Hallo zusammen,

ich weiß, über mein Problem gibt es schon einige Beiträge, aber da keiner der dort genannten Tipps zum Erfolg geführt hat, bitte ich hier um Unterstützung.
Mein Laptop (ASUS N53S, Win7) hängt seit kurzem permanent, v.a. Firefox, aber auch extrem eine Fotobuch-Bearbeitungssoftware von Kodak. Allgemein werden Fenster stark verzögert geöffnet und geschlossen. Uberhaupt ist alles verlangsamt (wenn ich z.B. ein Fenster schließe und mit dem Cursor auf das rot unterlegte Kreuz fahre, dauert es oft schon ein paar Sekunden, bis es überhaupt aufleuchtet. Ein Fotobuch zu bearbeiten ist nahezu unmöglich, weil ständig ein zu verschiebendes Bild hängen bleibt, dann zu weit verschoben wird etc. Im Firefox dauern Ladevorgänge sehr lange und Videos bei Youtube kommen oft ins Stocken etc. Zuerst dachte ich, dass zu viele Fenster/Tabs offen sind, aber jetzt, wenn ich nur zwei Firefoxfenster offen hatte, blieb das Problem gleich. Jetzt, während ich diesen Beitrag schreibe, kommt der PC selbst beim normalen Tippen mit dem Anzeigen der Buchstaben nicht hinterher und hängt zweimal (allerdings nur in der Titel-Zeile, nicht im Nachrichtenfeld).
Zuletzt war es dann oft so, dass der Rechner komplett hing für einige Sekunden (nichts bewegte sich mehr), dann hörte ich ein Tuten und es ging mit Verzögerungen weiter.
Einmal hatte erschien auch nach einem Neustart ein blauer Bildschirm. And den Inhalt kann ich mich leider nicht erinnern, da das Problem zu dem Zeitpunkt noch nicht so schlimm war und ich den Text so nicht sonderlich beachtet habe.

Ich bin dankbar für jede Unterstützung!

Gruß, Andreas

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Andy (administrator) on ANDY-PC on 10-04-2015 15:41:34
Running from C:\Users\Andy\Downloads
Loaded Profiles: UpdatusUser & Andy (Available profiles: UpdatusUser & Andy)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\ExpressGateUtil\VAWinService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(ASUS) C:\Windows\AsScrPro.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Sonix Technology Co., Ltd.) C:\Windows\vsnp2uvc.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Evaer Technology) C:\Program Files (x86)\Evaer\videochannel.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Windows (R) Win 7 DDK provider) C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
() C:\ExpressGateUtil\VAWinAgent.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Java\jre6\bin\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Evaer.com) C:\Program Files (x86)\Evaer\evaer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
() C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-06-10] (ELAN Microelectronic Corp.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2010-08-11] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2207848 2011-03-21] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations)
HKLM\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [909824 2010-01-21] (Sonix Technology Co., Ltd.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme)
HKLM-x32\...\Run: [FLxHCIm] => C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe [40448 2011-02-25] (Windows (R) Win 7 DDK provider)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-18] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-08] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
HKLM-x32\...\Run: [VAWinAgent] => C:\ExpressGateUtil\VAWinAgent.exe [21504 2010-08-13] ()
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [87336 2010-02-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2010-11-25] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-03-24] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Java\jre6\bin\jusched.exe [148888 2015-03-29] (Sun Microsystems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3352751941-3298559708-1207771804-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
HKU\S-1-5-21-3352751941-3298559708-1207771804-1001\...\Run: [Google Update] => C:\Users\Andy\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2015-02-03] (Google Inc.)
HKU\S-1-5-21-3352751941-3298559708-1207771804-1001\...\Run: [Google+ Auto Backup] => C:\Users\Andy\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3754312 2015-02-13] (Google Inc.)
HKU\S-1-5-21-3352751941-3298559708-1207771804-1001\...\Run: [avichannel] => C:\Program Files (x86)\Evaer\videochannel.exe [1740776 2015-03-08] (Evaer Technology)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [226920 2011-03-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [192616 2011-03-08] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe ()
Startup: C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk
ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3352751941-3298559708-1207771804-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
HKU\S-1-5-21-3352751941-3298559708-1207771804-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKU\S-1-5-21-3352751941-3298559708-1207771804-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
HKU\S-1-5-21-3352751941-3298559708-1207771804-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKU\S-1-5-21-3352751941-3298559708-1207771804-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKU\S-1-5-21-3352751941-3298559708-1207771804-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKU\S-1-5-21-3352751941-3298559708-1207771804-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3352751941-3298559708-1207771804-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3352751941-3298559708-1207771804-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-24] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll No File
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-24] (Avast Software s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2015-03-29] (Sun Microsystems, Inc.)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll No File
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default
FF Homepage: hxxp://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=de-de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-04-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-10] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3352751941-3298559708-1207771804-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Andy\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-3352751941-3298559708-1207771804-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Andy\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Extension: Print pages to PDF - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\Extensions\printPages2Pdf@reinhold.ripper [2015-01-27]
FF Extension: ProxTube - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\Extensions\ich@maltegoetz.de.xpi [2015-03-22]
FF Extension: Download YouTube Videos, Fast And Simple - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\Extensions\jid1-cHKBMlArKdIVEg@jetpack.xpi [2015-04-05]
FF Extension: Save as PDF - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2015-02-12]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2015-04-05]
FF Extension: Adblock Plus - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-15]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn [2015-04-09]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-24]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-03-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-24]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-24] (Avast Software s.r.o.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-24] (Avast Software)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-03-23] (Foxit Software Inc.)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
R3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [77312 2010-08-21] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-24] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-24] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-24] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-03-24] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-24] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-03-24] ()
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [81920 2011-02-25] (Fresco Logic)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800832 2010-09-07] (Sonix Technology Co., Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-24] (Avast Software)
U2 TMAgent; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-10 13:11 - 2015-04-10 15:41 - 00023667 _____ () C:\Users\Andy\Downloads\FRST.txt
2015-04-10 13:11 - 2015-04-10 13:12 - 00034961 _____ () C:\Users\Andy\Downloads\Addition.txt
2015-04-10 13:10 - 2015-04-10 15:41 - 00000000 ____D () C:\FRST
2015-04-10 13:09 - 2015-04-10 13:10 - 02095616 _____ (Farbar) C:\Users\Andy\Downloads\FRST64.exe
2015-04-09 18:16 - 2015-04-09 18:16 - 00000000 ___RD () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-04-09 18:13 - 2015-04-09 18:14 - 01424240 _____ () C:\Windows\Minidump\040915-45599-01.dmp
2015-04-05 13:41 - 2015-04-05 13:41 - 00000000 ____D () C:\Users\Andy\Documents\Camtasia Studio
2015-04-05 13:41 - 2015-04-05 13:41 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\TechSmith
2015-04-05 13:41 - 2015-04-05 13:41 - 00000000 ____D () C:\Users\Andy\AppData\Local\TechSmith
2015-04-05 13:34 - 2015-04-05 13:34 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith
2015-04-05 13:34 - 2015-04-05 13:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2015-04-05 13:34 - 2015-04-05 13:34 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-04-05 13:33 - 2015-04-05 13:33 - 00000000 ____D () C:\ProgramData\TechSmith
2015-04-05 13:33 - 2015-04-05 13:33 - 00000000 ____D () C:\Program Files (x86)\TechSmith
2015-04-05 13:18 - 2015-04-05 13:18 - 01203488 _____ () C:\Users\Andy\Downloads\Camtasia Studio - CHIP-Installer.exe
2015-04-05 13:15 - 2015-04-05 13:16 - 00000009 _____ () C:\Users\Andy\AppData\Local\~wmrg
2015-04-05 13:15 - 2015-04-05 13:16 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\WM Recorder
2015-04-05 13:15 - 2015-04-05 13:15 - 00002073 _____ () C:\Users\Andy\Desktop\WM Converter.lnk
2015-04-05 13:15 - 2015-04-05 13:15 - 00001874 _____ () C:\Users\Andy\Desktop\WM Recorder 14.lnk
2015-04-05 13:15 - 2015-04-05 13:15 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WM Recorder 14
2015-04-05 13:15 - 2015-04-05 13:15 - 00000000 ____D () C:\Program Files (x86)\WMR14
2015-04-05 13:14 - 2015-04-05 13:14 - 22303248 _____ (AllAlex, Inc) C:\Users\Andy\Downloads\install_wmrecorder.exe
2015-04-05 11:42 - 2015-04-05 11:42 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-05 11:42 - 2015-04-05 11:42 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-04 16:55 - 2015-04-04 16:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-03 14:20 - 2015-04-03 14:20 - 00001485 _____ () C:\Users\Andy\AppData\Local\recently-used.xbel
2015-04-03 12:00 - 2015-04-03 12:00 - 00000246 _____ () C:\Users\Andy\Downloads\README.md
2015-04-03 11:51 - 2015-04-03 22:48 - 00000000 ____D () C:\Users\Andy\Documents\Evaer
2015-04-03 11:51 - 2015-04-03 21:44 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Evaer
2015-04-03 11:51 - 2015-04-03 11:51 - 07902120 _____ (Evaer Technology) C:\Users\Andy\Downloads\EvaerSetup.exe
2015-04-03 11:51 - 2015-04-03 11:51 - 00000951 _____ () C:\Users\Andy\Desktop\Evaer.lnk
2015-04-03 11:51 - 2015-04-03 11:51 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evaer
2015-04-03 11:51 - 2015-04-03 11:51 - 00000000 ____D () C:\Users\Andy\AppData\Local\CrashRpt
2015-04-03 11:51 - 2015-04-03 11:51 - 00000000 ____D () C:\Program Files (x86)\Evaer
2015-03-29 19:52 - 2015-03-29 19:52 - 00000000 ____D () C:\ProgramData\Samsung
2015-03-29 19:52 - 2015-03-29 19:52 - 00000000 ____D () C:\Program Files\SAMSUNG
2015-03-29 19:51 - 2015-03-29 19:52 - 24111736 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\Andy\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
2015-03-29 19:42 - 2015-03-29 19:42 - 00000000 ____D () C:\Users\Andy\.android
2015-03-29 19:40 - 2015-03-29 19:40 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2015-03-29 18:12 - 2015-03-29 18:16 - 00000000 ____D () C:\Users\Andy\Documents\Create at Home Projekts
2015-03-29 17:08 - 2015-03-29 17:08 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\MPC
2015-03-29 17:07 - 2015-03-29 17:07 - 00000000 ____D () C:\Users\Andy\.kodakch
2015-03-29 17:05 - 2015-03-29 17:05 - 00002166 _____ () C:\Users\Public\Desktop\KODAK Create@Home Software (für dm).lnk
2015-03-29 17:05 - 2015-03-29 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KODAK Create@Home Software (für dm)
2015-03-29 17:04 - 2015-03-29 17:07 - 00000000 ____D () C:\Program Files (x86)\KODAK Create@Home Software (für dm)
2015-03-29 17:02 - 2015-03-29 17:02 - 00410984 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deploytk.dll
2015-03-29 17:02 - 2015-03-29 17:02 - 00148888 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2015-03-29 17:02 - 2015-03-29 17:02 - 00144792 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2015-03-29 17:02 - 2015-03-29 17:02 - 00144792 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2015-03-29 17:02 - 2015-03-29 17:02 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-29 17:00 - 2015-03-29 17:00 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Kodak Alaris Inc
2015-03-29 16:56 - 2015-03-29 17:00 - 171695608 _____ (Kodak Alaris Inc.) C:\Users\Andy\Downloads\MyPhotoCreationInstaller.exe
2015-03-27 19:13 - 2015-03-27 19:13 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClockworkMod
2015-03-27 19:13 - 2015-03-27 19:13 - 00000000 ____D () C:\Program Files (x86)\ClockworkMod
2015-03-27 19:11 - 2015-03-27 19:11 - 01203488 _____ () C:\Users\Andy\Downloads\Helium Backup Desktop Client - CHIP-Installer.exe
2015-03-26 11:10 - 2015-03-26 12:32 - 00000000 ____D () C:\Users\Andy\Documents\Bachelor
2015-03-26 11:02 - 2015-04-09 11:51 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Foxit Software
2015-03-26 11:02 - 2015-03-26 11:02 - 00000000 ____D () C:\Users\Public\Foxit Software
2015-03-26 11:02 - 2015-03-26 11:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-03-26 11:01 - 2015-03-26 11:01 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2015-03-26 10:58 - 2015-03-26 10:59 - 38371256 _____ (Foxit Software Inc. ) C:\Users\Andy\Downloads\FoxitReader713.0320_enu_Setup.exe
2015-03-24 19:21 - 2015-03-24 19:21 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\AVAST Software
2015-03-24 19:20 - 2015-03-24 19:23 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-03-24 19:20 - 2015-03-24 19:23 - 00000000 ____D () C:\Windows\system32\vbox
2015-03-24 19:20 - 2015-03-24 19:20 - 00001924 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-03-24 19:20 - 2015-03-24 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-03-24 19:19 - 2015-04-08 21:18 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-24 19:19 - 2015-03-24 19:19 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-03-24 19:19 - 2015-03-24 19:19 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-03-24 19:19 - 2015-03-24 19:19 - 00271200 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-03-24 19:19 - 2015-03-24 19:19 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-03-24 19:19 - 2015-03-24 19:19 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-03-24 19:19 - 2015-03-24 19:19 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-03-24 19:19 - 2015-03-24 19:19 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-03-24 19:19 - 2015-03-24 19:19 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-03-24 19:19 - 2015-03-24 19:19 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-03-24 19:19 - 2015-03-24 19:18 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-03-24 19:18 - 2015-03-24 19:18 - 00000000 ____D () C:\Program Files\AVAST Software
2015-03-24 19:16 - 2015-03-24 19:16 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-03-24 19:12 - 2015-03-24 19:15 - 150062624 _____ (Avast Software s.r.o.) C:\Users\Andy\Downloads\avast_free_antivirus_setup_10.2.2215.exe
2015-03-24 16:23 - 2015-03-24 16:23 - 00002470 _____ () C:\Users\Public\Desktop\Norton Identity Safe.lnk
2015-03-22 12:27 - 2015-04-03 12:15 - 00000102 _____ () C:\Users\Andy\Documents\wsr2015.txt
2015-03-22 12:27 - 2015-03-22 12:28 - 00003724 _____ () C:\Users\Andy\Documents\wsrp2015-agent.txt
2015-03-22 12:27 - 2015-03-22 12:27 - 00001090 _____ () C:\Users\Public\Desktop\Web Stream Recorder.lnk
2015-03-22 12:27 - 2015-03-22 12:27 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Bolide(R) Software
2015-03-22 12:27 - 2015-03-22 12:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Web Stream Recorder
2015-03-22 12:27 - 2015-03-22 12:27 - 00000000 ____D () C:\Program Files (x86)\Web Stream Recorder
2015-03-21 16:37 - 2015-03-22 10:36 - 00000000 ____D () C:\Users\Andy\AppData\Local\{0029BE20-1A47-4804-8F4E-77BFDCE0E069}
2015-03-21 14:22 - 2015-04-07 10:07 - 00000000 ____D () C:\Users\Andy\Desktop\Phone
2015-03-18 12:22 - 2015-03-18 12:22 - 01776128 _____ (Evaer Technology) C:\Windows\SysWOW64\h264enc.ax
2015-03-15 19:11 - 2015-03-15 19:11 - 00000000 ____D () C:\Users\Andy\Tracing
2015-03-15 14:53 - 2015-03-15 14:53 - 00001997 _____ () C:\Users\Andy\Desktop\FOTOParadies.lnk
2015-03-15 14:53 - 2015-03-15 14:53 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FOTOParadies
2015-03-15 14:52 - 2015-03-15 14:54 - 00000000 ____D () C:\Program Files (x86)\FOTOParadies
2015-03-15 14:45 - 2015-03-15 14:51 - 302013112 _____ (Foto Online Service GmbH ) C:\Users\Andy\Downloads\FotoParadiesSetup.exe
2015-03-13 11:06 - 2015-04-10 11:43 - 00000000 ____D () C:\Users\Andy\AppData\Local\CrashDumps
2015-03-13 10:52 - 2015-03-13 10:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-03-11 19:37 - 2015-01-09 01:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-03-11 19:37 - 2015-01-09 01:43 - 00419936 _____ () C:\Windows\system32\locale.nls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-10 15:39 - 2015-02-03 10:45 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3352751941-3298559708-1207771804-1001UA.job
2015-04-10 13:37 - 2015-01-15 08:07 - 01158022 _____ () C:\Windows\WindowsUpdate.log
2015-04-10 11:33 - 2015-01-24 23:29 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-10 11:33 - 2015-01-24 23:29 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-10 11:33 - 2015-01-24 23:25 - 00000000 ____D () C:\Users\Andy\AppData\Local\Adobe
2015-04-10 09:49 - 2015-01-15 11:38 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Skype
2015-04-10 08:45 - 2009-07-14 06:51 - 00076305 _____ () C:\Windows\setupact.log
2015-04-10 06:00 - 2015-02-03 10:45 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3352751941-3298559708-1207771804-1001Core.job
2015-04-09 18:24 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-09 18:24 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-09 18:20 - 2011-03-17 13:52 - 00726180 _____ () C:\Windows\system32\perfh019.dat
2015-04-09 18:20 - 2011-03-17 13:52 - 00153304 _____ () C:\Windows\system32\perfc019.dat
2015-04-09 18:20 - 2011-02-19 07:02 - 00394440 _____ () C:\Windows\system32\perfh00D.dat
2015-04-09 18:20 - 2011-02-19 07:02 - 00087724 _____ () C:\Windows\system32\perfc00D.dat
2015-04-09 18:20 - 2011-02-19 06:56 - 00608332 _____ () C:\Windows\system32\perfh008.dat
2015-04-09 18:20 - 2011-02-19 06:56 - 00113816 _____ () C:\Windows\system32\perfc008.dat
2015-04-09 18:20 - 2011-02-19 06:51 - 00411314 _____ () C:\Windows\system32\prfh0404.dat
2015-04-09 18:20 - 2011-02-19 06:51 - 00125018 _____ () C:\Windows\system32\prfc0404.dat
2015-04-09 18:20 - 2011-02-19 06:45 - 00730648 _____ () C:\Windows\system32\prfh0816.dat
2015-04-09 18:20 - 2011-02-19 06:45 - 00155712 _____ () C:\Windows\system32\prfc0816.dat
2015-04-09 18:20 - 2011-02-19 06:40 - 00744826 _____ () C:\Windows\system32\perfh013.dat
2015-04-09 18:20 - 2011-02-19 06:40 - 00155740 _____ () C:\Windows\system32\perfc013.dat
2015-04-09 18:20 - 2011-02-19 06:35 - 00741648 _____ () C:\Windows\system32\perfh010.dat
2015-04-09 18:20 - 2011-02-19 06:35 - 00149612 _____ () C:\Windows\system32\perfc010.dat
2015-04-09 18:20 - 2011-02-19 06:29 - 00747112 _____ () C:\Windows\system32\perfh00C.dat
2015-04-09 18:20 - 2011-02-19 06:29 - 00152116 _____ () C:\Windows\system32\perfc00C.dat
2015-04-09 18:20 - 2011-02-19 06:24 - 00708726 _____ () C:\Windows\system32\perfh007.dat
2015-04-09 18:20 - 2011-02-19 06:24 - 00152072 _____ () C:\Windows\system32\perfc007.dat
2015-04-09 18:20 - 2011-02-19 06:19 - 00746956 _____ () C:\Windows\system32\perfh00A.dat
2015-04-09 18:20 - 2011-02-19 06:19 - 00161148 _____ () C:\Windows\system32\perfc00A.dat
2015-04-09 18:20 - 2009-07-14 07:13 - 08743348 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-09 18:17 - 2015-01-15 10:41 - 00000000 ___HD () C:\ASUS.DAT
2015-04-09 18:14 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-09 18:13 - 2015-01-27 10:18 - 00000000 ____D () C:\Windows\Minidump
2015-04-09 18:13 - 2015-01-27 09:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-07 13:27 - 2015-01-15 20:33 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\vlc
2015-04-07 07:47 - 2015-01-15 11:32 - 08579870 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-05 13:44 - 2015-01-15 08:28 - 00002318 _____ () C:\Windows\system32\AutoRunFilter.ini
2015-04-05 13:43 - 2011-04-13 03:39 - 01950790 _____ () C:\Windows\PFRO.log
2015-04-03 14:43 - 2015-02-03 11:35 - 00000000 ____D () C:\Users\Andy\.gimp-2.8
2015-04-03 14:20 - 2015-02-03 11:45 - 00000000 ____D () C:\Users\Andy\AppData\Local\gtk-2.0
2015-03-30 14:48 - 2015-01-15 08:28 - 00001356 _____ () C:\Windows\system32\ServiceFilter.ini
2015-03-30 14:44 - 2015-01-15 11:33 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\SoftGrid Client
2015-03-29 19:42 - 2015-01-15 10:41 - 00000000 ____D () C:\Users\Andy
2015-03-29 15:26 - 2015-01-15 10:43 - 00000000 ____D () C:\Users\Andy\Documents\Bluetooth Folder
2015-03-26 10:55 - 2015-02-08 15:26 - 00000000 ____D () C:\Program Files (x86)\PDF24
2015-03-25 14:09 - 2015-02-08 15:06 - 00000000 ____D () C:\Users\Andy\Documents\Bewerbung
2015-03-24 23:02 - 2015-01-15 19:16 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Identity Safe
2015-03-24 19:23 - 2011-04-13 04:51 - 00000000 ____D () C:\ProgramData\Trend Micro
2015-03-24 19:20 - 2015-02-20 16:36 - 00000000 ____D () C:\Users\Andy\AppData\Local\Trend Micro
2015-03-24 19:20 - 2009-07-29 07:10 - 00000000 ____D () C:\Users\Administrator
2015-03-24 16:23 - 2015-01-15 10:59 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe
2015-03-24 16:23 - 2015-01-15 10:59 - 00000000 ____D () C:\Windows\system32\Drivers\NSTx64
2015-03-24 16:23 - 2015-01-15 10:59 - 00000000 ____D () C:\ProgramData\NCOTEMP
2015-03-15 19:10 - 2015-01-15 11:38 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-15 19:10 - 2015-01-15 11:38 - 00000000 ____D () C:\ProgramData\Skype
2015-03-12 15:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-03-12 10:25 - 2015-01-15 10:41 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2015-03-12 08:47 - 2009-07-14 06:45 - 00278064 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 08:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2015-03-12 08:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-12 08:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 11:22 - 2015-01-22 13:02 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-11 11:22 - 2015-01-22 13:02 - 00000000 ____D () C:\Windows\system32\MRT

==================== Files in the root of some directories =======

2015-02-20 17:18 - 2015-02-20 17:18 - 0000036 _____ () C:\Users\Andy\AppData\Local\housecall.guid.cache
2015-04-03 14:20 - 2015-04-03 14:20 - 0001485 _____ () C:\Users\Andy\AppData\Local\recently-used.xbel
2015-01-18 20:16 - 2015-01-18 20:16 - 0007606 _____ () C:\Users\Andy\AppData\Local\Resmon.ResmonCfg
2015-04-05 13:15 - 2015-04-05 13:16 - 0000009 _____ () C:\Users\Andy\AppData\Local\~wmrg
2011-04-13 04:48 - 2010-07-07 01:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2015-01-15 08:39 - 2015-01-15 08:39 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2015-01-15 08:41 - 2015-01-15 08:42 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2015-01-15 08:41 - 2015-01-15 08:41 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2015-01-15 08:35 - 2015-01-15 08:38 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2015-01-15 08:38 - 2015-01-15 08:39 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
2015-01-15 08:34 - 2015-01-15 08:35 - 0000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log

Some content of TEMP:
====================
C:\Users\Andy\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-12 15:36

==================== End Of Log ============================
         

--- --- ---

--- --- ---

--- --- ---

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Andy at 2015-04-10 15:44:41
Running from C:\Users\Andy\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.1.85.3 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{878CADF7-5BD6-4A29-A6F4-AC51C0CE8068}) (Version: 1.8.17.26026 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.8.17.26026 - Alcor Micro Corp.) Hidden
ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E}) (Version: 1.0.13 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.1.0 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.21 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.44 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0031 - ASUS)
ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4710 - CyberLink Corp.)
ASUS Video Magic (x32 Version: 6.0.4710 - CyberLink Corp.) Hidden
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.84.161 - eCareme Technologies, Inc.)
ASUS_Screensaver (HKLM-x32\...\ASUS_Screensaver) (Version:  - )
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.4.617 - ASUSTEK)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0008 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2215 - AVAST Software)
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)
Bookworm Deluxe (HKLM-x32\...\Bookworm Deluxe) (Version:  - Oberon Media Inc.)
Camtasia Studio 8 (HKLM-x32\...\{645B4291-26F6-4AE0-859A-C1FDD7407143}) (Version: 8.5.1.1962 - TechSmith Corporation)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Cooking Dash (HKLM-x32\...\Cooking Dash) (Version:  - Oberon Media Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.0.1123_32710 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3327 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2312.52 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ETDWare PS/2-x64 7.0.5.16_WHQL (HKLM\...\Elantech) (Version: 7.0.5.16 - ELAN Microelectronics Corp.)
Evaer Video Recorder for Skype 1.6.2.81 (HKLM-x32\...\Evaer Video Recorder for Skype) (Version: 1.6.2.81 - Evaer Technology)
ExpressGate Cloud (HKLM-x32\...\InstallShield_{499DED08-6FA8-4749-8E94-8526CC9D1CA8}) (Version: 2.1.88.405 - Asus)
ExpressGate Cloud (x32 Version: 2.1.88.405 - Asus) Hidden
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
FOTOParadies (HKLM-x32\...\{FD838798-E2CB-45FA-AF79-6011519031E2}}_is1) (Version: 3.5.9.45 - Foto Online Service GmbH)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.9.59.323 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.1.3.320 - Foxit Software Inc.)
Fresco Logic USB3.0 Host Controller (HKLM\...\{5B9F1BB4-4C06-41E8-877D-B458742B0D0A}) (Version: 3.0.116.3 - Fresco Logic Inc.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Park Console (HKLM-x32\...\{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1) (Version: 6.2.1.1 - Oberon Media, Inc.)
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.33.000 - Runtime Software)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google+ Auto Backup (HKU\S-1-5-21-3352751941-3298559708-1207771804-1001\...\Google+ Auto Backup) (Version: 1.0.27.161 - Google, Inc.)
Governor of Poker (HKLM-x32\...\Governor of Poker) (Version:  - Oberon Media Inc.)
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
Hotel Dash Suite Success (HKLM-x32\...\Hotel Dash Suite Success) (Version:  - Oberon Media Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2405 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java(TM) 6 Update 12 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216012FF}) (Version: 6.0.120 - Sun Microsystems, Inc.)
Jewel Quest 3 (HKLM-x32\...\Jewel Quest 3) (Version:  - Oberon Media Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KODAK Create@Home Software (für dm) (HKLM-x32\...\{651375AA-9819-419A-A217-C08385E149C2}) (Version: 8.3.0392 - Kodak Alaris Inc.)
Luxor 3 (HKLM-x32\...\Luxor 3) (Version:  - Oberon Media Inc.)
Mahjongg dimensions (HKLM-x32\...\Mahjongg dimensions) (Version:  - Oberon Media Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.11.42 - Symantec Corporation)
NVIDIA Graphics Driver 267.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.54 - NVIDIA Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs Zombies (HKLM-x32\...\Plants vs Zombies) (Version:  - Oberon Media Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6334 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.4.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
SonicMaster (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.00.0000 - Virage Logic, Corp.)
Startfenster (HKLM-x32\...\Startfenster) (Version:  - Startfenster)
syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables)
USB2.0 UVC 2M WebCam (HKLM\...\USB2.0 UVC 2M WebCam) (Version: 5.8.55133.207 - Sonix)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Web Stream Recorder (HKLM-x32\...\{8AAD9D0F-567C-4F8C-A0DA-1AB5B1243F68}_is1) (Version: 2015 - Bolide Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.1 - ASUS)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)
WM Recorder (HKLM-x32\...\WM Recorder14.15.2.0) (Version: 14.15.2.0 - AllAlex, Inc)
World of Goo (HKLM-x32\...\World of Goo) (Version:  - Oberon Media Inc.)
Xvid MPEG-4 Video Codec (HKLM-x32\...\xvid) (Version:  - Xvid Development Team)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3352751941-3298559708-1207771804-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Andy\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3352751941-3298559708-1207771804-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Andy\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3352751941-3298559708-1207771804-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Andy\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)

==================== Restore Points  =========================

22-03-2015 18:07:32 Windows-Sicherung
22-03-2015 20:00:57 Windows-Sicherung
24-03-2015 19:17:40 avast! antivirus system restore point
26-03-2015 10:42:34 Removed Nuance PDF Reader.
26-03-2015 10:50:54 Removed Nuance PDF Reader.
27-03-2015 19:12:54 Installed Helium
29-03-2015 17:01:26 Installed Java(TM) 6 Update 12
29-03-2015 17:03:44 Installed KODAK Create@Home Software (für dm)
29-03-2015 19:00:48 Windows-Sicherung
05-04-2015 11:39:45 Windows Update
05-04-2015 13:26:24 Windows Update
05-04-2015 13:31:54 Camtasia Studio 8 wird installiert
06-04-2015 19:45:28 Windows Update
07-04-2015 07:38:43 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {07A3DE5E-9B09-4F48-A1AF-4D1F212C6157} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {097E5CB2-79F3-466C-ADCF-6EC46A1430DF} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2011-03-07] (ASUS)
Task: {0ED17055-AB86-4BEC-95AB-3D800D94FA5D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-03-24] (Avast Software s.r.o.)
Task: {26DF3C5B-EAAB-408E-9F5F-8445004A664F} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {3E9BE610-0606-415B-9DD5-74302B25F05F} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2010-11-24] (CyberLink)
Task: {59F2537A-33C8-44CD-BA7F-E449B3F418AF} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {636B9E00-A46D-4064-8214-A687CE33895A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {719CEE1F-314F-4EAA-9742-72699E1A4ED2} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {74BBF9CD-143B-4DE2-B70D-CFB1E4D75AE3} - System32\Tasks\AIRecoveryRemind => C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe [2010-12-18] (ASUSTek Computer Inc.)
Task: {75B96C51-7275-4637-9F7D-8615F5AEC705} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-18] (ASUS)
Task: {769B7C04-9079-456C-A08B-5315356636DF} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {8BB1B174-8E41-4A7C-9F51-B3D1B7DDFC72} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3352751941-3298559708-1207771804-1001Core => C:\Users\Andy\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)
Task: {91765A0E-D0A8-4330-81F5-93B028EEB941} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3352751941-3298559708-1207771804-1001UA => C:\Users\Andy\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)
Task: {962CF1FC-7EE4-4A15-AC66-C239A6D2DD16} - System32\Tasks\ASUS Patch 10430001 => C:\Windows\AsPatch10430001.exe [2010-07-29] ()
Task: {B5ABB124-25CE-4896-8A6E-43A056FAC00C} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {C67B7ABA-365D-4D13-B532-20DFA860C831} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {CEF20EDF-D511-484F-A641-D6026F8910C2} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {D61A4ED2-D998-4DFB-8904-626B6F4C566A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3352751941-3298559708-1207771804-1001Core.job => C:\Users\Andy\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3352751941-3298559708-1207771804-1001UA.job => C:\Users\Andy\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2010-08-21 04:47 - 2010-08-21 04:47 - 00077312 _____ () C:\ExpressGateUtil\VAWinService.exe
2010-07-15 02:11 - 2010-07-15 02:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2010-04-03 05:21 - 2008-10-01 09:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2015-01-15 08:28 - 2007-11-30 21:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2015-01-15 08:38 - 2009-04-17 12:01 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2011-07-12 05:29 - 2011-05-24 02:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-09-24 02:53 - 2010-09-24 02:53 - 01601536 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2010-08-13 03:52 - 2010-08-13 03:52 - 00021504 _____ () C:\ExpressGateUtil\VAWinAgent.exe
2010-02-28 03:33 - 2010-02-28 03:33 - 00077664 _____ () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
2015-03-24 19:19 - 2015-03-24 19:19 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-24 19:19 - 2015-03-24 19:19 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-04-09 12:51 - 2015-04-09 12:51 - 02925056 _____ () C:\Program Files\AVAST Software\Avast\defs\15040900\algo.dll
2015-04-09 22:16 - 2015-04-09 22:16 - 02925568 _____ () C:\Program Files\AVAST Software\Avast\defs\15040901\algo.dll
2015-04-10 15:40 - 2015-04-10 15:40 - 02925568 _____ () C:\Program Files\AVAST Software\Avast\defs\15041000\algo.dll
2010-08-13 03:52 - 2010-08-13 03:52 - 00151552 _____ () C:\ExpressGateUtil\libexpat.dll
2010-08-13 03:52 - 2010-08-13 03:52 - 00057344 _____ () C:\ExpressGateUtil\netProfileDatabase.DLL
2009-11-03 00:20 - 2009-11-03 00:20 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-03 00:23 - 2009-11-03 00:23 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2015-03-24 19:19 - 2015-03-24 19:19 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-03-22 15:51 - 2013-03-22 15:51 - 00060928 _____ () C:\Program Files (x86)\Evaer\CrashRpt1300.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3352751941-3298559708-1207771804-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

==================== Accounts: =============================

Administrator (S-1-5-21-3352751941-3298559708-1207771804-500 - Administrator - Disabled)
Andy (S-1-5-21-3352751941-3298559708-1207771804-1001 - Administrator - Enabled) => C:\Users\Andy
Gast (S-1-5-21-3352751941-3298559708-1207771804-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3352751941-3298559708-1207771804-1003 - Limited - Enabled)
UpdatusUser (S-1-5-21-3352751941-3298559708-1207771804-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/10/2015 01:29:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 11.3.2015.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1b74

Startzeit: 01d0737ef0310db6

Endzeit: 60000

Anwendungspfad: C:\Users\Andy\Downloads\FRST64.exe

Berichts-ID: 9df63981-df74-11e4-aa80-0008ca265186

Error: (04/10/2015 11:43:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 37.0.1.5570, Zeitstempel: 0x551e23ee
Name des fehlerhaften Moduls: mozalloc.dll, Version: 37.0.1.5570, Zeitstempel: 0x551e1536
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x17d4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (04/10/2015 11:43:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 37.0.1.5570, Zeitstempel: 0x551e23ee
Name des fehlerhaften Moduls: mozalloc.dll, Version: 37.0.1.5570, Zeitstempel: 0x551e1536
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x1d3c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (04/10/2015 11:43:45 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 37.0.1.5570 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 16a8

Startzeit: 01d072e0f3139697

Endzeit: 10

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID:

Error: (04/07/2015 07:58:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 37.0.1.5570, Zeitstempel: 0x551e23ee
Name des fehlerhaften Moduls: mozalloc.dll, Version: 37.0.1.5570, Zeitstempel: 0x551e1536
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x1938
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (04/07/2015 07:58:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 37.0.1.5570 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1168

Startzeit: 01d0714e4ec441ba

Endzeit: 16

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID:

Error: (04/07/2015 06:17:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 37.0.1.5570, Zeitstempel: 0x551e23ee
Name des fehlerhaften Moduls: mozalloc.dll, Version: 37.0.1.5570, Zeitstempel: 0x551e1536
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x22c8
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (04/07/2015 08:07:34 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80070005

Error: (04/07/2015 07:54:17 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: loadmxf, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil . Error code = 0x80070005

Error: (04/07/2015 07:50:14 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80070005


System errors:
=============
Error: (04/09/2015 06:14:07 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000009f (0x0000000000000003, 0xfffffa800be0ca00, 0xfffff80000ba0748, 0xfffffa800f6b2010)C:\Windows\MEMORY.DMP040915-45599-01

Error: (04/09/2015 05:41:46 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (04/09/2015 09:11:45 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/09/2015 09:11:45 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/09/2015 09:11:45 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/07/2015 10:30:21 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.

Error: (04/07/2015 10:30:21 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.

Error: (04/07/2015 10:30:21 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.

Error: (04/07/2015 10:30:21 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.

Error: (04/07/2015 10:30:21 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.


Microsoft Office Sessions:
=========================
Error: (04/10/2015 01:29:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe11.3.2015.01b7401d0737ef0310db660000C:\Users\Andy\Downloads\FRST64.exe9df63981-df74-11e4-aa80-0008ca265186

Error: (04/10/2015 11:43:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.1.5570551e23eemozalloc.dll37.0.1.5570551e15368000000300001aa117d401d072fc8fb6bb4cC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll163fc77b-df66-11e4-aa80-0008ca265186

Error: (04/10/2015 11:43:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.1.5570551e23eemozalloc.dll37.0.1.5570551e15368000000300001aa11d3c01d073724eda03ddC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll1446b66d-df66-11e4-aa80-0008ca265186

Error: (04/10/2015 11:43:45 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe37.0.1.557016a801d072e0f313969710C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Error: (04/07/2015 07:58:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.1.5570551e23eemozalloc.dll37.0.1.5570551e15368000000300001aa1193801d0714e669ef3fbC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllaa82671a-dd4f-11e4-995b-0008ca265186

Error: (04/07/2015 07:58:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe37.0.1.5570116801d0714e4ec441ba16C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Error: (04/07/2015 06:17:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.1.5570551e23eemozalloc.dll37.0.1.5570551e15368000000300001aa122c801d06fd4b963295fC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll895b1071-dd41-11e4-995b-0008ca265186

Error: (04/07/2015 08:07:34 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80070005 
System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a

Error: (04/07/2015 07:54:17 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: loadmxf, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil . Error code = 0x80070005 
loadmxf, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil

Error: (04/07/2015 07:50:14 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80070005 
System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 29%
Total physical RAM: 8097.06 MB
Available physical RAM: 5727.53 MB
Total Pagefile: 16192.31 MB
Available Pagefile: 13655.46 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:100 GB) (Free:2.07 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:340.76 GB) (Free:256.19 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: FDC62D88)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=340.8 GB) - (Type=OF Extended)

==================== End Of Log ============================
         

Das sind die Logfiles, hoffe das passt so. Beim ersten Versuch hat sich auch das Programm aufgehängt, danach hats geklappt.

Downloade Dir bitte Malwarebytes Anti-Malware

• Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
• Starte Malwarebytes' Anti-Malware (MBAM).
• Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
• Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
• Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
• Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
• Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
• Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

• Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
• Drücke eine beliebige Taste, um das Tool zu starten.
• Je nach System kann der Scan eine Weile dauern.
• Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
• Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

So, habe mittlerweile alles durch, wie du gesagt hast. Hier sind die Logfiles (mbam in zwei Teilen).

Code: Alles auswählenAufklappen

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 12.04.2015
Suchlauf-Zeit: 10:26:20
Logdatei: Log mbam.txt
Administrator: Ja

Version: 2.01.4.1018
Malware Datenbank: v2015.04.11.08
Rootkit Datenbank: v2015.03.31.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Andy

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 424136
Verstrichene Zeit: 11 Min, 42 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 4
PUP.Optional.Protect, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 7080, Löschen bei Neustart, [1c38a5c6078376c0c244886baa5b7d83]
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ProtectService.exe, 8048, Löschen bei Neustart, [e66e7dee5931ba7c96b424ef1de5629e]
PUP.Optional.SearchProtect, C:\Program Files (x86)\XTab\CmdShell.exe, 1944, Löschen bei Neustart, [58fcbead2367d6608088aa49f510fb05]
PUP.Optional.ELEX, C:\Program Files (x86)\XTab\HPNotify.exe, 8376, Löschen bei Neustart, [5df714577812b97d0143f73d5da52cd4]

Module: 9
PUP.Optional.SearchProtect, C:\Program Files (x86)\XTab\BrowserAction.dll, Löschen bei Neustart, [4a0a4d1e91f9b3836d6c2e15e31f3ac6], 
PUP.Optional.SearchProtect, C:\Program Files (x86)\XTab\IeWatchDog.dll, Löschen bei Neustart, [55ff214a8efcca6c14f3f4ff8d78fa06], 
PUP.Optional.BrowserWatch, C:\Program Files (x86)\XTab\BrowerWatchFF.dll, Löschen bei Neustart, [eb69f9725c2eec4abaeef57a718f619f], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, Löschen bei Neustart, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, Löschen bei Neustart, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, Löschen bei Neustart, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, Löschen bei Neustart, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, Löschen bei Neustart, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, Löschen bei Neustart, [361eb1bad9b154e2dfef309d3dc68e72], 

Registrierungsschlüssel: 18
PUP.Optional.Protect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, In Quarantäne, [1c38a5c6078376c0c244886baa5b7d83], 
PUP.Optional.XTab.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IHProtect Service, In Quarantäne, [e66e7dee5931ba7c96b424ef1de5629e], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [76def873fe8c57df41b63e0017ec47b9], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [76def873fe8c57df41b63e0017ec47b9], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [76def873fe8c57df41b63e0017ec47b9], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [76def873fe8c57df41b63e0017ec47b9], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [76def873fe8c57df41b63e0017ec47b9], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [76def873fe8c57df41b63e0017ec47b9], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [76def873fe8c57df41b63e0017ec47b9], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [76def873fe8c57df41b63e0017ec47b9], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [76def873fe8c57df41b63e0017ec47b9], 
PUP.Optional.IHProtect.A, HKLM\SOFTWARE\WOW6432NODE\IHProtect, In Quarantäne, [2232d7940486b482923b9b3259aa3dc3], 
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\istartsurfSoftware, In Quarantäne, [c3912a41a5e51026047ddc08ab58f60a], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, In Quarantäne, [df75cba02c5ea5915494736fa06317e9], 
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, In Quarantäne, [6be91556f09a40f6a4da5f7917ec7888], 
PUP.Optional.BoBrowser.A, HKU\S-1-5-21-3352751941-3298559708-1207771804-1001\SOFTWARE\BoBrowser, In Quarantäne, [3b19adbecbbf3ef8c9c58745ec1742be], 
PUP.Optional.IStart.A, HKU\S-1-5-21-3352751941-3298559708-1207771804-1001\SOFTWARE\MOZILLA\EXTENDS, In Quarantäne, [f1635615b9d173c3beea11b2c93a748c], 
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\istartsurf uninstall, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 

Registrierungswerte: 13
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, hxxp://www.istartsurf.com/web/?type=ds&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733&q={searchTerms}, In Quarantäne, [b3a1de8d4b3fab8b13de96bc44c138c8]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, hxxp://www.istartsurf.com/web/?type=ds&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733&q={searchTerms}, In Quarantäne, [60f4a2c9cac043f3a44d232f72931ee2]
PUP.Optional.SearchEngine.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|searchengine@gmail.com, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\searchengine@gmail.com, In Quarantäne, [2d27cba0a0ea3df90e63db7556af619f]
PUP.Optional.IStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|istart_ffnt@gmail.com, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com, In Quarantäne, [3c180f5caae09e9846a614ae24dfe21e]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, smt, In Quarantäne, [df75cba02c5ea5915494736fa06317e9]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3352751941-3298559708-1207771804-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733&ts=1428779918&type=default&q={searchTerms}, In Quarantäne, [064e0e5ddab01d1948a83b17d332827e]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3352751941-3298559708-1207771804-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|URL, hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733&ts=1428779918&type=default&q={searchTerms}, In Quarantäne, [8cc886e55535290dcc24cb87a4619c64]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3352751941-3298559708-1207771804-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|FaviconURL, hxxp://www.istartsurf.com//favicon.ico, In Quarantäne, [2e266803aedc6cca50a0f55d986d8080]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3352751941-3298559708-1207771804-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733&ts=1428779918&type=default&q={searchTerms}, In Quarantäne, [96be4d1e3654f04619d767eb13f2e11f]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3352751941-3298559708-1207771804-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|TopResultURL, hxxp://www.istartsurf.com/web/?type=ds&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733&q={searchTerms}, In Quarantäne, [f75d5714b9d18ea8cb25a3afe124a25e]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3352751941-3298559708-1207771804-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}|URL, hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733&ts=1428779918&type=default&q={searchTerms}, In Quarantäne, [59fbe883d5b572c4fdf359f94bbaa957]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3352751941-3298559708-1207771804-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}|URL, hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733&ts=1428779918&type=default&q={searchTerms}, In Quarantäne, [69ebc4a73b4f270fe30d163c15f037c9]
PUP.Optional.IStart.A, HKU\S-1-5-21-3352751941-3298559708-1207771804-1001\SOFTWARE\MOZILLA\EXTENDS|appid, istart_ffnt@gmail.com, In Quarantäne, [f1635615b9d173c3beea11b2c93a748c]

Registrierungsdaten: 16
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.istartsurf.com/?type=sc&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733, Gut: (firefox.exe), Schlecht: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.istartsurf.com/?type=sc&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733),Ersetzt,[82d2b4b78ffb81b5d2a84fa753b245bb]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733),Ersetzt,[80d41754addd280e2259906680856898]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.istartsurf.com/web/?type=ds&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733&q={searchTerms}),Ersetzt,[2d275f0cacded363ab53c72df90cd52b]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.istartsurf.com/?type=hp&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hp&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733),Ersetzt,[57fdfb7018722115c03e936124e1cb35]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.istartsurf.com/?type=hp&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hp&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733),Ersetzt,[90c4caa1ec9e7eb811edfdf7b451857b]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.istartsurf.com/web/?type=ds&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733&q={searchTerms}),Ersetzt,[63f1b2b9f99188ae25d9569e8d7838c8]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[411379f27218b77fd41c8b75e521e818]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.istartsurf.com/?type=sc&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733, Gut: (firefox.exe), Schlecht: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.istartsurf.com/?type=sc&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733),Ersetzt,[5ef6df8c246664d274061fd734d1fd03]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733),Ersetzt,[8acaaebd622859dddaa123d30401c53b]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.istartsurf.com/web/?type=ds&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733&q={searchTerms}),Ersetzt,[1e367deed0ba8caac03ed91bdf26ee12]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.istartsurf.com/?type=hp&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hp&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733),Ersetzt,[e1734229e0aab58148b6ae467e8721df]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.istartsurf.com/?type=hp&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hp&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733),Ersetzt,[62f216551b6f082e2ed053a10203bf41]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.istartsurf.com/web/?type=ds&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733&q={searchTerms}),Ersetzt,[f85c77f405856bcb55a9ba3a3acbee12]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[9eb6b7b4becc91a5826e04fce02649b7]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3352751941-3298559708-1207771804-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.istartsurf.com/?type=hp&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hp&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733),Ersetzt,[3024e883e4a61b1b6795b44006ffc937]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3352751941-3298559708-1207771804-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.istartsurf.com/?type=hp&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hp&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733),Ersetzt,[252fb9b2b3d780b6e913be3648bd7789]

Ordner: 166
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab, Löschen bei Neustart, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\image, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\en-US, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-419, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-ES, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-BE, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CA, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CH, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-FR, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-LU, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-CH, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-IT, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pl, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt-BR, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru-MO, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\tr-TR, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\vi-VI, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-CN, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-TW, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Löschen bei Neustart, [fc5878f37f0bc472a016702c14ef47b9], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, In Quarantäne, [fc5878f37f0bc472a016702c14ef47b9], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\images, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\images\code, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Installer, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\PepperFlash, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\VisualElements, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Extension Settings, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Extension Settings\ebpeonjdeofpjegbdiibbdjlgfohngee, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Extension Settings\gfmdmibgfbecppaeocifplgmepgcpcbi, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\databases, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\databases\chrome-extension_ebpeonjdeofpjegbdiibbdjlgfohngee_0, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extension Rules, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extension State, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\scripts, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\scripts\libs, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\styles, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\styles\fonts, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\views, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\_locales, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\_locales\de, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\_locales\en, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\_locales\es, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\_locales\fr, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\_locales\it, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\_locales\pt, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\_locales\tr, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\userCode, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\icons, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\icons\actions, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\api, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\popupResource, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\css, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\img, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\background, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\content, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\libs, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\tools, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\views, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\_locales, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\_locales\de, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\_locales\en, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\_locales\es, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\_locales\fr, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\_locales\it, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\_locales\pt, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\_locales\tr, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\pdlpmjkeahlbfeiclkokomifjfnkghpg, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\pdlpmjkeahlbfeiclkokomifjfnkghpg\1.0.0.9393_0, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\pdlpmjkeahlbfeiclkokomifjfnkghpg\1.0.0.9393_0\scripts, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\GPUCache, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Icons, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\JumpListIcons, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Storage, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Pepper Data, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Pepper Data\Shockwave Flash, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\MGKATZ8S, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUK2SHYU, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUK2SHYU\cdncache-a.akamaihd.net, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUK2SHYU\cdncache-a.akamaihd.net\items, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUK2SHYU\cdncache-a.akamaihd.net\items\e6a00, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUK2SHYU\cdncache-a.akamaihd.net\items\e6a00\storage.swf, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUK2SHYU\macromedia.com, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUK2SHYU\macromedia.com\support, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUK2SHYU\macromedia.com\support\flashplayer, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUK2SHYU\macromedia.com\support\flashplayer\sys, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUK2SHYU\macromedia.com\support\flashplayer\sys\#cdncache-a.akamaihd.net, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Session Storage, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Storage, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Storage\ext, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Storage\ext\cfonhidlapoahmcjpnilgpjjmgnmnnoa, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Storage\ext\cfonhidlapoahmcjpnilgpjjmgnmnnoa\def, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Storage\ext\cfonhidlapoahmcjpnilgpjjmgnmnnoa\def\GPUCache, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\EVWhitelist, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\pnacl, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate, In Quarantäne, [292b7eed8208eb4b4c017f346b980cf4], 
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update, In Quarantäne, [292b7eed8208eb4b4c017f346b980cf4], 
PUP.Optional.SearchEngine.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\searchengine@gmail.com, In Quarantäne, [31236506721872c4caaa5e59798a728e], 
PUP.Optional.SearchEngine.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\searchengine@gmail.com\chrome, In Quarantäne, [31236506721872c4caaa5e59798a728e], 
PUP.Optional.SearchEngine.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\searchengine@gmail.com\chrome\content, In Quarantäne, [31236506721872c4caaa5e59798a728e], 
PUP.Optional.SearchEngine.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\searchengine@gmail.com\chrome\skin, In Quarantäne, [31236506721872c4caaa5e59798a728e], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\include, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\include\tools, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js\lib, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js\module, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js\pack, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\en, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\en-US, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\es, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\es-419, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-BE, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-CA, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-CH, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-LU, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\it, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\it-CH, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\pl, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\pt-BR, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\ru, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\ru-MO, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\tr, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\vi, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\zh-CN, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\zh-TW, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\skin, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\defaults, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\defaults\preferences, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\modules, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\updateinfo, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 

Dateien: 555
PUP.Optional.Protect, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Löschen bei Neustart, [1c38a5c6078376c0c244886baa5b7d83], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ProtectService.exe, Löschen bei Neustart, [e66e7dee5931ba7c96b424ef1de5629e], 
PUP.Optional.SearchProtect, C:\Program Files (x86)\XTab\CmdShell.exe, Löschen bei Neustart, [58fcbead2367d6608088aa49f510fb05], 
PUP.Optional.ELEX, C:\Program Files (x86)\XTab\HPNotify.exe, Löschen bei Neustart, [5df714577812b97d0143f73d5da52cd4], 
PUP.Optional.SearchProtect, C:\Program Files (x86)\XTab\BrowserAction.dll, Löschen bei Neustart, [4a0a4d1e91f9b3836d6c2e15e31f3ac6], 
PUP.Optional.SearchProtect, C:\Program Files (x86)\XTab\IeWatchDog.dll, Löschen bei Neustart, [55ff214a8efcca6c14f3f4ff8d78fa06], 
PUP.Optional.BrowserWatch, C:\Program Files (x86)\XTab\BrowerWatchFF.dll, Löschen bei Neustart, [eb69f9725c2eec4abaeef57a718f619f], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\XTab\SupTab.dll, In Quarantäne, [76def873fe8c57df41b63e0017ec47b9], 
PUP.Optional.BrowserWatch, C:\Program Files (x86)\XTab\BrowerWatchCH.dll, In Quarantäne, [361e5d0ef59596a0d1d78ee1ce320ef2], 
PUP.Optional.Clara.A, C:\Users\Andy\AppData\Local\Temp\6235.tmp, In Quarantäne, [c39114575d2d4ceaef2ea63ce71a0cf4], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Local\Temp\smt_istartsurf.exe, In Quarantäne, [a6ae0962d6b4fb3b28d77ebcf90dce32], 
PUP.Optional.Somoto, C:\Users\Andy\AppData\Local\Temp\nsx3C01.tmp\install27406.exe, In Quarantäne, [5df76407018966d0bc0f52818c792fd1], 
PUP.Optional.Protect, C:\Users\Andy\AppData\Local\Temp\xtmp183855009\tmp\wpm_v20.0.0.1953_0302.exe, In Quarantäne, [8dc7e18a32582610fd09af4446bfd32d], 
PUP.Optional.BrowserWatch, C:\Users\Andy\AppData\Local\Temp\xtmp183855009\tmp\XTab_Setup2121.exe, In Quarantäne, [7dd7de8d99f145f13276db944eb26b95], 
PUP.Optional.Clara.A, C:\claraInstaller.txt, In Quarantäne, [dd774427e3a7072f0fb3645a57acc739], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\uninstall.exe, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\conf, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ffsearch_toolbar!1.0.0.1028.xpi, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\install.data, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, Löschen bei Neustart, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, Löschen bei Neustart, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\searchProvider.xml, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\about.png, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\about_bk.png, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\btn.png, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\btn_apply.png, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\close.png, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\conf.xml, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\conf_back.png, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\input_bk.png, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\logo.png, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\main.xml, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\radio_1.png, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\radio_2.png, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\rigth_arrow.png, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\settings.png, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\data.html, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\indexIE.html, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\indexIE8.html, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\main.css, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\ver.txt, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\google_trends.png, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon128.png, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon16.png, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon48.png, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\loading.gif, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\logo32.ico, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\common.js, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\ga.js, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\jquery-1.11.0.min.js, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\jquery.autocomplete.js, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\js.js, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\library.js, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\xagainit-ie8.js, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\xagainit2.0.js, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\en-US\messages.json, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-419\messages.json, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-ES\messages.json, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-BE\messages.json, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CA\messages.json, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CH\messages.json, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-FR\messages.json, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-LU\messages.json, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-CH\messages.json, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-IT\messages.json, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pl\messages.json, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt\messages.json, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt-BR\messages.json, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru\messages.json, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru-MO\messages.json, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\tr-TR\messages.json, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\vi-VI\messages.json, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-CN\messages.json, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-TW\messages.json, In Quarantäne, [361eb1bad9b154e2dfef309d3dc68e72], 
PUP.Optional.BoBrowser.A, C:\Windows\System32\Tasks\Run_Bobby_Browser, In Quarantäne, [0d4790db98f2e2540fd71db0d72ce31d], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, In Quarantäne, [fc5878f37f0bc472a016702c14ef47b9], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\474.json, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\MessageBox.xml, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\uninstallDlg2.xml, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\UninstallManager.exe, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\images\bg.png, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\images\bg1.png, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\images\bk_shadow.png, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\images\button.png, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\images\button1.png, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\images\checkbox.png, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\images\checkbox_select.png, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\images\checked.png, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\images\close.png, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\images\loading_bg.png, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\images\loading_light.png, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\images\min.png, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\images\scrollbar.bmp, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\images\Thumbs.db, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\images\unchecked.png, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\images\code\code1.jpg, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\images\code\code2.jpg, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\images\code\code3.jpg, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\images\code\code4.jpg, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\images\code\code5.jpg, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\images\code\code6.jpg, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\istartsurf\images\code\Thumbs.db, In Quarantäne, [1d37c6a51d6da096d48d5849c043847c], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\bobrowser.exe, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\chrome_elf.dll, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\debug.log, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\extension_list.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\master_preferences, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\VisualElementsManifest.xml, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Installer\setup.exe, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\hi.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\am.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\ar.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\bg.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\bn.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\ca.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\cs.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\da.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\de.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\el.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\en-GB.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\en-US.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\es-419.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\es.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\et.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\fa.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\fi.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\fil.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\fr.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\gu.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\he.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\hr.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\hu.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\id.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\it.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\ja.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\kn.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\ko.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\lt.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\lv.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\ml.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\mr.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\ms.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\nb.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\nl.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\pl.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\pt-BR.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\pt-PT.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\ro.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\ru.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\sk.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\sl.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\sr.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\sv.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\sw.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\ta.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\te.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\th.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\tr.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\uk.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\vi.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\zh-CN.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\Locales\zh-TW.pak, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\PepperFlash\manifest.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\PepperFlash\pepflashplayer.dll, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\VisualElements\logo.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\VisualElements\smalllogo.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\Application\39.0.2132.4\VisualElements\splash-620x300.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\First Run, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Local State, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Safe Browsing Bloom, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Safe Browsing Bloom Prefix Set, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Safe Browsing Cookies, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Safe Browsing Cookies-journal, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Safe Browsing Csd Whitelist, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Safe Browsing Download, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Safe Browsing Download Whitelist, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Safe Browsing Extension Blacklist, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Safe Browsing IP Blacklist, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Bookmarks, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cookies, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cookies-journal, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Current Session, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Current Tabs, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extension Cookies, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extension Cookies-journal, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Favicons, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Favicons-journal, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Google Profile.ico, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\History, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\History Provider Cache, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\History-journal, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Login Data, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Login Data-journal, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Network Action Predictor, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Network Action Predictor-journal, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Origin Bound Certs, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Origin Bound Certs-journal, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Preferences, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\QuotaManager, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\QuotaManager-journal, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\README, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Secure Preferences, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 


(end)
         

Code: Alles auswählenAufklappen

ATTFilter

PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Shortcuts, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Shortcuts-journal, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Top Sites, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Top Sites-journal, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Visited Links, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Web Data, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Web Data-journal, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Extension Settings\ebpeonjdeofpjegbdiibbdjlgfohngee\000003.log, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Extension Settings\ebpeonjdeofpjegbdiibbdjlgfohngee\CURRENT, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Extension Settings\ebpeonjdeofpjegbdiibbdjlgfohngee\LOCK, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Extension Settings\ebpeonjdeofpjegbdiibbdjlgfohngee\LOG, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Extension Settings\ebpeonjdeofpjegbdiibbdjlgfohngee\MANIFEST-000002, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Extension Settings\gfmdmibgfbecppaeocifplgmepgcpcbi\000003.log, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Extension Settings\gfmdmibgfbecppaeocifplgmepgcpcbi\CURRENT, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Extension Settings\gfmdmibgfbecppaeocifplgmepgcpcbi\LOCK, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Extension Settings\gfmdmibgfbecppaeocifplgmepgcpcbi\LOG, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Extension Settings\gfmdmibgfbecppaeocifplgmepgcpcbi\MANIFEST-000002, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\data_0, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\data_1, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\data_2, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\data_3, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\f_000001, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\f_000002, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\f_000003, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\f_000004, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\f_000005, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\f_000006, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\f_000007, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\f_000008, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\index, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\databases\Databases.db, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\databases\Databases.db-journal, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\databases\chrome-extension_ebpeonjdeofpjegbdiibbdjlgfohngee_0\1, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extension Rules\000003.log, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extension Rules\CURRENT, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extension Rules\LOCK, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extension Rules\LOG, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extension Rules\MANIFEST-000002, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extension State\000003.log, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extension State\CURRENT, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extension State\LOCK, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extension State\LOG, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extension State\MANIFEST-000002, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\background.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\manifest.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\acceptButton.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\amazon.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\amazon_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\arrow.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\back.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\bbc.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\bbc_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\close.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\closeWhite.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\craigslist.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\craigslist_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\cross.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\ebay.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\ebay_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\facebook.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\facebookBox.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\facebook_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\fb_handle.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\freeButton.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\globo.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\globo_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\gmail.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\gmx.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\gmx_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\google+.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\google+_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\leboncoin.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\leboncoin_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\libero.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\libero_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\linkedin.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\linkedin_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\lock.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\logo1stBrowser.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\logoFacebook.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\marca.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\marca_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\mercado.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\mercado_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\milanuncios.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\milanuncios_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\msn.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\msn_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\orange.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\orange_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\outlook.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\outlook_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\pin.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\pinterest.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\pinterest_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\popupFacebook.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\previewChrome.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\separator.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\stars.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\switch_off.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\switch_on.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\transparent.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\twitter.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\twitter_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\unlock.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\Uol.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\Uol_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\web.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\web_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\wikipedia.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\wikipedia_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\yahoo.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\yahoo_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\youtube.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\youtube_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\cross_white.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\gmail_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\settings.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\scripts\coreApp.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\scripts\facebookSidebarController.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\scripts\linkSliderController.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\scripts\libs\angular-sanitize.min.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\scripts\libs\angular.min.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\scripts\libs\sienium.remoteCoordinator.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\styles\angular-csp.css, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\styles\cssreset-min.css, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\styles\facebookSidebar.css, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\styles\font.css, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\styles\linkSlider.css, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\styles\main.css, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\styles\offerscreenFacebook.css, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\styles\fonts\OpenSans-Bold.woff, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\styles\fonts\OpenSans-Light.woff, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\styles\fonts\OpenSans-Regular.woff, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\views\facebookSidebar.html, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\views\linkSlider.html, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\_locales\de\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\_locales\en\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\_locales\es\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\_locales\fr\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\_locales\it\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\_locales\pt\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\_locales\tr\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\background.html, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\chromeCoreFilesIndex.txt, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\manifest.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\popup.html, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\Settings.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\manifest.xml, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\13.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\14.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\17.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\180.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\19.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\200.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\246.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\253.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\281.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\289.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\345.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\354.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\376.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\391.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\4.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\47.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\64.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\78.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\80.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\91.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\93.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\97.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\userCode\background.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\userCode\extension.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\icons\icon128.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\icons\icon16.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\icons\icon48.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\icons\actions\1.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\13cfab23d37b206a2cacab99360a8a25.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\3519055c0c27881a1ab5dedd7831623f.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\main.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\api\0e1bc57fe2a6cd60928ed67e1d85e090.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\api\2038cd4da885db2b7fabab1a39272f04.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\api\d2ef8bc55fa8b224c8231d4973f704d9.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\api\f15b8801ebb7aaac45b4f4e34f0dd904.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\api\f68196581e37fa3c7126215cd1cdf768.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\api\pageAction.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\131c3409f6b75a8d394ecab0f34f6a4f.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\13d572e73c5c94eb54c7244825464cc1.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\4eea862441a3352d6a036c89d315047e.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\68cf39374ae3fe36e4d3bf63effd4371.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\8390393afd9faceafeef639f6155d713.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\92031d9a85776f996c150bcd0fc83bfc.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\92346fb3fd8850f48d0401add01592eb.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\9ca9156e4e7cff6d888689d78532ef7b.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\af96cbbc243ef6a95f771a1e0a5c96a6.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\app_api.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\d352af718b3c6dbec91dcf26a134c6f8.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\d9c46e66542d3e485ab45ed27c69b76e.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\e2464d8398daee6e2c39ec493fe084a1.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\eb6bba9ca95c92673b7fb184d70f5bf5.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\fa46d5b634bb2e8d6b718cf7e5268ef0.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\installer.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\popupResource\newPopup.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\popupResource\popup.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\background.html, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\manifest.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\manifest_old.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\css\angular-csp.css, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\css\cssreset-min.css, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\css\followedProducts.css, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\css\offerscreen.css, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\img\arrow.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\img\closeWhite.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\img\fb_handle.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\img\logo1stBrowser.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\img\logoBeamrise.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\img\sidebar.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\offerscreenController.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\background\background.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\content\handle.css, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\content\handleHelper.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\content\montiera.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\content\offerscreen.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\content\scriptInjection.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\libs\angular-sanitize.min.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\libs\angular.min.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\libs\sienium.installAppAsync.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\libs\sienium.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\libs\sienium.remoteCoordinator.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\tools\analytics.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\tools\config.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\tools\tracking.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\views\adView.html, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\views\followedproducts.html, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\views\offerscreen.html, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\views\offershop.html, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\_locales\de\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\_locales\en\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\_locales\es\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\_locales\fr\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\_locales\it\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\_locales\pt\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\_locales\tr\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\pdlpmjkeahlbfeiclkokomifjfnkghpg\1.0.0.9393_0\manifest.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\pdlpmjkeahlbfeiclkokomifjfnkghpg\1.0.0.9393_0\scripts\backendservice.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\pdlpmjkeahlbfeiclkokomifjfnkghpg\1.0.0.9393_0\scripts\background.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\pdlpmjkeahlbfeiclkokomifjfnkghpg\1.0.0.9393_0\scripts\lunr.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\pdlpmjkeahlbfeiclkokomifjfnkghpg\1.0.0.9393_0\scripts\suggestionEngine.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\pdlpmjkeahlbfeiclkokomifjfnkghpg\1.0.0.9393_0\scripts\util.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\pdlpmjkeahlbfeiclkokomifjfnkghpg\1.0.0.9393_0\scripts\uuid.core.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\GPUCache\data_0, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\GPUCache\data_1, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\GPUCache\data_2, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\GPUCache\data_3, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\GPUCache\index, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\JumpListIcons\B3A9.tmp, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Storage\chrome-extension_ebpeonjdeofpjegbdiibbdjlgfohngee_0.localstorage, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Storage\chrome-extension_ebpeonjdeofpjegbdiibbdjlgfohngee_0.localstorage-journal, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage-journal, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Storage\https_www.google.de_0.localstorage, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Storage\https_www.google.de_0.localstorage-journal, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUK2SHYU\cdncache-a.akamaihd.net\items\e6a00\storage.swf\gpl.sol, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUK2SHYU\macromedia.com\support\flashplayer\sys\settings.sol, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUK2SHYU\macromedia.com\support\flashplayer\sys\#cdncache-a.akamaihd.net\settings.sol, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Session Storage\000003.log, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Session Storage\CURRENT, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Session Storage\LOCK, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Session Storage\LOG, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Session Storage\MANIFEST-000002, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Storage\ext\cfonhidlapoahmcjpnilgpjjmgnmnnoa\def\GPUCache\data_0, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Storage\ext\cfonhidlapoahmcjpnilgpjjmgnmnnoa\def\GPUCache\data_1, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Storage\ext\cfonhidlapoahmcjpnilgpjjmgnmnnoa\def\GPUCache\data_2, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Storage\ext\cfonhidlapoahmcjpnilgpjjmgnmnnoa\def\GPUCache\data_3, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Storage\ext\cfonhidlapoahmcjpnilgpjjmgnmnnoa\def\GPUCache\index, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update\conf, In Quarantäne, [292b7eed8208eb4b4c017f346b980cf4], 
PUP.Optional.SearchEngine.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\searchengine@gmail.com\chrome.manifest, In Quarantäne, [31236506721872c4caaa5e59798a728e], 
PUP.Optional.SearchEngine.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\searchengine@gmail.com\install.rdf, In Quarantäne, [31236506721872c4caaa5e59798a728e], 
PUP.Optional.SearchEngine.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\searchengine@gmail.com\chrome\content\toolbar.js, In Quarantäne, [31236506721872c4caaa5e59798a728e], 
PUP.Optional.SearchEngine.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\searchengine@gmail.com\chrome\content\toolbar.xul, In Quarantäne, [31236506721872c4caaa5e59798a728e], 
PUP.Optional.SearchEngine.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\searchengine@gmail.com\chrome\skin\icon.png, In Quarantäne, [31236506721872c4caaa5e59798a728e], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome.manifest, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\install.rdf, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\index.html, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\quick_start.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\quick_start.xul, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\include\speed_dial.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\include\tools\about_blank_hook.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\include\tools\misc.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\include\tools\popup_image_helper.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\include\tools\urlrequestor.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js\js.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js\lib\doT.min.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js\lib\jquery-2.1.0.min.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js\lib\jquery.autocomplete.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js\module\hotSearch.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js\module\mostgrid.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js\module\search.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js\module\stat.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js\pack\common.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js\pack\ga.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js\pack\xagainit.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\en\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\en-US\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\es\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\es-419\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-BE\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-CA\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-CH\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-LU\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\it\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\it-CH\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\pl\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\pt-BR\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\ru\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\ru-MO\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\tr\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\vi\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\zh-CN\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\zh-TW\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\skin\default_logo.png, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\skin\googlelogo.png, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\skin\google_trends.png, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\skin\icon.png, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\skin\loading.gif, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\skin\logo.png, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\skin\newtab.ico, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\skin\simple.css, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\skin\style.css, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\defaults\preferences\fvd.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\defaults\preferences\preferences.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\modules\addonmanager.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\modules\aes.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\modules\config.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\modules\dialogs.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\modules\last_tab.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\modules\misc.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\modules\properties.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\modules\remoterequest.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\modules\restoreprefs.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\modules\settings.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\updateinfo\faststart.update.rdf, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\updateinfo\ff.update.rdf, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\updateinfo\istart.update.rdf, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\updateinfo\istart_ffnt#5.3.6.xpi, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\updateinfo\istart_ffnt.xpi, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\updateinfo\lightning.update.rdf, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.QuickStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");), Ersetzt,[153f0863c9c13df9e7011a247c8a7b85]
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://www.istartsurf.com/?type=hp&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733");), Ersetzt,[bb9908634d3d56e017eedb6448bec937]

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)
         

Code: Alles auswählenAufklappen

ATTFilter

PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Shortcuts, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Shortcuts-journal, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Top Sites, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Top Sites-journal, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Visited Links, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Web Data, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Web Data-journal, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Extension Settings\ebpeonjdeofpjegbdiibbdjlgfohngee\000003.log, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Extension Settings\ebpeonjdeofpjegbdiibbdjlgfohngee\CURRENT, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Extension Settings\ebpeonjdeofpjegbdiibbdjlgfohngee\LOCK, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Extension Settings\ebpeonjdeofpjegbdiibbdjlgfohngee\LOG, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Extension Settings\ebpeonjdeofpjegbdiibbdjlgfohngee\MANIFEST-000002, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Extension Settings\gfmdmibgfbecppaeocifplgmepgcpcbi\000003.log, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Extension Settings\gfmdmibgfbecppaeocifplgmepgcpcbi\CURRENT, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Extension Settings\gfmdmibgfbecppaeocifplgmepgcpcbi\LOCK, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Extension Settings\gfmdmibgfbecppaeocifplgmepgcpcbi\LOG, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Extension Settings\gfmdmibgfbecppaeocifplgmepgcpcbi\MANIFEST-000002, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\data_0, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\data_1, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\data_2, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\data_3, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\f_000001, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\f_000002, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\f_000003, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\f_000004, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\f_000005, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\f_000006, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\f_000007, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\f_000008, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Cache\index, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\databases\Databases.db, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\databases\Databases.db-journal, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\databases\chrome-extension_ebpeonjdeofpjegbdiibbdjlgfohngee_0\1, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extension Rules\000003.log, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extension Rules\CURRENT, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extension Rules\LOCK, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extension Rules\LOG, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extension Rules\MANIFEST-000002, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extension State\000003.log, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extension State\CURRENT, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extension State\LOCK, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extension State\LOG, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extension State\MANIFEST-000002, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\background.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\manifest.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\acceptButton.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\amazon.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\amazon_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\arrow.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\back.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\bbc.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\bbc_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\close.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\closeWhite.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\craigslist.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\craigslist_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\cross.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\ebay.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\ebay_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\facebook.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\facebookBox.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\facebook_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\fb_handle.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\freeButton.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\globo.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\globo_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\gmail.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\gmx.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\gmx_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\google+.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\google+_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\leboncoin.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\leboncoin_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\libero.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\libero_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\linkedin.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\linkedin_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\lock.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\logo1stBrowser.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\logoFacebook.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\marca.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\marca_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\mercado.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\mercado_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\milanuncios.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\milanuncios_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\msn.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\msn_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\orange.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\orange_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\outlook.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\outlook_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\pin.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\pinterest.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\pinterest_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\popupFacebook.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\previewChrome.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\separator.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\stars.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\switch_off.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\switch_on.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\transparent.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\twitter.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\twitter_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\unlock.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\Uol.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\Uol_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\web.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\web_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\wikipedia.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\wikipedia_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\yahoo.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\yahoo_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\youtube.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\youtube_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\cross_white.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\gmail_large.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\img\settings.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\scripts\coreApp.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\scripts\facebookSidebarController.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\scripts\linkSliderController.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\scripts\libs\angular-sanitize.min.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\scripts\libs\angular.min.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\scripts\libs\sienium.remoteCoordinator.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\styles\angular-csp.css, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\styles\cssreset-min.css, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\styles\facebookSidebar.css, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\styles\font.css, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\styles\linkSlider.css, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\styles\main.css, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\styles\offerscreenFacebook.css, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\styles\fonts\OpenSans-Bold.woff, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\styles\fonts\OpenSans-Light.woff, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\styles\fonts\OpenSans-Regular.woff, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\views\facebookSidebar.html, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\views\linkSlider.html, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\_locales\de\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\_locales\en\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\_locales\es\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\_locales\fr\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\_locales\it\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\_locales\pt\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\cfonhidlapoahmcjpnilgpjjmgnmnnoa\1.3.0.9509_0\_locales\tr\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\background.html, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\chromeCoreFilesIndex.txt, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\manifest.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\popup.html, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\Settings.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\manifest.xml, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\13.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\14.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\17.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\180.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\19.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\200.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\246.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\253.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\281.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\289.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\345.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\354.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\376.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\391.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\4.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\47.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\64.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\78.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\80.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\91.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\93.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\plugins\97.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\userCode\background.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\extensionData\userCode\extension.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\icons\icon128.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\icons\icon16.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\icons\icon48.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\icons\actions\1.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\13cfab23d37b206a2cacab99360a8a25.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\3519055c0c27881a1ab5dedd7831623f.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\main.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\api\0e1bc57fe2a6cd60928ed67e1d85e090.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\api\2038cd4da885db2b7fabab1a39272f04.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\api\d2ef8bc55fa8b224c8231d4973f704d9.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\api\f15b8801ebb7aaac45b4f4e34f0dd904.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\api\f68196581e37fa3c7126215cd1cdf768.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\api\pageAction.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\131c3409f6b75a8d394ecab0f34f6a4f.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\13d572e73c5c94eb54c7244825464cc1.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\4eea862441a3352d6a036c89d315047e.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\68cf39374ae3fe36e4d3bf63effd4371.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\8390393afd9faceafeef639f6155d713.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\92031d9a85776f996c150bcd0fc83bfc.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\92346fb3fd8850f48d0401add01592eb.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\9ca9156e4e7cff6d888689d78532ef7b.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\af96cbbc243ef6a95f771a1e0a5c96a6.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\app_api.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\d352af718b3c6dbec91dcf26a134c6f8.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\d9c46e66542d3e485ab45ed27c69b76e.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\e2464d8398daee6e2c39ec493fe084a1.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\eb6bba9ca95c92673b7fb184d70f5bf5.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\fa46d5b634bb2e8d6b718cf7e5268ef0.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\installer.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\popupResource\newPopup.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.30_0\js\lib\popupResource\popup.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\background.html, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\manifest.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\manifest_old.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\css\angular-csp.css, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\css\cssreset-min.css, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\css\followedProducts.css, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\css\offerscreen.css, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\img\arrow.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\img\closeWhite.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\img\fb_handle.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\img\logo1stBrowser.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\img\logoBeamrise.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\img\sidebar.png, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\offerscreenController.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\background\background.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\content\handle.css, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\content\handleHelper.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\content\montiera.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\content\offerscreen.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\content\scriptInjection.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\libs\angular-sanitize.min.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\libs\angular.min.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\libs\sienium.installAppAsync.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\libs\sienium.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\libs\sienium.remoteCoordinator.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\tools\analytics.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\tools\config.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\scripts\tools\tracking.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\views\adView.html, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\views\followedproducts.html, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\views\offerscreen.html, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\views\offershop.html, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\_locales\de\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\_locales\en\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\_locales\es\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\_locales\fr\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\_locales\it\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\_locales\pt\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9829_0\_locales\tr\messages.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\pdlpmjkeahlbfeiclkokomifjfnkghpg\1.0.0.9393_0\manifest.json, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\pdlpmjkeahlbfeiclkokomifjfnkghpg\1.0.0.9393_0\scripts\backendservice.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\pdlpmjkeahlbfeiclkokomifjfnkghpg\1.0.0.9393_0\scripts\background.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\pdlpmjkeahlbfeiclkokomifjfnkghpg\1.0.0.9393_0\scripts\lunr.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\pdlpmjkeahlbfeiclkokomifjfnkghpg\1.0.0.9393_0\scripts\suggestionEngine.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\pdlpmjkeahlbfeiclkokomifjfnkghpg\1.0.0.9393_0\scripts\util.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Extensions\pdlpmjkeahlbfeiclkokomifjfnkghpg\1.0.0.9393_0\scripts\uuid.core.js, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\GPUCache\data_0, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\GPUCache\data_1, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\GPUCache\data_2, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\GPUCache\data_3, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\GPUCache\index, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\JumpListIcons\B3A9.tmp, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Storage\chrome-extension_ebpeonjdeofpjegbdiibbdjlgfohngee_0.localstorage, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Storage\chrome-extension_ebpeonjdeofpjegbdiibbdjlgfohngee_0.localstorage-journal, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage-journal, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Storage\https_www.google.de_0.localstorage, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Storage\https_www.google.de_0.localstorage-journal, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUK2SHYU\cdncache-a.akamaihd.net\items\e6a00\storage.swf\gpl.sol, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUK2SHYU\macromedia.com\support\flashplayer\sys\settings.sol, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUK2SHYU\macromedia.com\support\flashplayer\sys\#cdncache-a.akamaihd.net\settings.sol, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Session Storage\000003.log, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Session Storage\CURRENT, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Session Storage\LOCK, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Session Storage\LOG, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Session Storage\MANIFEST-000002, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Storage\ext\cfonhidlapoahmcjpnilgpjjmgnmnnoa\def\GPUCache\data_0, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Storage\ext\cfonhidlapoahmcjpnilgpjjmgnmnnoa\def\GPUCache\data_1, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Storage\ext\cfonhidlapoahmcjpnilgpjjmgnmnnoa\def\GPUCache\data_2, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Storage\ext\cfonhidlapoahmcjpnilgpjjmgnmnnoa\def\GPUCache\data_3, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.BoBrowser.A, C:\Users\Andy\AppData\Local\BoBrowser\User Data\Default\Storage\ext\cfonhidlapoahmcjpnilgpjjmgnmnnoa\def\GPUCache\index, In Quarantäne, [4b099ccf93f745f142eaded51ce78b75], 
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update\conf, In Quarantäne, [292b7eed8208eb4b4c017f346b980cf4], 
PUP.Optional.SearchEngine.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\searchengine@gmail.com\chrome.manifest, In Quarantäne, [31236506721872c4caaa5e59798a728e], 
PUP.Optional.SearchEngine.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\searchengine@gmail.com\install.rdf, In Quarantäne, [31236506721872c4caaa5e59798a728e], 
PUP.Optional.SearchEngine.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\searchengine@gmail.com\chrome\content\toolbar.js, In Quarantäne, [31236506721872c4caaa5e59798a728e], 
PUP.Optional.SearchEngine.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\searchengine@gmail.com\chrome\content\toolbar.xul, In Quarantäne, [31236506721872c4caaa5e59798a728e], 
PUP.Optional.SearchEngine.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\searchengine@gmail.com\chrome\skin\icon.png, In Quarantäne, [31236506721872c4caaa5e59798a728e], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome.manifest, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\install.rdf, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\index.html, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\quick_start.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\quick_start.xul, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\include\speed_dial.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\include\tools\about_blank_hook.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\include\tools\misc.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\include\tools\popup_image_helper.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\include\tools\urlrequestor.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js\js.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js\lib\doT.min.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js\lib\jquery-2.1.0.min.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js\lib\jquery.autocomplete.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js\module\hotSearch.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js\module\mostgrid.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js\module\search.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js\module\stat.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js\pack\common.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js\pack\ga.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\content\js\pack\xagainit.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\en\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\en-US\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\es\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\es-419\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-BE\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-CA\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-CH\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\fr-LU\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\it\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\it-CH\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\pl\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\pt-BR\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\ru\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\ru-MO\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\tr\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\vi\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\zh-CN\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\locale\zh-TW\locale.properties, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\skin\default_logo.png, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\skin\googlelogo.png, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\skin\google_trends.png, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\skin\icon.png, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\skin\loading.gif, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\skin\logo.png, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\skin\newtab.ico, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\skin\simple.css, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\chrome\skin\style.css, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\defaults\preferences\fvd.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\defaults\preferences\preferences.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\modules\addonmanager.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\modules\aes.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\modules\config.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\modules\dialogs.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\modules\last_tab.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\modules\misc.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\modules\properties.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\modules\remoterequest.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\modules\restoreprefs.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\modules\settings.js, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\updateinfo\faststart.update.rdf, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\updateinfo\ff.update.rdf, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\updateinfo\istart.update.rdf, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\updateinfo\istart_ffnt#5.3.6.xpi, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\updateinfo\istart_ffnt.xpi, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.IStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\extensions\istart_ffnt@gmail.com\updateinfo\lightning.update.rdf, In Quarantäne, [163e610ae7a3d85e469311a77c8727d9], 
PUP.Optional.QuickStart.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");), Ersetzt,[153f0863c9c13df9e7011a247c8a7b85]
PUP.Optional.IStartSurf.A, C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://www.istartsurf.com/?type=hp&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733");), Ersetzt,[bb9908634d3d56e017eedb6448bec937]

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)
         

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v4.201 - Bericht erstellt 12/04/2015 um 10:54:05
# Aktualisiert 08/04/2015 von Xplode
# Datenbank : 2015-04-08.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Andy - ANDY-PC
# Gestarted von : C:\Users\Andy\Downloads\AdwCleaner_4.201.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Partner
Datei Gelöscht : C:\Users\Andy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\BoBrowser.lnk
Datei Gelöscht : C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\user.js

***** [ Geplante Tasks ] *****

Task Gelöscht : Run_Bobby_Browser

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Andy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Andy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Andy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp
Schlüssel Gelöscht : HKLM\SOFTWARE\Clara

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v37.0.1 (x86 de)

[l8ec7dcz.default\prefs.js] - Zeile Gelöscht : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[l8ec7dcz.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.alias", "istartsurf");
[l8ec7dcz.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.iconURL", "hxxp://www.istartsurf.com/favicon.ico");
[l8ec7dcz.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.name", "istartsurf");
[l8ec7dcz.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.url", "hxxp://www.istartsurf.com/web/?type=ds&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733&q={searchTerms}");
[l8ec7dcz.default\prefs.js] - Zeile Gelöscht : user_pref("browser.startup.homepage", "hxxp://www.istartsurf.com/?type=hp&ts=1428779859&from=smt&uid=SAMSUNGXHM500JI_S1WFJDQZB23733");
[l8ec7dcz.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.istart_ffnt@gmail.com.install-event-fired", true);
[l8ec7dcz.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.quick_start.enable_search1", false);
[l8ec7dcz.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

*************************

AdwCleaner[R0].txt - [3482 Bytes] - [12/04/2015 10:51:48]
AdwCleaner[S0].txt - [3454 Bytes] - [12/04/2015 10:54:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3513  Bytes] ##########
         

Code: Alles auswählenAufklappen

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.3 (04.07.2015:1)
OS: Windows 7 Home Premium x64
Ran by Andy on 12.04.2015 at 11:03:39,13
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\flexnet"
Successfully deleted: [Folder] "C:\Users\Andy\AppData\Roaming\flexnet"
Successfully deleted: [Empty Folder] C:\Users\Andy\appdata\local\{0029BE20-1A47-4804-8F4E-77BFDCE0E069}
Successfully deleted: [Empty Folder] C:\Users\Andy\appdata\local\{064CB957-5EE2-4DFA-9636-DFA99A51F50C}
Successfully deleted: [Empty Folder] C:\Users\Andy\appdata\local\{45F39D9F-DC4B-44AD-A02B-4C6B179A2AFD}
Successfully deleted: [Empty Folder] C:\Users\Andy\appdata\local\{C63A7DFC-07EF-4DC7-8A41-F5F4616BB37C}
Successfully deleted: [Empty Folder] C:\Users\Andy\appdata\local\{DC3EA835-2103-40E5-BDBB-CCD18A1FF917}



~~~ FireFox

Successfully deleted the following from C:\Users\Andy\AppData\Roaming\mozilla\firefox\profiles\l8ec7dcz.default\prefs.js

user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine");
user_pref("browser.search.searchengine.ptid", "smt");
user_pref("browser.search.searchengine.uid", "SAMSUNGXHM500JI_S1WFJDQZB23733");
Emptied folder: C:\Users\Andy\AppData\Roaming\mozilla\firefox\profiles\l8ec7dcz.default\minidumps [9 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.04.2015 at 11:06:53,78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-04-2015
Ran by Andy (administrator) on ANDY-PC on 12-04-2015 11:10:13
Running from C:\Users\Andy\Downloads
Loaded Profiles: Andy (Available profiles: UpdatusUser & Andy)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Andy\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-06-10] (ELAN Microelectronic Corp.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2010-08-11] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2207848 2011-03-21] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations)
HKLM\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [909824 2010-01-21] (Sonix Technology Co., Ltd.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme)
HKLM-x32\...\Run: [FLxHCIm] => C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe [40448 2011-02-25] (Windows (R) Win 7 DDK provider)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-18] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-08] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
HKLM-x32\...\Run: [VAWinAgent] => C:\ExpressGateUtil\VAWinAgent.exe [21504 2010-08-13] ()
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [87336 2010-02-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2010-11-25] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-03-24] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Java\jre6\bin\jusched.exe [148888 2015-03-29] (Sun Microsystems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3352751941-3298559708-1207771804-1001\...\Run: [Google Update] => C:\Users\Andy\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2015-02-03] (Google Inc.)
HKU\S-1-5-21-3352751941-3298559708-1207771804-1001\...\Run: [Google+ Auto Backup] => C:\Users\Andy\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3754312 2015-02-13] (Google Inc.)
HKU\S-1-5-21-3352751941-3298559708-1207771804-1001\...\Run: [avichannel] => C:\Program Files (x86)\Evaer\videochannel.exe [1740776 2015-03-08] (Evaer Technology)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [226920 2011-03-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [192616 2011-03-08] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe ()
Startup: C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk
ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3352751941-3298559708-1207771804-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-3352751941-3298559708-1207771804-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = 
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-24] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll No File
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-24] (Avast Software s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2015-03-29] (Sun Microsystems, Inc.)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll No File
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-04-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-10] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3352751941-3298559708-1207771804-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Andy\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-3352751941-3298559708-1207771804-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Andy\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Extension: Print pages to PDF - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\Extensions\printPages2Pdf@reinhold.ripper [2015-01-27]
FF Extension: ProxTube - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\Extensions\ich@maltegoetz.de.xpi [2015-03-22]
FF Extension: Download YouTube Videos, Fast And Simple - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\Extensions\jid1-cHKBMlArKdIVEg@jetpack.xpi [2015-04-05]
FF Extension: Save as PDF - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2015-02-12]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2015-04-05]
FF Extension: FlashGot - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2015-04-11]
FF Extension: Adblock Plus - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-15]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn [2015-04-12]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-24]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-03-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-24]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros) [File not signed]
S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-24] (Avast Software s.r.o.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-24] (Avast Software)
S2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-03-23] (Foxit Software Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
S3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
S2 VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [77312 2010-08-21] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-24] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-24] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-24] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-03-24] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-24] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-03-24] ()
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [81920 2011-02-25] (Fresco Logic)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800832 2010-09-07] (Sonix Technology Co., Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-24] (Avast Software)
U2 TMAgent; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-12 11:09 - 2015-04-12 11:09 - 02095616 _____ (Farbar) C:\Users\Andy\Downloads\FRST64(1).exe
2015-04-12 11:06 - 2015-04-12 11:06 - 00002052 _____ () C:\Users\Andy\Desktop\JRT.txt
2015-04-12 11:03 - 2015-04-12 11:03 - 02686959 _____ (Thisisu) C:\Users\Andy\Downloads\JRT.exe
2015-04-12 11:03 - 2015-04-12 11:03 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ANDY-PC-Windows-7-Home-Premium-(64-bit).dat
2015-04-12 11:03 - 2015-04-12 11:03 - 00000000 ____D () C:\RegBackup
2015-04-12 10:56 - 2015-04-12 10:56 - 00003597 _____ () C:\Users\Andy\Desktop\AdwCleaner[S0].txt
2015-04-12 10:55 - 2015-04-12 10:55 - 00000000 ___RD () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-04-12 10:51 - 2015-04-12 10:54 - 00000000 ____D () C:\AdwCleaner
2015-04-12 10:51 - 2015-04-12 10:51 - 02217984 _____ () C:\Users\Andy\Downloads\AdwCleaner_4.201.exe
2015-04-12 10:25 - 2015-04-12 10:45 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-12 10:25 - 2015-04-12 10:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-12 10:25 - 2015-04-12 10:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-12 10:25 - 2015-04-12 10:25 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-04-12 10:25 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-12 10:25 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-12 10:25 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-12 10:24 - 2015-04-12 10:24 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Andy\Downloads\mbam-setup-2.1.4.1018.exe
2015-04-11 21:23 - 2015-04-11 21:23 - 00000000 ____D () C:\Users\Andy\Documents\StreamTransport
2015-04-11 21:17 - 2015-04-11 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport
2015-04-11 21:17 - 2015-04-11 21:17 - 00000000 ____D () C:\Program Files (x86)\StreamTransport
2015-04-11 21:15 - 2015-04-11 21:15 - 02975799 _____ (hxxp://www.streamtransport.com/ ) C:\Users\Andy\Downloads\streamtransportsetup_25412.exe
2015-04-10 13:11 - 2015-04-12 11:10 - 00019433 _____ () C:\Users\Andy\Downloads\FRST.txt
2015-04-10 13:11 - 2015-04-10 15:45 - 00035686 _____ () C:\Users\Andy\Downloads\Addition.txt
2015-04-10 13:10 - 2015-04-12 11:10 - 00000000 ____D () C:\FRST
2015-04-10 13:09 - 2015-04-10 13:10 - 02095616 _____ (Farbar) C:\Users\Andy\Downloads\FRST64.exe
2015-04-09 18:13 - 2015-04-09 18:14 - 01424240 _____ () C:\Windows\Minidump\040915-45599-01.dmp
2015-04-05 13:41 - 2015-04-05 13:41 - 00000000 ____D () C:\Users\Andy\Documents\Camtasia Studio
2015-04-05 13:41 - 2015-04-05 13:41 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\TechSmith
2015-04-05 13:41 - 2015-04-05 13:41 - 00000000 ____D () C:\Users\Andy\AppData\Local\TechSmith
2015-04-05 13:34 - 2015-04-05 13:34 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith
2015-04-05 13:34 - 2015-04-05 13:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2015-04-05 13:34 - 2015-04-05 13:34 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-04-05 13:33 - 2015-04-05 13:33 - 00000000 ____D () C:\ProgramData\TechSmith
2015-04-05 13:33 - 2015-04-05 13:33 - 00000000 ____D () C:\Program Files (x86)\TechSmith
2015-04-05 13:18 - 2015-04-05 13:18 - 01203488 _____ () C:\Users\Andy\Downloads\Camtasia Studio - CHIP-Installer.exe
2015-04-05 13:15 - 2015-04-05 13:16 - 00000009 _____ () C:\Users\Andy\AppData\Local\~wmrg
2015-04-05 13:15 - 2015-04-05 13:16 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\WM Recorder
2015-04-05 13:15 - 2015-04-05 13:15 - 00002073 _____ () C:\Users\Andy\Desktop\WM Converter.lnk
2015-04-05 13:15 - 2015-04-05 13:15 - 00001874 _____ () C:\Users\Andy\Desktop\WM Recorder 14.lnk
2015-04-05 13:15 - 2015-04-05 13:15 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WM Recorder 14
2015-04-05 13:15 - 2015-04-05 13:15 - 00000000 ____D () C:\Program Files (x86)\WMR14
2015-04-05 13:14 - 2015-04-05 13:14 - 22303248 _____ (AllAlex, Inc) C:\Users\Andy\Downloads\install_wmrecorder.exe
2015-04-05 11:42 - 2015-04-05 11:42 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-05 11:42 - 2015-04-05 11:42 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-04 16:55 - 2015-04-04 16:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-03 14:20 - 2015-04-03 14:20 - 00001485 _____ () C:\Users\Andy\AppData\Local\recently-used.xbel
2015-04-03 12:00 - 2015-04-03 12:00 - 00000246 _____ () C:\Users\Andy\Downloads\README.md
2015-04-03 11:51 - 2015-04-03 22:48 - 00000000 ____D () C:\Users\Andy\Documents\Evaer
2015-04-03 11:51 - 2015-04-03 21:44 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Evaer
2015-04-03 11:51 - 2015-04-03 11:51 - 07902120 _____ (Evaer Technology) C:\Users\Andy\Downloads\EvaerSetup.exe
2015-04-03 11:51 - 2015-04-03 11:51 - 00000951 _____ () C:\Users\Andy\Desktop\Evaer.lnk
2015-04-03 11:51 - 2015-04-03 11:51 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evaer
2015-04-03 11:51 - 2015-04-03 11:51 - 00000000 ____D () C:\Users\Andy\AppData\Local\CrashRpt
2015-04-03 11:51 - 2015-04-03 11:51 - 00000000 ____D () C:\Program Files (x86)\Evaer
2015-03-29 19:52 - 2015-03-29 19:52 - 00000000 ____D () C:\ProgramData\Samsung
2015-03-29 19:52 - 2015-03-29 19:52 - 00000000 ____D () C:\Program Files\SAMSUNG
2015-03-29 19:51 - 2015-03-29 19:52 - 24111736 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\Andy\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
2015-03-29 19:42 - 2015-03-29 19:42 - 00000000 ____D () C:\Users\Andy\.android
2015-03-29 19:40 - 2015-03-29 19:40 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2015-03-29 18:12 - 2015-03-29 18:16 - 00000000 ____D () C:\Users\Andy\Documents\Create at Home Projekts
2015-03-29 17:08 - 2015-03-29 17:08 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\MPC
2015-03-29 17:07 - 2015-03-29 17:07 - 00000000 ____D () C:\Users\Andy\.kodakch
2015-03-29 17:05 - 2015-03-29 17:05 - 00002166 _____ () C:\Users\Public\Desktop\KODAK Create@Home Software (für dm).lnk
2015-03-29 17:05 - 2015-03-29 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KODAK Create@Home Software (für dm)
2015-03-29 17:04 - 2015-03-29 17:07 - 00000000 ____D () C:\Program Files (x86)\KODAK Create@Home Software (für dm)
2015-03-29 17:02 - 2015-03-29 17:02 - 00410984 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deploytk.dll
2015-03-29 17:02 - 2015-03-29 17:02 - 00148888 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2015-03-29 17:02 - 2015-03-29 17:02 - 00144792 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2015-03-29 17:02 - 2015-03-29 17:02 - 00144792 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2015-03-29 17:02 - 2015-03-29 17:02 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-29 17:00 - 2015-03-29 17:00 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Kodak Alaris Inc
2015-03-29 16:56 - 2015-03-29 17:00 - 171695608 _____ (Kodak Alaris Inc.) C:\Users\Andy\Downloads\MyPhotoCreationInstaller.exe
2015-03-27 19:13 - 2015-03-27 19:13 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClockworkMod
2015-03-27 19:13 - 2015-03-27 19:13 - 00000000 ____D () C:\Program Files (x86)\ClockworkMod
2015-03-27 19:11 - 2015-03-27 19:11 - 01203488 _____ () C:\Users\Andy\Downloads\Helium Backup Desktop Client - CHIP-Installer.exe
2015-03-26 11:10 - 2015-03-26 12:32 - 00000000 ____D () C:\Users\Andy\Documents\Bachelor
2015-03-26 11:02 - 2015-04-09 11:51 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Foxit Software
2015-03-26 11:02 - 2015-03-26 11:02 - 00000000 ____D () C:\Users\Public\Foxit Software
2015-03-26 11:02 - 2015-03-26 11:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-03-26 11:01 - 2015-03-26 11:01 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2015-03-26 10:58 - 2015-03-26 10:59 - 38371256 _____ (Foxit Software Inc. ) C:\Users\Andy\Downloads\FoxitReader713.0320_enu_Setup.exe
2015-03-24 19:21 - 2015-03-24 19:21 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\AVAST Software
2015-03-24 19:20 - 2015-03-24 19:23 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-03-24 19:20 - 2015-03-24 19:23 - 00000000 ____D () C:\Windows\system32\vbox
2015-03-24 19:20 - 2015-03-24 19:20 - 00001924 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-03-24 19:20 - 2015-03-24 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-03-24 19:19 - 2015-04-12 10:44 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-24 19:19 - 2015-03-24 19:19 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-03-24 19:19 - 2015-03-24 19:19 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-03-24 19:19 - 2015-03-24 19:19 - 00271200 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-03-24 19:19 - 2015-03-24 19:19 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-03-24 19:19 - 2015-03-24 19:19 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-03-24 19:19 - 2015-03-24 19:19 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-03-24 19:19 - 2015-03-24 19:19 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-03-24 19:19 - 2015-03-24 19:19 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-03-24 19:19 - 2015-03-24 19:19 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-03-24 19:19 - 2015-03-24 19:18 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-03-24 19:18 - 2015-03-24 19:18 - 00000000 ____D () C:\Program Files\AVAST Software
2015-03-24 19:16 - 2015-03-24 19:16 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-03-24 19:12 - 2015-03-24 19:15 - 150062624 _____ (Avast Software s.r.o.) C:\Users\Andy\Downloads\avast_free_antivirus_setup_10.2.2215.exe
2015-03-24 16:23 - 2015-03-24 16:23 - 00002470 _____ () C:\Users\Public\Desktop\Norton Identity Safe.lnk
2015-03-22 12:27 - 2015-04-03 12:15 - 00000102 _____ () C:\Users\Andy\Documents\wsr2015.txt
2015-03-22 12:27 - 2015-03-22 12:28 - 00003724 _____ () C:\Users\Andy\Documents\wsrp2015-agent.txt
2015-03-22 12:27 - 2015-03-22 12:27 - 00001090 _____ () C:\Users\Public\Desktop\Web Stream Recorder.lnk
2015-03-22 12:27 - 2015-03-22 12:27 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Bolide(R) Software
2015-03-22 12:27 - 2015-03-22 12:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Web Stream Recorder
2015-03-22 12:27 - 2015-03-22 12:27 - 00000000 ____D () C:\Program Files (x86)\Web Stream Recorder
2015-03-21 14:22 - 2015-04-07 10:07 - 00000000 ____D () C:\Users\Andy\Desktop\Phone
2015-03-18 12:22 - 2015-03-18 12:22 - 01776128 _____ (Evaer Technology) C:\Windows\SysWOW64\h264enc.ax
2015-03-15 19:11 - 2015-03-15 19:11 - 00000000 ____D () C:\Users\Andy\Tracing
2015-03-15 14:53 - 2015-03-15 14:53 - 00001997 _____ () C:\Users\Andy\Desktop\FOTOParadies.lnk
2015-03-15 14:53 - 2015-03-15 14:53 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FOTOParadies
2015-03-15 14:52 - 2015-03-15 14:54 - 00000000 ____D () C:\Program Files (x86)\FOTOParadies
2015-03-15 14:45 - 2015-03-15 14:51 - 302013112 _____ (Foto Online Service GmbH ) C:\Users\Andy\Downloads\FotoParadiesSetup.exe
2015-03-13 11:06 - 2015-04-11 21:18 - 00000000 ____D () C:\Users\Andy\AppData\Local\CrashDumps
2015-03-13 10:52 - 2015-03-13 10:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-12 11:04 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-12 11:04 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-12 11:01 - 2015-02-03 10:45 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3352751941-3298559708-1207771804-1001UA.job
2015-04-12 10:55 - 2015-01-15 10:41 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2015-04-12 10:55 - 2015-01-15 10:41 - 00000000 ___HD () C:\ASUS.DAT
2015-04-12 10:55 - 2011-04-13 03:39 - 02201830 _____ () C:\Windows\PFRO.log
2015-04-12 10:55 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-12 10:55 - 2009-07-14 06:51 - 00076641 _____ () C:\Windows\setupact.log
2015-04-12 10:54 - 2015-01-15 11:36 - 00001067 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-12 10:54 - 2015-01-15 11:36 - 00001055 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-12 10:54 - 2015-01-15 10:42 - 00000995 _____ () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-12 10:54 - 2015-01-15 08:07 - 01254329 _____ () C:\Windows\WindowsUpdate.log
2015-04-12 10:41 - 2015-01-15 08:28 - 00001368 _____ () C:\Windows\system32\ServiceFilter.ini
2015-04-12 10:41 - 2011-04-13 04:44 - 00000000 ____D () C:\Windows\ru
2015-04-12 10:40 - 2015-01-15 11:33 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\SoftGrid Client
2015-04-11 23:01 - 2015-02-03 10:45 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3352751941-3298559708-1207771804-1001Core.job
2015-04-10 11:33 - 2015-01-24 23:29 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-10 11:33 - 2015-01-24 23:29 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-10 11:33 - 2015-01-24 23:25 - 00000000 ____D () C:\Users\Andy\AppData\Local\Adobe
2015-04-10 09:49 - 2015-01-15 11:38 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Skype
2015-04-09 18:20 - 2011-03-17 13:52 - 00726180 _____ () C:\Windows\system32\perfh019.dat
2015-04-09 18:20 - 2011-03-17 13:52 - 00153304 _____ () C:\Windows\system32\perfc019.dat
2015-04-09 18:20 - 2011-02-19 07:02 - 00394440 _____ () C:\Windows\system32\perfh00D.dat
2015-04-09 18:20 - 2011-02-19 07:02 - 00087724 _____ () C:\Windows\system32\perfc00D.dat
2015-04-09 18:20 - 2011-02-19 06:56 - 00608332 _____ () C:\Windows\system32\perfh008.dat
2015-04-09 18:20 - 2011-02-19 06:56 - 00113816 _____ () C:\Windows\system32\perfc008.dat
2015-04-09 18:20 - 2011-02-19 06:51 - 00411314 _____ () C:\Windows\system32\prfh0404.dat
2015-04-09 18:20 - 2011-02-19 06:51 - 00125018 _____ () C:\Windows\system32\prfc0404.dat
2015-04-09 18:20 - 2011-02-19 06:45 - 00730648 _____ () C:\Windows\system32\prfh0816.dat
2015-04-09 18:20 - 2011-02-19 06:45 - 00155712 _____ () C:\Windows\system32\prfc0816.dat
2015-04-09 18:20 - 2011-02-19 06:40 - 00744826 _____ () C:\Windows\system32\perfh013.dat
2015-04-09 18:20 - 2011-02-19 06:40 - 00155740 _____ () C:\Windows\system32\perfc013.dat
2015-04-09 18:20 - 2011-02-19 06:35 - 00741648 _____ () C:\Windows\system32\perfh010.dat
2015-04-09 18:20 - 2011-02-19 06:35 - 00149612 _____ () C:\Windows\system32\perfc010.dat
2015-04-09 18:20 - 2011-02-19 06:29 - 00747112 _____ () C:\Windows\system32\perfh00C.dat
2015-04-09 18:20 - 2011-02-19 06:29 - 00152116 _____ () C:\Windows\system32\perfc00C.dat
2015-04-09 18:20 - 2011-02-19 06:24 - 00708726 _____ () C:\Windows\system32\perfh007.dat
2015-04-09 18:20 - 2011-02-19 06:24 - 00152072 _____ () C:\Windows\system32\perfc007.dat
2015-04-09 18:20 - 2011-02-19 06:19 - 00746956 _____ () C:\Windows\system32\perfh00A.dat
2015-04-09 18:20 - 2011-02-19 06:19 - 00161148 _____ () C:\Windows\system32\perfc00A.dat
2015-04-09 18:20 - 2009-07-14 07:13 - 08743348 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-09 18:13 - 2015-01-27 10:18 - 00000000 ____D () C:\Windows\Minidump
2015-04-09 18:13 - 2015-01-27 09:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-07 13:27 - 2015-01-15 20:33 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\vlc
2015-04-07 07:47 - 2015-01-15 11:32 - 08579870 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-05 13:44 - 2015-01-15 08:28 - 00002318 _____ () C:\Windows\system32\AutoRunFilter.ini
2015-04-03 14:43 - 2015-02-03 11:35 - 00000000 ____D () C:\Users\Andy\.gimp-2.8
2015-04-03 14:20 - 2015-02-03 11:45 - 00000000 ____D () C:\Users\Andy\AppData\Local\gtk-2.0
2015-03-29 19:42 - 2015-01-15 10:41 - 00000000 ____D () C:\Users\Andy
2015-03-29 15:26 - 2015-01-15 10:43 - 00000000 ____D () C:\Users\Andy\Documents\Bluetooth Folder
2015-03-26 10:55 - 2015-02-08 15:26 - 00000000 ____D () C:\Program Files (x86)\PDF24
2015-03-25 14:09 - 2015-02-08 15:06 - 00000000 ____D () C:\Users\Andy\Documents\Bewerbung
2015-03-24 23:02 - 2015-01-15 19:16 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Identity Safe
2015-03-24 19:23 - 2011-04-13 04:51 - 00000000 ____D () C:\ProgramData\Trend Micro
2015-03-24 19:20 - 2015-02-20 16:36 - 00000000 ____D () C:\Users\Andy\AppData\Local\Trend Micro
2015-03-24 19:20 - 2009-07-29 07:10 - 00000000 ____D () C:\Users\Administrator
2015-03-24 16:23 - 2015-01-15 10:59 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe
2015-03-24 16:23 - 2015-01-15 10:59 - 00000000 ____D () C:\Windows\system32\Drivers\NSTx64
2015-03-24 16:23 - 2015-01-15 10:59 - 00000000 ____D () C:\ProgramData\NCOTEMP
2015-03-15 19:10 - 2015-01-15 11:38 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-15 19:10 - 2015-01-15 11:38 - 00000000 ____D () C:\ProgramData\Skype

==================== Files in the root of some directories =======

2015-02-20 17:18 - 2015-02-20 17:18 - 0000036 _____ () C:\Users\Andy\AppData\Local\housecall.guid.cache
2015-04-03 14:20 - 2015-04-03 14:20 - 0001485 _____ () C:\Users\Andy\AppData\Local\recently-used.xbel
2015-01-18 20:16 - 2015-01-18 20:16 - 0007606 _____ () C:\Users\Andy\AppData\Local\Resmon.ResmonCfg
2015-04-05 13:15 - 2015-04-05 13:16 - 0000009 _____ () C:\Users\Andy\AppData\Local\~wmrg
2011-04-13 04:48 - 2010-07-07 01:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2015-01-15 08:39 - 2015-01-15 08:39 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2015-01-15 08:41 - 2015-01-15 08:42 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2015-01-15 08:41 - 2015-01-15 08:41 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2015-01-15 08:35 - 2015-01-15 08:38 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2015-01-15 08:38 - 2015-01-15 08:39 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
2015-01-15 08:34 - 2015-01-15 08:35 - 0000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log

Some content of TEMP:
====================
C:\Users\Andy\AppData\Local\Temp\Quarantine.exe
C:\Users\Andy\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Andy\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-12 15:36

==================== End Of Log ============================
         

--- --- ---

--- --- ---

ESET Online Scanner

• Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
• Lade und starte Eset Online Scanner
• Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
• Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
• Klicke auf Starten.
• Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Klicke am Ende des Suchlaufs auf Fertig stellen.
• Schließe das Fenster von ESET.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte SecurityCheck und:

• Speichere es auf dem Desktop.
• Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
• Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Bin jetzt auch damit durch. Nach dem Scan war zunächst alles beim alten, jetzt scheint es besser zu sein. Ich muss mal abwarten, weil es schon mal zwischendurch besser war und sich dann wieder extrem verschlechtert hat.
Hier sind die nächsten logfiles:

Code: Alles auswählenAufklappen

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=2ce43ff223a43945a975eec0919b96b7
# engine=23352
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-04-13 12:38:04
# local_time=2015-04-13 02:38:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 91 1714711 1714873 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 66 85 7242309 180558534 0 0
# scanned=489248
# found=98
# cleaned=98
# scan_time=6797
sh=CE216FED51F2D45CBB48AA32F2AB44D989ADC1F9 ft=1 fh=322fd571b45f2961 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\$Recycle.Bin\S-1-5-21-3352751941-3298559708-1207771804-1001\$R68QNGB.exe"
sh=47B19AB97028D8925579BED54EFEE88C8107D6B6 ft=1 fh=34f71966959b3eb8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Andy\AppData\Local\Temp\DMR\dmr_72.exe"
sh=97A207221291ACD4B855A8A3E1666556CACE8BCA ft=1 fh=be48ad8555e1bb02 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Andy\Downloads\Camtasia Studio - CHIP-Installer.exe"
sh=903D464D96F3C16D1E5A7AD2599D615A7ADB4609 ft=1 fh=37de68c67ac1c967 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Andy\Downloads\Helium Backup Desktop Client - CHIP-Installer.exe"
sh=8A5EFFE6C11DB10F7B592CDC2A4A40E1C492501E ft=1 fh=9102d03c5e2ef236 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Andy\Downloads\HP USB Disk Storage Format Tool - CHIP-Installer.exe"
sh=E18B5242B0C893DF09E34A9E89DE551503F31591 ft=1 fh=5a1a58d6d884f372 vn="Win32/Somoto.Q evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Andy\Downloads\streamtransportsetup_25412.exe"
sh=9707FC048CF6F41AB0EF50B951BE7BDAF0539575 ft=1 fh=25c8d0668caad44e vn="NSIS/StartPage.CC Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Andy\Downloads\vlc-2.1.5-win32.exe"
sh=59001288C99758089735F62AE703A0F0F3B27318 ft=1 fh=5a811c2172d67d30 vn="Win32/Adware.Altnet Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="F:\Recycled\Df2\Temp\Altnet\admdata.dll"
sh=DFC07EC02397B3A2CE33C485D68970B40CC50364 ft=1 fh=7240f733a5770ad7 vn="Win32/Adware.P2PNet Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="F:\Recycled\Df2\system32\P2P Networking v126.cpl"
sh=9284B9E9B7F2D5D8EEE931CACDB1238650084288 ft=1 fh=45b669a34507de5e vn="Win32/Adware.P2PNet Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="F:\Recycled\Df2\system32\P2P Networking\MARSHAL.DLL"
sh=96FAC49B99339B20093E43367662B96FD9461802 ft=1 fh=ddcafe0a4f04b7ab vn="Win32/Adware.P2PNet Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="F:\Recycled\Df2\system32\P2P Networking\P2P Networking.exe"
sh=B3DC7558D2C76F988CAB819CCB9B0060087A7C70 ft=1 fh=9227631f22d31e37 vn="Variante von Win32/Toolbar.Conduit.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Extern HD\ABW Video\Software\vppsetup_3.0.exe"
sh=6D259E8B7FC2A5CA3A960E76EC15A39B242F94F0 ft=1 fh=4a984638c41edfed vn="Variante von Win32/Hao123.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Extern HD\ABW Video\Software\FFSetup3.2.1.0.exe"
sh=83301039D781AF18400350B80033C6329D1D6AAA ft=1 fh=02aa38386c613eb3 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Extern HD\Eigene Dateien Latitude\Eigene Bilder\Downloads\ashampoo_photo_commander_9_e9.4.2_sm.exe"
sh=E1476812A4BD414F53416C93AF14D22BFEFBFF7D ft=1 fh=e6a33b27fb0ee099 vn="Variante von Win32/Toolbar.Babylon.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Extern HD\Eigene Dateien Latitude\Eigene Bilder\Downloads\Babylon9_setup.exe"
sh=F326BB3B3ADDDB08110E55ECAF6DFC1A01DF01C6 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Perion.K evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip\2.0.0.437_0\main.js"
sh=1B6E1D103A63DA0FAF484F912897CEDD1A6C17E5 ft=1 fh=3db16538a669c801 vn="Win32/Wajam.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8XQ3HLRU\wajam_download[1].exe"
sh=5E8AA35E52FA6EE0DCDBEA79E79DC36F72D959D5 ft=1 fh=eb3d7c8b3c91213d vn="Win32/Toolbar.Conduit.AP evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H0EKO88G\ism[1].exe"
sh=5D410B1A0FE8AFB69CD8599120E7046564A32B02 ft=1 fh=8e7653c913c7716f vn="Win32/Conduit.SearchProtect.Q evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OW12MAMH\SPSetup[1].exe"
sh=C085A67A528D967F142ACC673CF700EE1CB2255C ft=1 fh=75df3ded92374cbc vn="Win32/AdWare.Linkular.AH Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PF3RI0GZ\InstallMonetizer-PriceGong_v2[1].exe"
sh=3E37507BBD4C0287689634B2CDD77E59679681AF ft=1 fh=cbd9e88b633aff58 vn="Win32/Toolbar.Conduit.AP evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PF3RI0GZ\mism[1].exe"
sh=1D9632DFFBA38A7C49C49404903C31C6AB950C9A ft=1 fh=cdcc631666c30194 vn="Win32/InstallMonetizer.AG evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T322MJL3\MyPhoneExplorer_v2_5185[1].exe"
sh=6FC76EC41DA998B8969D07337A356DC29576CF31 ft=1 fh=ed183d0b59e81e34 vn="Win32/Wajam.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T322MJL3\wajam_install[1].exe"
sh=2A2FD5B25E29CEAB0D0DCD079AB97B50E87C27DA ft=1 fh=e7d1ed22d2bc6bdf vn="Win32/Toolbar.Conduit.AO evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WFXNOKHH\checktbexist[1].exe"
sh=0FAA3E31F880DD2A6479FF4D92C12E3C07F40126 ft=0 fh=0000000000000000 vn="JS/Iframe.IX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QCZD2OBA\look2[1].htm"
sh=37E50B4BEFD7E9D48EB825F4F688F79701DFEC2F ft=1 fh=d62dce1fbed1df39 vn="Win32/Toolbar.Babylon.M evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\34EF.tmp"
sh=09A049528A132F55D191CCBC4CB485248FEB75C5 ft=1 fh=51064c0d2585d37e vn="Win32/Toolbar.Babylon.M evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\5B.tmp"
sh=F7AADED99A52C05497EAFD6870EA482592DEC7F2 ft=1 fh=8705b635929613a5 vn="Win32/Toolbar.Babylon.M evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\9476.tmp"
sh=09A049528A132F55D191CCBC4CB485248FEB75C5 ft=1 fh=51064c0d2585d37e vn="Win32/Toolbar.Babylon.M evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\AE27.tmp"
sh=49085687DF46998B48742E67E5068A7704586508 ft=1 fh=c1b5b70527f93ad3 vn="Win32/Toolbar.Babylon.M evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\B7EE.tmp"
sh=7757053F139368C44AB712E2BA980FF6D1F92230 ft=1 fh=d06527e6fb4a1993 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\Dcw2mopb.exe.part"
sh=09D7C13322C32E3A6E321A2694094BC66E81B3A4 ft=1 fh=255fa89cab5626e7 vn="Win32/Toolbar.Babylon.M evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\DD06.tmp"
sh=71E050F917C61D99E59A6D898FA0EC116BEAB810 ft=1 fh=0c7dc83d72e4c26e vn="Win32/Toolbar.Babylon.M evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\E8C8.tmp"
sh=3560FE1E82F4F75412E044A2A0B6F964ED25A9D2 ft=1 fh=460447689ed950e5 vn="Win32/Conduit.SearchProtect.V evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\nsj2D76.exe"
sh=3560FE1E82F4F75412E044A2A0B6F964ED25A9D2 ft=1 fh=460447689ed950e5 vn="Win32/Conduit.SearchProtect.V evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\nsk6627.exe"
sh=3560FE1E82F4F75412E044A2A0B6F964ED25A9D2 ft=1 fh=460447689ed950e5 vn="Win32/Conduit.SearchProtect.V evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\nsp3007.exe"
sh=3560FE1E82F4F75412E044A2A0B6F964ED25A9D2 ft=1 fh=460447689ed950e5 vn="Win32/Conduit.SearchProtect.V evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\nsp69A1.exe"
sh=3560FE1E82F4F75412E044A2A0B6F964ED25A9D2 ft=1 fh=460447689ed950e5 vn="Win32/Conduit.SearchProtect.V evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\nsu3297.exe"
sh=3560FE1E82F4F75412E044A2A0B6F964ED25A9D2 ft=1 fh=460447689ed950e5 vn="Win32/Conduit.SearchProtect.V evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\nsu63F4.exe"
sh=5543317AB6CC3C84B018F7262CD7F6048CA22C4B ft=1 fh=1b57474b1411cddc vn="Win32/InstallMonetizer.AH evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\OpY33vp8.exe.part"
sh=1574A9C7440D9941D68F4C0E6ACCDE68063B5934 ft=1 fh=e3349bd8bc1a76dd vn="Mehrere Bedrohungen (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\SingAlong.exe"
sh=C35A0B3AF06F6AD199122599237B5AA67CEEB876 ft=1 fh=f14327a1ad7f7876 vn="Win32/Conduit.SearchProtect.Q evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\SPSetup.exe"
sh=65B4666E94C26E6F1922AAD2279148BE2D5FE75B ft=1 fh=59609bf2bab5fed0 vn="Variante von Win32/Toolbar.Perion.J evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\v-bates.exe"
sh=8643CD47EC247BDA2902E35EA04870B94A8639C6 ft=1 fh=2985cf3bb513ce78 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\1CA02638-BAB0-7891-B260-9855CAB652D3\Latest\BabMaint.exe"
sh=DED201AE02FB9EA3646489AFEDA49270C4620D9C ft=1 fh=c71c001196f8c3ac vn="Variante von Win32/Toolbar.Babylon.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\1CA02638-BAB0-7891-B260-9855CAB652D3\Latest\BExternal.dll"
sh=E8F9D00FF0D357E30520D93C7B658E475B7E75FD ft=1 fh=33524083d80a17da vn="Variante von Win32/Toolbar.Babylon.P evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\1CA02638-BAB0-7891-B260-9855CAB652D3\Latest\BUSolution.dll"
sh=C9E3CDFA105FC1E7F8989C50242022EEE8374BAC ft=1 fh=589655440d93a8f9 vn="Win32/Toolbar.Babylon.M evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\1CA02638-BAB0-7891-B260-9855CAB652D3\Latest\ccp.exe"
sh=007A216C06954B0B18ECFF4950D444BE678E495B ft=1 fh=c37a103a45831e9a vn="Variante von Win32/Toolbar.Babylon.Z evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\1CA02638-BAB0-7891-B260-9855CAB652D3\Latest\CrxInstaller.dll"
sh=7759A3318DE2ABC3755EBB7F50322C6D586B5286 ft=1 fh=e3d39714b3bfb2a0 vn="Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\1CA02638-BAB0-7891-B260-9855CAB652D3\Latest\IEHelper.dll"
sh=730970F5946FBAD6B127C41A8C224AE2D2335F48 ft=1 fh=e3b7f7ac4b096ca3 vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\1CA02638-BAB0-7891-B260-9855CAB652D3\Latest\MyBabylonTB.exe"
sh=CAE38F7984A73FA129EB5FD190410A68C81350C2 ft=1 fh=b629c1bd568509dc vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\1CA02638-BAB0-7891-B260-9855CAB652D3\Latest\Setup.exe"
sh=035EF1A19AFC0D423C85505DB17D2859FAC2250F ft=1 fh=b94a471135a3d38b vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\ADD88E11-BAB0-7891-BB86-B03C624CF593\BabMaint.exe"
sh=E2BA5F8A7BD2BAF32FF31730BAD873C8E7957030 ft=1 fh=6e8622963c31f56a vn="Variante von Win32/Toolbar.Babylon.P evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\ADD88E11-BAB0-7891-BB86-B03C624CF593\BUSolution.dll"
sh=49085687DF46998B48742E67E5068A7704586508 ft=1 fh=c1b5b70527f93ad3 vn="Win32/Toolbar.Babylon.M evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\ADD88E11-BAB0-7891-BB86-B03C624CF593\ccp.exe"
sh=1466BC1893B6D4B277A177CD2C7D1BEF65F6AAEB ft=1 fh=407239d3cdeb51cc vn="Win32/Toolbar.Babylon.U evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\ADD88E11-BAB0-7891-BB86-B03C624CF593\CrxInstaller.dll"
sh=BCD82DF66056063F8B2BEBC62A31ADACDAD38796 ft=1 fh=615817bbaca864be vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\ADD88E11-BAB0-7891-BB86-B03C624CF593\MyBabylonTB.exe"
sh=91FD0C68DC46843917C8FEA976D8DDF7B941D897 ft=1 fh=fe05ab993baef410 vn="Win32/Toolbar.Babylon.P evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\bus3F4\BabMaint.x"
sh=43EAA89AE51391FE6219B415ED726FB621B354FE ft=1 fh=c71c00115a62a541 vn="Variante von Win32/Toolbar.Babylon.P evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\bus3F4\BUSolution.x"
sh=5E8AA35E52FA6EE0DCDBEA79E79DC36F72D959D5 ft=1 fh=eb3d7c8b3c91213d vn="Win32/Toolbar.Conduit.AP evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\ct3297265\ism.exe"
sh=CC41CADBBD6BA6ED0BFDD17798B4C9F94D7955E0 ft=1 fh=e26a6656a404b558 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\DIQM\FlashPlayer_151\software\Delta Babylon.exe"
sh=FF03814AB8B1721F30D5BC8B60FA7328F0282888 ft=1 fh=d31e7a98d2ddd543 vn="Win32/DomaIQ.M evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\DIQM\FlashPlayer_151\software\FlashPlayer.exe"
sh=D7DF283C23F08E8CC03208B8E8683A6785F0116A ft=1 fh=0fbae9a1f447571f vn="Win32/VuuPc.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\is45637729\ClickMeInSetup.exe"
sh=61D62F5BE1FC947C9ACC61F260E2E44A230AA7AF ft=1 fh=049cf51099fb3b2c vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\is45637729\DeltaTB.exe"
sh=00F0F12B957C93533A4F8BBDA4669206292BC27A ft=1 fh=0527cfeaa2c1dfde vn="Variante von Win32/DealPly.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\is45637729\dp.exe"
sh=F88FF31676117837ED6DA9AA996B9ABED0847898 ft=1 fh=b3afc211d7639870 vn="Variante von Win32/DealPly.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\is45637729\UpdaterEX.exe"
sh=7676D2F17068A9050BBBBE10908E75BC5D59B631 ft=1 fh=2d5c485f303dcc33 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\OCS\ocs_v6z.exe"
sh=78291A99C56B070EA0908A09C9ED4823F72C6A31 ft=1 fh=303c525d22b897e4 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\OCS\ocs_v7a.exe"
sh=3C7ABF269FF810D98AA22B248D3101E660E92A6B ft=1 fh=3698351b0a457f1d vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\scoped_dir_7316_32417\CRX_INSTALL\GoogleChromeRemotePlugin.dll"
sh=E0814D0F17EE1122F6D3507DC676030F8E1CC133 ft=1 fh=0e0f46db8e6ee8c4 vn="Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\upd3F60\BabMaint.x"
sh=7664F6A327E5201011200E703489577A0971AB77 ft=1 fh=c71c0011451c6a93 vn="Variante von Win32/Toolbar.Babylon.P evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Local\Temp\upd3F60\BUSolution.x"
sh=91FD0C68DC46843917C8FEA976D8DDF7B941D897 ft=1 fh=fe05ab993baef410 vn="Win32/Toolbar.Babylon.P evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Roaming\BabMaint.exe"
sh=E0814D0F17EE1122F6D3507DC676030F8E1CC133 ft=1 fh=0e0f46db8e6ee8c4 vn="Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Roaming\BabSolution\Shared\BabMaint.exe"
sh=7664F6A327E5201011200E703489577A0971AB77 ft=1 fh=c71c0011451c6a93 vn="Variante von Win32/Toolbar.Babylon.P evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Roaming\BabSolution\Shared\BUSolution.dll"
sh=143416AAC4F6000C3A3235EB4EC955B4D0B6955E ft=1 fh=b68409d87b15670c vn="Win32/DealPly.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Roaming\Dealply\UpdateProc\UpdateTask.exe"
sh=4D5B1DA43DB2A4E3C2CC33EC25C142150A2A0415 ft=1 fh=42cdebd77adffd28 vn="Variante von Win32/FileScout.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Roaming\File Scout\filescout.exe"
sh=A1445110587CC891758AEBD7232896443E6C7E74 ft=1 fh=c71c0011b94160dc vn="Variante von Win32/Toolbar.Linkury.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Roaming\OpenCandy\19C9B84D62BA433FA255F263D8EBF96B\Installer.exe"
sh=829D808C091045F45C513A6E4AB17055A52A9320 ft=1 fh=282fb76e1825b814 vn="Variante von Win32/Toolbar.Babylon.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\AppData\Roaming\OpenCandy\F06152297DCE4BC89DB7BE195B1CB4AB\DeltaTB.exe"
sh=1985A05100010AC5567626CA327B95942420D81F ft=1 fh=31688d3360fae4b8 vn="Win32/BundleLoader.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\Desktop\freehdvideoconverter.exe"
sh=6D259E8B7FC2A5CA3A960E76EC15A39B242F94F0 ft=1 fh=4a984638c41edfed vn="Variante von Win32/Hao123.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\Downloads\FFSetup3.2.1.0.exe"
sh=EBE1748008422C218FD21BE383F80D627749A777 ft=1 fh=0b398f41eb4bbb2e vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\Downloads\FreeAudioCDToMP3Converter_1.3.12.1228 (1).exe"
sh=EBE1748008422C218FD21BE383F80D627749A777 ft=1 fh=0b398f41eb4bbb2e vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\Downloads\FreeAudioCDToMP3Converter_1.3.12.1228.exe"
sh=BBF720F7D0979F109CB83C94DCE41AB5DC992C5E ft=1 fh=ca2f9121d7385712 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\Downloads\FreeScreenVideoRecorder_2.5.29.320.exe"
sh=F3BD0899BD9F6CB039ED9F45C90C74C1717C239F ft=1 fh=300234808c6b6bcf vn="Win32/AdWare.1ClickDownload.AT Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="F:\Andy\Downloads\hdplugin_chrome.exe"
sh=8DCED07C39482DFA87FB48D3D3963D15DD0B2C47 ft=1 fh=276f979b5c7a1fc8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\Downloads\jpg-to-pdf-converter-2-1 (1).exe"
sh=F8D46269626A824DF007CFC5623DF3B58790EFE8 ft=1 fh=6b0698a23ac1620f vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\Downloads\jpg-to-pdf-converter-2-1.exe"
sh=C63F1CB1ED49C82EAE8D85174A81E371F46B62C0 ft=1 fh=e60b315d4455425d vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\Downloads\mp4-to-mp3-converter-3-0.exe"
sh=5543317AB6CC3C84B018F7262CD7F6048CA22C4B ft=1 fh=1b57474b1411cddc vn="Win32/InstallMonetizer.AH evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\Downloads\MyPhoneExplorer_Setup_1.8.4.exe"
sh=BCF43267B4416C6DDEFAAD5AE0A63E3F682C5BB0 ft=1 fh=905be375e5c80006 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\Downloads\PDFCreator-1_6_2_2_setup.exe"
sh=C9CDC8AF0C94ACAEAA9111A95F41E8BEB4CF15FB ft=1 fh=05da47c4c7e16484 vn="MSIL/Solimba evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\Downloads\Setup (1).exe"
sh=8420ED2E975874368083D1D8AF00AB4F7047D147 ft=1 fh=f56940489e6e292d vn="MSIL/Solimba evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\Downloads\Setup.exe"
sh=7A7B5DDB1EBC0887992BC85CD014CED86D6B57A3 ft=1 fh=728f8de92553945f vn="Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\Downloads\SoftonicDownloader_fuer_free-hd-video-converter.exe"
sh=E5A52BF1AB5AC9A49C415E8E08B86850E9A0321D ft=1 fh=777f49c7d29362fb vn="Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\Downloads\SoftonicDownloader_fuer_lightworks (1).exe"
sh=7757053F139368C44AB712E2BA980FF6D1F92230 ft=1 fh=d06527e6fb4a1993 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\Downloads\SoftonicDownloader_fuer_lightworks(1).exe"
sh=7757053F139368C44AB712E2BA980FF6D1F92230 ft=1 fh=d06527e6fb4a1993 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\Downloads\SoftonicDownloader_fuer_lightworks.exe"
sh=D079D19C464306ECFB8A148512B8793678CA215E ft=1 fh=c9057752245f9b77 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\Downloads\SoftonicDownloader_fuer_windows-movie-maker-2012.exe"
sh=F1EFF6451CED129C0E5C0A510955F234A01158A0 ft=1 fh=332b4278a72373e2 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\Downloads\Unlocker1.9.2.exe"
sh=24F71794351BF483BEA92F481ADE80720EB85B48 ft=1 fh=a38bde45c2e84d80 vn="Variante von Win32/Toolbar.Conduit.AE evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\Downloads\VideoSpin_2_0_Setup.exe"
sh=B3DC7558D2C76F988CAB819CCB9B0060087A7C70 ft=1 fh=9227631f22d31e37 vn="Variante von Win32/Toolbar.Conduit.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Andy\Downloads\vppsetup_3.0 (1).exe"
         

Code: Alles auswählenAufklappen

ATTFilter

 Results of screen317's Security Check version 1.00  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java(TM) 6 Update 12  
 Java version 32-bit out of Date! 
 Adobe Flash Player 10 Flash Player out of Date! 
 Adobe Flash Player 17.0.0.134  
 Mozilla Firefox (37.0.1) 
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-04-2015
Ran by Andy (administrator) on ANDY-PC on 13-04-2015 15:07:07
Running from C:\Users\Andy\Downloads
Loaded Profiles: UpdatusUser & Andy (Available profiles: UpdatusUser & Andy)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Windows\AsScrPro.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Sonix Technology Co., Ltd.) C:\Windows\vsnp2uvc.exe
(Evaer Technology) C:\Program Files (x86)\Evaer\videochannel.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(Windows (R) Win 7 DDK provider) C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
() C:\ExpressGateUtil\VAWinAgent.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Java\jre6\bin\jusched.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
() C:\ExpressGateUtil\VAWinService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-06-10] (ELAN Microelectronic Corp.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2010-08-11] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2207848 2011-03-21] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations)
HKLM\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [909824 2010-01-21] (Sonix Technology Co., Ltd.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme)
HKLM-x32\...\Run: [FLxHCIm] => C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe [40448 2011-02-25] (Windows (R) Win 7 DDK provider)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-18] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-08] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
HKLM-x32\...\Run: [VAWinAgent] => C:\ExpressGateUtil\VAWinAgent.exe [21504 2010-08-13] ()
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [87336 2010-02-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2010-11-25] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-03-24] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Java\jre6\bin\jusched.exe [148888 2015-03-29] (Sun Microsystems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3352751941-3298559708-1207771804-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
HKU\S-1-5-21-3352751941-3298559708-1207771804-1001\...\Run: [Google Update] => C:\Users\Andy\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2015-02-03] (Google Inc.)
HKU\S-1-5-21-3352751941-3298559708-1207771804-1001\...\Run: [Google+ Auto Backup] => C:\Users\Andy\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3754312 2015-02-13] (Google Inc.)
HKU\S-1-5-21-3352751941-3298559708-1207771804-1001\...\Run: [avichannel] => C:\Program Files (x86)\Evaer\videochannel.exe [1740776 2015-03-08] (Evaer Technology)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [226920 2011-03-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [192616 2011-03-08] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe ()
Startup: C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk
ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3352751941-3298559708-1207771804-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
HKU\S-1-5-21-3352751941-3298559708-1207771804-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3352751941-3298559708-1207771804-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKU\S-1-5-21-3352751941-3298559708-1207771804-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKU\S-1-5-21-3352751941-3298559708-1207771804-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-3352751941-3298559708-1207771804-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = 
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-24] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll No File
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-24] (Avast Software s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2015-03-29] (Sun Microsystems, Inc.)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll No File
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-04-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-10] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3352751941-3298559708-1207771804-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Andy\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-3352751941-3298559708-1207771804-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Andy\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Extension: Print pages to PDF - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\Extensions\printPages2Pdf@reinhold.ripper [2015-01-27]
FF Extension: ProxTube - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\Extensions\ich@maltegoetz.de.xpi [2015-03-22]
FF Extension: Download YouTube Videos, Fast And Simple - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\Extensions\jid1-cHKBMlArKdIVEg@jetpack.xpi [2015-04-05]
FF Extension: Save as PDF - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2015-02-12]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2015-04-05]
FF Extension: FlashGot - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2015-04-11]
FF Extension: Adblock Plus - C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\l8ec7dcz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-15]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn [2015-04-13]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-24]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-03-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-24]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-24] (Avast Software s.r.o.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-24] (Avast Software)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-03-23] (Foxit Software Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
R3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [77312 2010-08-21] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-24] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-24] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-24] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-03-24] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-24] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-03-24] ()
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [81920 2011-02-25] (Fresco Logic)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800832 2010-09-07] (Sonix Technology Co., Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-24] (Avast Software)
U2 TMAgent; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-13 15:07 - 2015-04-13 15:07 - 00000000 ____D () C:\Users\Andy\Downloads\FRST-OlderVersion
2015-04-13 15:06 - 2015-04-13 15:06 - 00000865 _____ () C:\Users\Andy\Desktop\checkup.txt
2015-04-13 15:01 - 2015-04-13 15:01 - 00852616 _____ () C:\Users\Andy\Downloads\SecurityCheck.exe
2015-04-13 14:57 - 2015-04-13 14:57 - 00000000 ___RD () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-04-13 12:42 - 2015-04-13 12:42 - 02347384 _____ (ESET) C:\Users\Andy\Downloads\esetsmartinstaller_deu.exe
2015-04-12 11:11 - 2015-04-12 11:11 - 00040263 _____ () C:\Users\Andy\Desktop\FRST.txt
2015-04-12 11:06 - 2015-04-12 11:06 - 00002052 _____ () C:\Users\Andy\Desktop\JRT.txt
2015-04-12 11:03 - 2015-04-12 11:03 - 02686959 _____ (Thisisu) C:\Users\Andy\Downloads\JRT.exe
2015-04-12 11:03 - 2015-04-12 11:03 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ANDY-PC-Windows-7-Home-Premium-(64-bit).dat
2015-04-12 11:03 - 2015-04-12 11:03 - 00000000 ____D () C:\RegBackup
2015-04-12 10:56 - 2015-04-12 10:56 - 00003597 _____ () C:\Users\Andy\Desktop\AdwCleaner[S0].txt
2015-04-12 10:51 - 2015-04-12 10:54 - 00000000 ____D () C:\AdwCleaner
2015-04-12 10:51 - 2015-04-12 10:51 - 02217984 _____ () C:\Users\Andy\Downloads\AdwCleaner_4.201.exe
2015-04-12 10:25 - 2015-04-12 10:45 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-12 10:25 - 2015-04-12 10:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-12 10:25 - 2015-04-12 10:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-12 10:25 - 2015-04-12 10:25 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-04-12 10:25 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-12 10:25 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-12 10:25 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-12 10:24 - 2015-04-12 10:24 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Andy\Downloads\mbam-setup-2.1.4.1018.exe
2015-04-11 21:23 - 2015-04-11 21:23 - 00000000 ____D () C:\Users\Andy\Documents\StreamTransport
2015-04-11 21:17 - 2015-04-11 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport
2015-04-11 21:17 - 2015-04-11 21:17 - 00000000 ____D () C:\Program Files (x86)\StreamTransport
2015-04-10 13:11 - 2015-04-13 15:07 - 00023610 _____ () C:\Users\Andy\Downloads\FRST.txt
2015-04-10 13:11 - 2015-04-10 15:45 - 00035686 _____ () C:\Users\Andy\Downloads\Addition.txt
2015-04-10 13:10 - 2015-04-13 15:07 - 00000000 ____D () C:\FRST
2015-04-10 13:09 - 2015-04-13 15:07 - 02096640 _____ (Farbar) C:\Users\Andy\Downloads\FRST64.exe
2015-04-09 18:13 - 2015-04-09 18:14 - 01424240 _____ () C:\Windows\Minidump\040915-45599-01.dmp
2015-04-05 13:41 - 2015-04-05 13:41 - 00000000 ____D () C:\Users\Andy\Documents\Camtasia Studio
2015-04-05 13:41 - 2015-04-05 13:41 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\TechSmith
2015-04-05 13:41 - 2015-04-05 13:41 - 00000000 ____D () C:\Users\Andy\AppData\Local\TechSmith
2015-04-05 13:34 - 2015-04-05 13:34 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith
2015-04-05 13:34 - 2015-04-05 13:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2015-04-05 13:34 - 2015-04-05 13:34 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-04-05 13:33 - 2015-04-05 13:33 - 00000000 ____D () C:\ProgramData\TechSmith
2015-04-05 13:33 - 2015-04-05 13:33 - 00000000 ____D () C:\Program Files (x86)\TechSmith
2015-04-05 13:15 - 2015-04-05 13:16 - 00000009 _____ () C:\Users\Andy\AppData\Local\~wmrg
2015-04-05 13:15 - 2015-04-05 13:16 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\WM Recorder
2015-04-05 13:15 - 2015-04-05 13:15 - 00002073 _____ () C:\Users\Andy\Desktop\WM Converter.lnk
2015-04-05 13:15 - 2015-04-05 13:15 - 00001874 _____ () C:\Users\Andy\Desktop\WM Recorder 14.lnk
2015-04-05 13:15 - 2015-04-05 13:15 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WM Recorder 14
2015-04-05 13:15 - 2015-04-05 13:15 - 00000000 ____D () C:\Program Files (x86)\WMR14
2015-04-05 13:14 - 2015-04-05 13:14 - 22303248 _____ (AllAlex, Inc) C:\Users\Andy\Downloads\install_wmrecorder.exe
2015-04-05 11:42 - 2015-04-05 11:42 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-05 11:42 - 2015-04-05 11:42 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-04 16:55 - 2015-04-04 16:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-03 14:20 - 2015-04-03 14:20 - 00001485 _____ () C:\Users\Andy\AppData\Local\recently-used.xbel
2015-04-03 12:00 - 2015-04-03 12:00 - 00000246 _____ () C:\Users\Andy\Downloads\README.md
2015-04-03 11:51 - 2015-04-03 22:48 - 00000000 ____D () C:\Users\Andy\Documents\Evaer
2015-04-03 11:51 - 2015-04-03 21:44 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Evaer
2015-04-03 11:51 - 2015-04-03 11:51 - 07902120 _____ (Evaer Technology) C:\Users\Andy\Downloads\EvaerSetup.exe
2015-04-03 11:51 - 2015-04-03 11:51 - 00000951 _____ () C:\Users\Andy\Desktop\Evaer.lnk
2015-04-03 11:51 - 2015-04-03 11:51 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evaer
2015-04-03 11:51 - 2015-04-03 11:51 - 00000000 ____D () C:\Users\Andy\AppData\Local\CrashRpt
2015-04-03 11:51 - 2015-04-03 11:51 - 00000000 ____D () C:\Program Files (x86)\Evaer
2015-03-29 19:52 - 2015-03-29 19:52 - 00000000 ____D () C:\ProgramData\Samsung
2015-03-29 19:52 - 2015-03-29 19:52 - 00000000 ____D () C:\Program Files\SAMSUNG
2015-03-29 19:51 - 2015-03-29 19:52 - 24111736 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\Andy\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
2015-03-29 19:42 - 2015-03-29 19:42 - 00000000 ____D () C:\Users\Andy\.android
2015-03-29 19:40 - 2015-03-29 19:40 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2015-03-29 18:12 - 2015-03-29 18:16 - 00000000 ____D () C:\Users\Andy\Documents\Create at Home Projekts
2015-03-29 17:08 - 2015-03-29 17:08 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\MPC
2015-03-29 17:07 - 2015-03-29 17:07 - 00000000 ____D () C:\Users\Andy\.kodakch
2015-03-29 17:05 - 2015-03-29 17:05 - 00002166 _____ () C:\Users\Public\Desktop\KODAK Create@Home Software (für dm).lnk
2015-03-29 17:05 - 2015-03-29 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KODAK Create@Home Software (für dm)
2015-03-29 17:04 - 2015-03-29 17:07 - 00000000 ____D () C:\Program Files (x86)\KODAK Create@Home Software (für dm)
2015-03-29 17:02 - 2015-03-29 17:02 - 00410984 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deploytk.dll
2015-03-29 17:02 - 2015-03-29 17:02 - 00148888 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2015-03-29 17:02 - 2015-03-29 17:02 - 00144792 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2015-03-29 17:02 - 2015-03-29 17:02 - 00144792 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2015-03-29 17:02 - 2015-03-29 17:02 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-29 17:00 - 2015-03-29 17:00 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Kodak Alaris Inc
2015-03-29 16:56 - 2015-03-29 17:00 - 171695608 _____ (Kodak Alaris Inc.) C:\Users\Andy\Downloads\MyPhotoCreationInstaller.exe
2015-03-27 19:13 - 2015-03-27 19:13 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClockworkMod
2015-03-27 19:13 - 2015-03-27 19:13 - 00000000 ____D () C:\Program Files (x86)\ClockworkMod
2015-03-26 11:10 - 2015-03-26 12:32 - 00000000 ____D () C:\Users\Andy\Documents\Bachelor
2015-03-26 11:02 - 2015-04-09 11:51 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Foxit Software
2015-03-26 11:02 - 2015-03-26 11:02 - 00000000 ____D () C:\Users\Public\Foxit Software
2015-03-26 11:02 - 2015-03-26 11:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-03-26 11:01 - 2015-03-26 11:01 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2015-03-26 10:58 - 2015-03-26 10:59 - 38371256 _____ (Foxit Software Inc. ) C:\Users\Andy\Downloads\FoxitReader713.0320_enu_Setup.exe
2015-03-24 19:21 - 2015-03-24 19:21 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\AVAST Software
2015-03-24 19:20 - 2015-03-24 19:23 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-03-24 19:20 - 2015-03-24 19:23 - 00000000 ____D () C:\Windows\system32\vbox
2015-03-24 19:20 - 2015-03-24 19:20 - 00001924 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-03-24 19:20 - 2015-03-24 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-03-24 19:19 - 2015-04-12 10:44 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-24 19:19 - 2015-03-24 19:19 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-03-24 19:19 - 2015-03-24 19:19 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-03-24 19:19 - 2015-03-24 19:19 - 00271200 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-03-24 19:19 - 2015-03-24 19:19 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-03-24 19:19 - 2015-03-24 19:19 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-03-24 19:19 - 2015-03-24 19:19 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-03-24 19:19 - 2015-03-24 19:19 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-03-24 19:19 - 2015-03-24 19:19 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-03-24 19:19 - 2015-03-24 19:19 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-03-24 19:19 - 2015-03-24 19:18 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-03-24 19:18 - 2015-03-24 19:18 - 00000000 ____D () C:\Program Files\AVAST Software
2015-03-24 19:16 - 2015-03-24 19:16 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-03-24 19:12 - 2015-03-24 19:15 - 150062624 _____ (Avast Software s.r.o.) C:\Users\Andy\Downloads\avast_free_antivirus_setup_10.2.2215.exe
2015-03-24 16:23 - 2015-03-24 16:23 - 00002470 _____ () C:\Users\Public\Desktop\Norton Identity Safe.lnk
2015-03-22 12:27 - 2015-04-03 12:15 - 00000102 _____ () C:\Users\Andy\Documents\wsr2015.txt
2015-03-22 12:27 - 2015-03-22 12:28 - 00003724 _____ () C:\Users\Andy\Documents\wsrp2015-agent.txt
2015-03-22 12:27 - 2015-03-22 12:27 - 00001090 _____ () C:\Users\Public\Desktop\Web Stream Recorder.lnk
2015-03-22 12:27 - 2015-03-22 12:27 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Bolide(R) Software
2015-03-22 12:27 - 2015-03-22 12:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Web Stream Recorder
2015-03-22 12:27 - 2015-03-22 12:27 - 00000000 ____D () C:\Program Files (x86)\Web Stream Recorder
2015-03-21 14:22 - 2015-04-07 10:07 - 00000000 ____D () C:\Users\Andy\Desktop\Phone
2015-03-18 12:22 - 2015-03-18 12:22 - 01776128 _____ (Evaer Technology) C:\Windows\SysWOW64\h264enc.ax
2015-03-15 19:11 - 2015-03-15 19:11 - 00000000 ____D () C:\Users\Andy\Tracing
2015-03-15 14:53 - 2015-03-15 14:53 - 00001997 _____ () C:\Users\Andy\Desktop\FOTOParadies.lnk
2015-03-15 14:53 - 2015-03-15 14:53 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FOTOParadies
2015-03-15 14:52 - 2015-03-15 14:54 - 00000000 ____D () C:\Program Files (x86)\FOTOParadies
2015-03-15 14:45 - 2015-03-15 14:51 - 302013112 _____ (Foto Online Service GmbH ) C:\Users\Andy\Downloads\FotoParadiesSetup.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-13 15:05 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-13 15:05 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-13 15:02 - 2015-01-15 08:07 - 01310544 _____ () C:\Windows\WindowsUpdate.log
2015-04-13 15:01 - 2015-02-03 10:45 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3352751941-3298559708-1207771804-1001UA.job
2015-04-13 14:57 - 2015-01-15 10:41 - 00000000 ___HD () C:\ASUS.DAT
2015-04-13 14:56 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-13 14:56 - 2009-07-14 06:51 - 00076697 _____ () C:\Windows\setupact.log
2015-04-13 14:54 - 2011-04-13 03:39 - 02202664 _____ () C:\Windows\PFRO.log
2015-04-13 12:46 - 2011-03-17 13:52 - 00726180 _____ () C:\Windows\system32\perfh019.dat
2015-04-13 12:46 - 2011-03-17 13:52 - 00153304 _____ () C:\Windows\system32\perfc019.dat
2015-04-13 12:46 - 2011-02-19 07:02 - 00394440 _____ () C:\Windows\system32\perfh00D.dat
2015-04-13 12:46 - 2011-02-19 07:02 - 00087724 _____ () C:\Windows\system32\perfc00D.dat
2015-04-13 12:46 - 2011-02-19 06:56 - 00608332 _____ () C:\Windows\system32\perfh008.dat
2015-04-13 12:46 - 2011-02-19 06:56 - 00113816 _____ () C:\Windows\system32\perfc008.dat
2015-04-13 12:46 - 2011-02-19 06:51 - 00411314 _____ () C:\Windows\system32\prfh0404.dat
2015-04-13 12:46 - 2011-02-19 06:51 - 00125018 _____ () C:\Windows\system32\prfc0404.dat
2015-04-13 12:46 - 2011-02-19 06:45 - 00730648 _____ () C:\Windows\system32\prfh0816.dat
2015-04-13 12:46 - 2011-02-19 06:45 - 00155712 _____ () C:\Windows\system32\prfc0816.dat
2015-04-13 12:46 - 2011-02-19 06:40 - 00744826 _____ () C:\Windows\system32\perfh013.dat
2015-04-13 12:46 - 2011-02-19 06:40 - 00155740 _____ () C:\Windows\system32\perfc013.dat
2015-04-13 12:46 - 2011-02-19 06:35 - 00741648 _____ () C:\Windows\system32\perfh010.dat
2015-04-13 12:46 - 2011-02-19 06:35 - 00149612 _____ () C:\Windows\system32\perfc010.dat
2015-04-13 12:46 - 2011-02-19 06:29 - 00747112 _____ () C:\Windows\system32\perfh00C.dat
2015-04-13 12:46 - 2011-02-19 06:29 - 00152116 _____ () C:\Windows\system32\perfc00C.dat
2015-04-13 12:46 - 2011-02-19 06:24 - 00708726 _____ () C:\Windows\system32\perfh007.dat
2015-04-13 12:46 - 2011-02-19 06:24 - 00152072 _____ () C:\Windows\system32\perfc007.dat
2015-04-13 12:46 - 2011-02-19 06:19 - 00746956 _____ () C:\Windows\system32\perfh00A.dat
2015-04-13 12:46 - 2011-02-19 06:19 - 00161148 _____ () C:\Windows\system32\perfc00A.dat
2015-04-13 12:46 - 2009-07-14 07:13 - 08743348 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-12 23:01 - 2015-02-03 10:45 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3352751941-3298559708-1207771804-1001Core.job
2015-04-12 10:55 - 2015-01-15 10:41 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2015-04-12 10:54 - 2015-01-15 11:36 - 00001067 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-12 10:54 - 2015-01-15 11:36 - 00001055 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-12 10:54 - 2015-01-15 10:42 - 00000995 _____ () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-12 10:41 - 2015-01-15 08:28 - 00001368 _____ () C:\Windows\system32\ServiceFilter.ini
2015-04-12 10:41 - 2011-04-13 04:44 - 00000000 ____D () C:\Windows\ru
2015-04-12 10:40 - 2015-01-15 11:33 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\SoftGrid Client
2015-04-11 21:18 - 2015-03-13 11:06 - 00000000 ____D () C:\Users\Andy\AppData\Local\CrashDumps
2015-04-10 11:33 - 2015-01-24 23:29 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-10 11:33 - 2015-01-24 23:29 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-10 11:33 - 2015-01-24 23:25 - 00000000 ____D () C:\Users\Andy\AppData\Local\Adobe
2015-04-10 09:49 - 2015-01-15 11:38 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Skype
2015-04-09 18:13 - 2015-01-27 10:18 - 00000000 ____D () C:\Windows\Minidump
2015-04-09 18:13 - 2015-01-27 09:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-07 13:27 - 2015-01-15 20:33 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\vlc
2015-04-07 07:47 - 2015-01-15 11:32 - 08579870 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-05 13:44 - 2015-01-15 08:28 - 00002318 _____ () C:\Windows\system32\AutoRunFilter.ini
2015-04-03 14:43 - 2015-02-03 11:35 - 00000000 ____D () C:\Users\Andy\.gimp-2.8
2015-04-03 14:20 - 2015-02-03 11:45 - 00000000 ____D () C:\Users\Andy\AppData\Local\gtk-2.0
2015-03-29 19:42 - 2015-01-15 10:41 - 00000000 ____D () C:\Users\Andy
2015-03-29 15:26 - 2015-01-15 10:43 - 00000000 ____D () C:\Users\Andy\Documents\Bluetooth Folder
2015-03-26 10:55 - 2015-02-08 15:26 - 00000000 ____D () C:\Program Files (x86)\PDF24
2015-03-25 14:09 - 2015-02-08 15:06 - 00000000 ____D () C:\Users\Andy\Documents\Bewerbung
2015-03-24 23:02 - 2015-01-15 19:16 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Identity Safe
2015-03-24 19:23 - 2011-04-13 04:51 - 00000000 ____D () C:\ProgramData\Trend Micro
2015-03-24 19:20 - 2015-02-20 16:36 - 00000000 ____D () C:\Users\Andy\AppData\Local\Trend Micro
2015-03-24 19:20 - 2009-07-29 07:10 - 00000000 ____D () C:\Users\Administrator
2015-03-24 16:23 - 2015-01-15 10:59 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe
2015-03-24 16:23 - 2015-01-15 10:59 - 00000000 ____D () C:\Windows\system32\Drivers\NSTx64
2015-03-24 16:23 - 2015-01-15 10:59 - 00000000 ____D () C:\ProgramData\NCOTEMP
2015-03-15 19:10 - 2015-01-15 11:38 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-15 19:10 - 2015-01-15 11:38 - 00000000 ____D () C:\ProgramData\Skype

==================== Files in the root of some directories =======

2015-02-20 17:18 - 2015-02-20 17:18 - 0000036 _____ () C:\Users\Andy\AppData\Local\housecall.guid.cache
2015-04-03 14:20 - 2015-04-03 14:20 - 0001485 _____ () C:\Users\Andy\AppData\Local\recently-used.xbel
2015-01-18 20:16 - 2015-01-18 20:16 - 0007606 _____ () C:\Users\Andy\AppData\Local\Resmon.ResmonCfg
2015-04-05 13:15 - 2015-04-05 13:16 - 0000009 _____ () C:\Users\Andy\AppData\Local\~wmrg
2011-04-13 04:48 - 2010-07-07 01:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2015-01-15 08:39 - 2015-01-15 08:39 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2015-01-15 08:41 - 2015-01-15 08:42 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2015-01-15 08:41 - 2015-01-15 08:41 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2015-01-15 08:35 - 2015-01-15 08:38 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2015-01-15 08:38 - 2015-01-15 08:39 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
2015-01-15 08:34 - 2015-01-15 08:35 - 0000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log

Some content of TEMP:
====================
C:\Users\Andy\AppData\Local\Temp\Quarantine.exe
C:\Users\Andy\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Andy\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-12 15:36

==================== End Of Log ============================
         

--- --- ---

--- --- ---

Java und Flash updaten.


wenn es wieder schlechter wird:


http://support2.microsoft.com/kb/929135/de

Bitte einen Clean Boot machen. Wenn das Problem dann weg ist, einzeln wieder Dienste aktivieren, dazwischen immer einen Reboot machen. Solange bis Du weißt welcher Dienst die Probleme macht.

Diesen dann hier benennen.

Okay, vielen Dank für die Hilfe! Bis jetzt habe ich keine Probleme mehr.
Nur eine Frage noch. Brauche ich beide Adobe Flash Player Versionen? Ich habe nur Updates für 17.0.0.134 gefunden, was aber das aktuellste ist. Gibt es einen Unterschied zu Version 10 und wenn ja, wie kann ich die aktualisieren?

Flash Player 10 einfach deinstallieren.

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren .

• Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  
• Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
• Klicke auf OK.
  Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
• Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.

• Schließe alle offenen Programme.
• Starte die delfix.exe mit einem Doppelklick.
• Setze vor jede Funktion ein Häkchen.
• Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.