHG9.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerXPT822GF.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerXQTC0PFL.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerXUR0XDGT.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerY06ATM22.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerZ6E3492V.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerZAA1IVO8.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerZYSD30C5.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bannerZYTJA0KB.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\banner[10].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\banner[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\banner[2].js => Moved successfully.C

Code:

ATTFilter

C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\banner[3].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\banner[4].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\banner[5].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\banner[6].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\banner[7].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\banner[8].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\banner[9].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\base-cf.gz[1].css => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\ba[1].htm => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\ba[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\ba[2].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\BC1KPHYP.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bddbb929a66d26bc22110bcd87dc9f92[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\be2ce592-bce6-4a42-8df5-638c30e5db6d_72x60[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bf8bb2de-a6c4-4cb1-84b6-eb65e19f3c2f[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bg-close-program[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bg-download-bar-full[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bg-shadow-alternate[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bg1[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bg2[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bgDownloadBarEmpty[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bgDownloadBarFull[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\BGIMAGE_DEF_NOLOGO_300x250[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bg[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bg_main[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bg_status[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bg_tab_btmLine[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bg_white[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bk[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\blank[8].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\blank[9].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bootstrap[2].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\boot[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\bottom-bg[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\box_19_top-right[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\BrightcoveBootloader[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\BrightcoveBootloader[2].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\BrightcoveBootloader[3].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\BrightcovePlayer[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\BrightcovePlayer[2].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\btn-play-16x16[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\button-center[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\button-left[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\button-right[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\button_yellow_big2[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\c8953720da70cf8f7a8094f64ef2eba8[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\CancelBG[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\cms1[1] => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\combined_3rd[1].css => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\config[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\config[2].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\config[3].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\config[4].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\config[5].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\config[6].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\config[7].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\config[8].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\config[9].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\connect-b7e812ea088a317f392ce73dfe7aab8c.min[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\connect-d050a9fbc1f148ced362930e15d21d32.min[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\connect[1].htm => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\connect[2].htm => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\connect[3].htm => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycode0K7NI5TQ.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycode1K7X23IB.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycode1LI0DNYX.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycode1TN6904K.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycode1WB8URNO.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycode3VJOFZJX.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycode513B1GVG.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycode55EY2VMS.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycode5WUKU6A5.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycode6VYFZAJZ.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycode80OY36E3.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycode8QX22OQR.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycode94OH3K7P.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycode9YWG8OKX.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycodeBSAW21MR.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycodeBWA9IB8M.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycodeDI41LJ78.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycodeDRBX1U21.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycodeE1BXDXEQ.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycodeEHWK02M5.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycodeHLPUSV6D.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycodeL19LW8X6.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycodeNHKFGAZ1.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycodeOGSMS1FV.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycodeRO9IJNYX.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycodeS5U7TY30.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycodeSHUU9DL3.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycodeTN5L8G3P.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycodeV3ZBW4QH.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycodeVJLWFKWS.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycodeXLBSL4M2.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycodeYGBB0QZ7.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycodeZE2GASAC.json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycode[10].json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycode[1].json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycode[2].json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycode[3].json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycode[4].json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycode[5].json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycode[6].json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycode[7].json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycode[8].json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\countrycode[9].json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\crossdomain[2].xml => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\css[1].css => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\ctrl_1214tb[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\customize[1].css => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\customize[2].css => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\customize[3].css => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\customize[4].css => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\d0RR20OJU.gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\d2i[2].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\d5b1284c-3fdb-4cb9-b7cb-ce5ebaf3e8fb[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\d5CF15Z8O.gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\d6f7c4d0ffe7402dfc4ca8bb0f21830d[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\d7e99f92a954d46e60279f7ae05650f8[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\da3e743f0eb3727f60de9f0077a4c2b8[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dapmsn-8.0[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dBC482PWC.gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\de-ca78e5523008e502b25a755a1dcf01fc[1].json => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\de6657605[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\detector3[3].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\de[1].json => Moved successfully.

Code:

ATTFilter

C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\de[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\de_728x90_f_p-var-classic-v01_30s[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dfa7banner_flash_html_inpage_rendering_lib_200_56[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dfa7banner_flash_inpage_rendering_lib_200_62[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dG6Z1O078.gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dJWI3WUV5.gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dKZS3AP1P.gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\DOA59FW5.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\downloaderror[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\downloader[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\downloadfailure[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\download[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dSPF3OWGO.gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dt0M8082LG.gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dt1R98DCOJ.gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dt8FIP8XYO.gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dtAEPZ24FS.gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dtQS6P9HLK.gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dtRT35E302.gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dtS7G3PS59.gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dtUPH3OKU2.gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dt[10].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dt[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dt[2].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dt[3].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dt[4].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dt[5].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dt[6].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dt[7].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dt[8].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dt[9].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\dVRI59U30.gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\DVSUpdate[1].htm => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\d[10].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\d[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\d[2].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\d[3].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\d[4].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\d[5].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\d[6].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\d[7].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\d[8].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\d[9].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\e5f5abf6e2b07e4031bbc0183cdc1503[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\eb7d407c-2f31-491f-b9b3-114c18a7ba95_72x60[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\ebBanner[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\ebPreServing[2].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\ebStdBannerEx[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\ebStdBanner[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\econda-postview[1].htm => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\EngagementTracker.v13[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\EngagementTracker.v13[2].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\EngagementTracker.v13[3].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\EngagementTracker.v13[4].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\EngagementTracker[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\EngagementTracker[2].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\EngagementTracker[3].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\EngagementTracker[4].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\EngagementTracker[5].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\EngagementTracker[6].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\Enterprise_TRAIN_300x250_DE_child[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\EQ2IEX85.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\ErrorPageTemplate[1] => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\expcol_imgs[2].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\extra_erle_b.png_1388652454895_extra_erle_b[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\facebook[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\favicon[1].ico => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\favicon[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\favicon[2].ico => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\fbImporterFriends[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\federated_f9[1] => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\FeedImage[1].htm => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\FeedImage[2].htm => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\FI8SR5FW.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\fila[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\fingerprint.min[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\flash0R009ZPI.swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\flash5SFP36LH.swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\flash8QVVFKPV.swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\flashcookiesetting[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\flashL6ULUKWO.swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\flashMBRI8PFL.swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\flashMNO2FDMV.swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\flashPZCV8PA6.swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\flash[10].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\flash[1].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\flash[2].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\flash[3].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\flash[4].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\flash[5].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\flash[6].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\flash[7].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\flash[8].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\flash[9].swf => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\font-icon[1].eot => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\frame-hider[1].htm => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\FRST64[1].exe => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\ftg_vis.min[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\f[1].txt => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\G6SY7J4A.gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\gallus[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\GetMDRCDPOSTURL[1].aspx => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\GetMDRCDPOSTURL[2].aspx => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\GetMDRCDPOSTURL[3].aspx => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\GetMDRCDPOSTURL[4].aspx => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\GGHGWEAN.js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\global_3rd_v2[1].css => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\globe32[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\google-plus[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\helphub_ltr[2].css => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\hero[1].jpg => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\hh_ppeic[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\hig_progcircle_animated[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\homepage[1].js => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\homepage_ie[1].css => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\home[1].htm => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\HTML5_Scaling[1].htm => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\icon-blank[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\icon-error[1].png => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\iconCompleteError[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\iconComplete[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\icons[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\icon_err[1].gif => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\id-06f72b12-a5ac-4b58-87ae-9e6de3419916[1].htm => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\id-5aceb2d8-1f45-4cc7-8a48-1337839feb03[1].htm => Moved successfully.
C:\Users\Tina\AppData\Local\Microsoft\Windows\INetCache\IE\YQ73YAC1\id-cf578f1c-5f90-4455-aae4-2d633fb9a427[1].htm => Moved successfully.

23.02.2015, 09:56	#10
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	NSIS/StartPage.CC Trojaner Falls du einen Virenscanner hast... __________________ Logfiles bitte immer in CODE-Tags posten

NSIS/StartPage.CC Trojaner

Log-Analyse und Auswertung: NSIS/StartPage.CC Trojaner