Mouse wird langsamer und Tastatur auch!

cevvi · 28.04.2015, 20:40

hallo
ich denke ich habe ein Problem mit meinem Laptop!
Mouse wird langsamer, Tastatur auch!
Ich habe schon einmal mit Eset Programm durchlaufen lassen, da waren es 62 Funde,
danach wurde es für 3 Tage besser, jetzt fängt es wieder an langsamer zu werden!
Vielleicht kann mir ja jemand zur Seite stehen!?
Besten Dank schon mal im voraus
Gruss cevvi

cosinus · 28.04.2015, 20:49

Hi,

bitte alle Logs mit Funden posten. Und FRST bitte:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

cevvi · 29.04.2015, 18:38

sorry hat etwas gedauert da die Mouseführung sehr schwer zu handhaben ist....es wird gescannt zur Zeit!
Danke das Sie mir helfen!

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-04-2015 01
Ran by Roman at 2015-04-28 23:09:27
Running from C:\Users\Roman\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-846500394-140593827-909769170-500 - Administrator - Disabled)
Gast (S-1-5-21-846500394-140593827-909769170-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-846500394-140593827-909769170-1007 - Limited - Enabled)
Roman (S-1-5-21-846500394-140593827-909769170-1002 - Administrator - Enabled) => C:\Users\Roman

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Disabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Spyware-Schutz (Disabled - Out of date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Disabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Catalyst Install Manager (HKLM\...\{039B859F-360B-58D8-F86F-C277BA6ED7D8}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.4.167.0 - Microsoft Corporation)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 17.23.0.996 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CHIP Free MP3 converter for YouTube 3.0 Professional-E (HKLM-x32\...\{2ED4869A-6D7B-4a8f-8261-B842DA4852FA}_is1) (Version:  - )
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2.5712 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.2.2114 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.2.2110 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.7.4528 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.5.5811 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Express Rip (HKLM-x32\...\ExpressRip) (Version: 1.94 - NCH Software)
Extended Update (HKU\S-1-5-21-846500394-140593827-909769170-1002\...\UpdaterEX) (Version:  - ) <==== ATTENTION
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1218 - Hewlett-Packard)
HP Documentation (HKLM-x32\...\{8C3E36C3-7615-46B9-B043-6053810E591B}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{8A9FC225-75F6-4B5D-911C-0ED230565643}) (Version: 11.15.0009 - HP)
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{C2E428EB-116E-41C0-9E84-B22DE9CCA42F}) (Version: 1.1.6232.4245 - Hewlett-Packard)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.8 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-846500394-140593827-909769170-1002\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MT66 Software Update (HKLM-x32\...\{F2E4F3A5-A8F0-46F4-8E91-E8C1DE1FCFE5}_is1) (Version:  - )
Pixum Fotobuch (HKLM-x32\...\Pixum Fotobuch) (Version: 5.1.2 - CEWE COLOR AG u Co. OHG)
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6714 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.29040 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.3.3 - Synaptics Incorporated)
Unity Web Player (HKU\S-1-5-21-846500394-140593827-909769170-1002\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
WebConnect 3.0.0 (HKLM\...\WebConnect) (Version: 3.0.0 - Web Connect) <==== ATTENTION
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-846500394-140593827-909769170-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Roman\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-846500394-140593827-909769170-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Roman\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-846500394-140593827-909769170-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Roman\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-846500394-140593827-909769170-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Roman\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-846500394-140593827-909769170-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Roman\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

13-04-2015 09:05:43 Geplanter Prüfpunkt
24-04-2015 11:06:51 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0DEBC754-5791-4334-88C3-1261656731DB} - \Plus-HD-9.0-enabler No Task File <==== ATTENTION
Task: {1174996E-F39F-4A89-99A0-1979C8C8ECF8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
Task: {18250422-79F9-4EC9-A4DE-6A4C5F6DEFC2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {3A11530E-B6B5-4FB2-87CF-DE865E933F8D} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {47900229-5958-4C3A-9718-27004CC60A8F} - \Plus-HD-9.0-firefoxinstaller No Task File <==== ATTENTION
Task: {499808E7-A3A8-42D8-8573-E82539E8FD33} - System32\Tasks\Bitdefender Auto-Scan => C:\Program Files\Bitdefender\Bitdefender\mtasklaunch.exe [2014-11-13] (Bitdefender)
Task: {4A95B760-233F-461C-AA46-BCA733814ACB} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION
Task: {51A44819-4AED-4557-A3B8-5C985B5BC7C1} - System32\Tasks\OMESupervisor => C:\Users\Roman\AppData\Local\omesuperv.exe [2015-02-22] () <==== ATTENTION
Task: {526A2A3E-CC29-4C27-8672-2008D9BFF278} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-15] (Microsoft Corporation)
Task: {5B069F42-5174-4E85-8F87-5E2D226E5F16} - System32\Tasks\{3D73DAF1-073A-4989-96EE-3EAE21BC90C4} => pcalua.exe -a "F:\ANSTOSS 3_extracted\setup.exe" -d "F:\ANSTOSS 3_extracted"
Task: {61956698-775E-4D7C-B197-B1D301426EA9} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {62713FD9-E969-4CD6-99D5-95445F09E3A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-03] (Google Inc.)
Task: {67A5BCD8-7961-47AF-AA70-AB2329B64790} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {78013DDF-0DEE-422C-842D-F9161101A5CE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7C939F6B-2C4E-4C5C-AE3E-E4C1C26C285B} - \UpdaterEX No Task File <==== ATTENTION
Task: {7D97E78C-1811-4AB4-BB52-22CB799C6AC7} - System32\Tasks\{768A7C87-05AA-457C-A3B7-C661EDB650A7} => pcalua.exe -a "C:\Program Files (x86)\ANSTOSS 3\anstoss3.exe" -d "C:\Program Files (x86)\ANSTOSS 3"
Task: {7D9E2C1A-2699-4291-A06B-C0AE6B4BF341} - System32\Tasks\GoogleUpdateTaskMachineCore1d04172b9784e7c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-03] (Google Inc.)
Task: {7E5E4BAA-5C78-4C97-8DAA-DCD68DF0D06A} - System32\Tasks\DSite => C:\Users\Roman\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {8493F824-5E5A-4D57-81D9-BACE6E3DE8C5} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {8A22A7A2-53F2-428D-AE34-380CDE0CDE1D} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {90493AE4-DA51-4929-B8DB-34665A5B17B2} - \Plus-HD-9.0-chromeinstaller No Task File <==== ATTENTION
Task: {90AD2D90-F6B8-4CBB-85FE-9BB558301E72} - System32\Tasks\Fifth => C:\Users\Roman\AppData\Roaming\Fifth\Fifth.exe <==== ATTENTION
Task: {A019BC36-6ABD-4254-B3CE-D805F00FCB7B} - \Plus-HD-9.0-codedownloader No Task File <==== ATTENTION
Task: {A4863726-8ACE-415C-A408-D790D620405E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {B280CB64-F7F6-4468-9FC8-81752E9F0665} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {C8EDC144-F8BD-4503-9F8C-3DCEF5AAEA59} - System32\Tasks\{13AC75C1-42FC-4AA1-ADA2-7A59BCA62CBD} => pcalua.exe -a "C:\ProgramData\Package Cache\{fd97d1e2-368a-4cd9-af63-8eeff938044a}\adblockplusie-1.1.exe" -c  /uninstall
Task: {D5EC425A-7343-4704-B45D-C2E7A0CEA94F} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-10-12] (CyberLink)
Task: {DE475208-1649-46AF-A2AC-3818791BA886} - \Plus-HD-9.0-updater No Task File <==== ATTENTION
Task: {DF0A9EA0-8124-47D2-A425-B2750BCD866C} - System32\Tasks\MT66 Software Update => C:\Program Files (x86)\Common Files\MT66 Software Update\UpdateClient.exe [2009-11-18] (MedienTeam66)
Task: {DFD44381-EFA3-4FF6-BCBB-62C1F4C12DF2} - System32\Tasks\GoogleUpdateTaskMachineUA1d04172bb9d33e4 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-03] (Google Inc.)
Task: {DFF825C0-0F3A-442E-A02E-33CE2F0BE2C0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
Task: {E7CB9809-452F-4250-983B-638C166D803A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-03] (Google Inc.)
Task: {EA9840C7-72BF-4B82-8270-0329B9F4C659} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {FADE5DB5-0456-4909-9AA4-14E8EEC41218} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)
Task: C:\WINDOWS\Tasks\DSite.job => C:\Users\Roman\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d04172b9784e7c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04172bb9d33e4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForRoman.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\MT66 Software Update.job => C:\Program Files (x86)\Common Files\MT66 Software Update\UpdateClient.exe
Task: C:\WINDOWS\Tasks\Plus-HD-9.0-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-9.0\Plus-HD-9.0-chromeinstaller.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Plus-HD-9.0-codedownloader.job => C:\Program Files (x86)\Plus-HD-9.0\Plus-HD-9.0-codedownloader.exe5/reinstallapp /runfrom=task /agentregpath='Plus-HD-9.0' /appid=52914 /srcid='001211' /subid='0' /zdata='0' /bic=D00C82ED8688451EB4F7D9FE49731808IE /verifier=bb1f9b8599b11fdedae2ab8c0485ac4f /installerversion=1_34_2_13 /installerfullversion=1.34.2.13 /installationtime=1394056633 /statsdomain=http:/stats.srvstatsdata.com /errorsdomain=http:/errors.srvstatsdata.com /codedownloaddomain=http:/app-static.crossrider.com /defbro=ie /allusers /autoupdateulr='http:/update.srvstatsdata.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\WINDOWS\Tasks\Plus-HD-9.0-enabler.job => C:\Program Files (x86)\Plus-HD-9.0\Plus-HD-9.0-enabler.exe	/enablebho /agentregpath='Plus-HD-9.0' /appid=52914 /srcid='001211' /subid='0' /zdata='0' /bic=D00C82ED8688451EB4F7D9FE49731808IE /verifier=bb1f9b8599b11fdedae2ab8c0485ac4f /installerversion=1_34_2_13 /installationtime=1394056633 /statsdomain=http:/stats.srvstatsdata.com /errorsdomain=http:/errors.srvstatsdata.com /bhoguid=11111111-1111-1111-1111-110511291114 /defbro=ie /useiepol /allusers /autoupdateulr='http:/update.srvstatsdata.com/ie_enable_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\WINDOWS\Tasks\Plus-HD-9.0-updater.job => C:\Program Files (x86)\Plus-HD-9.0\Plus-HD-9.0-updater.exeR/runupdater /agentregpath='Plus-HD-9.0' /appid=52914 /srcid='001211' /subid='0' /zdata='0' /bic=D00C82ED8688451EB4F7D9FE49731808IE /verifier=bb1f9b8599b11fdedae2ab8c0485ac4f /installerversion=1_34_2_13 /installationtime=1394056633 /statsdomain=http:/stats.srvstatsdata.com /errorsdomain=http:/errors.srvstatsdata.com /geoserviceurl=http:/ipgeoapi.com/ /updatejsondomain=http:/update.srvstatsdata.com /updaterversion=2 /monetizationdomain=http:/stats.mstatsserv.com /autoupdateulr='http:/update.srvstatsdata.com/updater_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) ==============

2014-11-13 22:47 - 2014-11-13 22:47 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2014-11-13 22:47 - 2014-11-13 22:47 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\accessl.ui
2014-01-30 14:08 - 2011-11-14 20:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender\bdfwcore.dll
2015-04-02 22:17 - 2015-04-02 22:17 - 00785736 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00150_012\ashttpbr.mdl
2015-04-02 22:17 - 2015-04-02 22:17 - 00706408 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00150_012\ashttpdsp.mdl
2015-04-02 22:17 - 2015-04-02 22:17 - 02681448 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00150_012\ashttpph.mdl
2015-04-02 22:17 - 2015-04-02 22:17 - 01324432 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00150_012\ashttprbl.mdl
2014-07-04 22:33 - 2014-07-04 22:33 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-30 14:08 - 2013-03-25 16:16 - 01117920 _____ () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll
2012-10-12 17:22 - 2012-10-12 17:22 - 00120224 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-10-12 17:22 - 2012-10-12 17:22 - 00048544 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-10-12 17:22 - 2012-10-12 17:22 - 00180224 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-11-26 14:21 - 2014-11-26 14:21 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-07-04 22:33 - 2014-07-04 22:33 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-02-01 13:56 - 2014-02-01 13:56 - 00120224 _____ () C:\Users\Roman\AppData\Local\assembly\dl3\XK65N7RQ.A7P\5C13BKKD.04W\b657af02\00e39356_8da8cd01\HPItunesModule.DLL
2014-01-30 14:07 - 2014-11-13 22:45 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-03-06 19:17 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\msln.exe:b68feb29116e077df23fda1c47fcd031
AlternateDataStreams: C:\ProgramData\Temp:AD022376
AlternateDataStreams: C:\Users\Roman\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Roman\SkyDrive (2).old:ms-properties
AlternateDataStreams: C:\Users\Roman\SkyDrive (3).old:ms-properties
AlternateDataStreams: C:\Users\Roman\Desktop\PConverter.exe:BDU
AlternateDataStreams: C:\Users\Roman\Downloads\CHIP_Free_MP3_Converter_for_YouTube-3.0.exe:BDU
AlternateDataStreams: C:\Users\Roman\Downloads\esetsmartinstaller_deu (1).exe:BDU
AlternateDataStreams: C:\Users\Roman\Downloads\esetsmartinstaller_deu.exe:BDU
AlternateDataStreams: C:\Users\Roman\Downloads\FreeAudioCDToMP3Converter_1.3.12.1228.exe:BDU
AlternateDataStreams: C:\Users\Roman\Downloads\FreemakeVideoConverterSetup.exe:BDU
AlternateDataStreams: C:\Users\Roman\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Roman\Downloads\MicrosoftInstaller (1).exe:BDU
AlternateDataStreams: C:\Users\Roman\Downloads\MicrosoftInstaller.exe:BDU
AlternateDataStreams: C:\Users\Roman\Downloads\PConverter.exe:BDU
AlternateDataStreams: C:\Users\Roman\Downloads\switchsetupDE.exe:BDU

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-846500394-140593827-909769170-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman\AppData\Local\Microsoft\BingDesktop\themes\2014-06-29.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\StartupApproved\Run: => "ApplePhotoStreams"

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [Wininit-Shutdown-In-Rule-TCP-RPC] => (Allow) %systemroot%\system32\wininit.exe
FirewallRules: [Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper] => (Allow) %systemroot%\system32\wininit.exe
FirewallRules: [ProximityUxHost-Sharing-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\proximityuxhost.exe
FirewallRules: [ProximityUxHost-Sharing-Out-TCP-NoScope] => (Allow) %SystemRoot%\system32\proximityuxhost.exe
FirewallRules: [NETDIS-DAS-In-UDP-Active] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [NETDIS-DAS-In-UDP] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [EventForwarder-In-TCP] => (Allow) %SystemRoot%\system32\NetEvtFwdr.exe
FirewallRules: [TPMVSCMGR-Server-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [TPMVSCMGR-Server-Out-TCP-NoScope] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [TPMVSCMGR-Server-In-TCP] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [TPMVSCMGR-Server-Out-TCP] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [PlayTo-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-UDP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-UDP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-Out-UDP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-Out-UDP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-RTSP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-RTSP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-RTSP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [WFDPRINT-DAFWSD-In-Active] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [WFDPRINT-DAFWSD-Out-Active] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [{C1E22237-5107-4F3C-AED6-F880D61FD261}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6270EC1C-342A-4E1F-86EA-4D17D6D39648}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{00F1D487-3B7A-43AE-B638-0A2E4217C820}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E439B33E-C38C-4256-906E-ED6A8E5C3B1D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{46664AC5-3693-4B07-BCD4-D4D0628C2E47}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{86CFAE71-4C07-4968-BF2F-7FBC5FE342EF}] => (Allow) C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{1DF7E49C-A1D3-4BC6-A9DD-D04275325655}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6F63D6C7-544B-4C8F-B9A5-B50CBB76D878}] => (Allow) LPort=2869
FirewallRules: [{3488851E-B2B3-4EAB-840E-4478EA76BAC6}] => (Allow) LPort=1900
FirewallRules: [{90A432B5-9CC2-416A-A02E-228CBC6DE394}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
FirewallRules: [{DEA381A6-963A-460E-B607-C3532B8BA941}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
FirewallRules: [{FF6A2A87-16AE-4987-8015-E079D1866852}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE
FirewallRules: [{98A1E135-E202-4464-A90F-4D0A155DC188}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE
FirewallRules: [{807F809D-793F-4212-A0D0-D8525038BA12}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\outlook.exe
FirewallRules: [{0D848370-3D29-4546-9088-DF7E4A7257B1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{0B020DF9-28FE-4964-A9F5-ED1631EC4E9D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{32714B84-90BA-4A16-A67E-D4D710AEF1A7}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{69108687-98CC-4571-908A-0F7D355AD87D}] => (Allow) LPort=53000
FirewallRules: [{9438C316-A3F5-446D-ABB6-51F3EB2CB180}] => (Allow) LPort=52000

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/28/2015 06:08:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f50

Startzeit: 01d081913466da2f

Endzeit: 296

Anwendungspfad: C:\WINDOWS\system32\wwahost.exe

Berichts-ID: d14ddc8b-edc0-11e4-bee3-f4b7e2c62a77

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.WindowsLive.Mail

Error: (04/27/2015 10:47:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15110

Error: (04/27/2015 10:47:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15110

Error: (04/27/2015 10:47:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/27/2015 08:40:29 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (04/27/2015 08:30:05 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (04/27/2015 07:59:06 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (04/27/2015 07:45:09 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (04/26/2015 09:36:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 298765

Error: (04/26/2015 09:36:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 298765


System errors:
=============
Error: (04/28/2015 10:19:49 PM) (Source: DCOM) (EventID: 10016) (User: ROMAN)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}RomanRomanS-1-5-21-846500394-140593827-909769170-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/28/2015 06:15:04 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (04/27/2015 10:47:13 PM) (Source: DCOM) (EventID: 10010) (User: ROMAN)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (04/27/2015 10:47:13 PM) (Source: DCOM) (EventID: 10010) (User: ROMAN)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (04/25/2015 08:57:21 PM) (Source: DCOM) (EventID: 10010) (User: ROMAN)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (04/25/2015 08:57:21 PM) (Source: DCOM) (EventID: 10010) (User: ROMAN)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (04/25/2015 08:57:16 PM) (Source: DCOM) (EventID: 10010) (User: ROMAN)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (04/25/2015 08:57:16 PM) (Source: DCOM) (EventID: 10010) (User: ROMAN)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (04/25/2015 04:17:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update WebConnect" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/25/2015 04:17:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Allin1ConvertService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (04/28/2015 06:08:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17415f5001d081913466da2f296C:\WINDOWS\system32\wwahost.exed14ddc8b-edc0-11e4-bee3-f4b7e2c62a77microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail

Error: (04/27/2015 10:47:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15110

Error: (04/27/2015 10:47:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15110

Error: (04/27/2015 10:47:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/27/2015 08:40:29 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (04/27/2015 08:30:05 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (04/27/2015 07:59:06 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (04/27/2015 07:45:09 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (04/26/2015 09:36:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 298765

Error: (04/26/2015 09:36:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 298765


==================== Memory info =========================== 

Processor: AMD E1-1200 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 63%
Total physical RAM: 3682.26 MB
Available physical RAM: 1325.83 MB
Total Pagefile: 4642.26 MB
Available Pagefile: 1338.57 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:450.64 GB) (Free:395.88 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:14.01 GB) (Free:1.83 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: () (Removable) (Total:0.12 GB) (Free:0.08 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: ED0E6540)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 123.4 MB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

[CO
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-04-2015 01
Ran by Roman (administrator) on ROMAN on 29-04-2015 05:53:58
Running from C:\Users\Roman\Downloads
Loaded Profiles: Roman (Available profiles: Roman)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Mindspark) C:\Program Files (x86)\PConverter_dz\bar\1.bin\CrExtPdz.exe
(Mindspark) C:\Program Files (x86)\PConverter_dz\bar\1.bin\CrExtPdz.exe
(Mindspark) C:\Program Files (x86)\PConverter_dz\bar\1.bin\CrExtPdz.exe
(Mindspark) C:\Program Files (x86)\PConverter_dz\bar\1.bin\CrExtPdz.exe
(Mindspark) C:\Program Files (x86)\PConverter_dz\bar\1.bin\CrExtPdz.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6839952 2012-08-22] (Realtek Semiconductor)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1757520 2015-02-02] (Bitdefender)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2014-03-13] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491632 2012-09-10] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2372800 2014-11-26] (Microsoft Corp.)
HKLM-x32\...\Run: [Allin1Convert AppIntegrator 32-bit] => C:\PROGRA~2\ALLIN1~2\bar\1.bin\AppIntegrator.exe
HKLM-x32\...\Run: [Allin1Convert AppIntegrator 64-bit] => C:\PROGRA~2\ALLIN1~2\bar\1.bin\AppIntegrator64.exe
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PConverter AppIntegrator 32-bit] => C:\PROGRA~2\PCONVE~2\bar\1.bin\AppIntegrator.exe
HKLM-x32\...\Run: [PConverter AppIntegrator 64-bit] => C:\PROGRA~2\PCONVE~2\bar\1.bin\AppIntegrator64.exe
HKLM-x32\...\RunOnce: [PConverter_dzbar Uninstall] => rundll32 C:\PROGRA~2\DZUNIN~1.DLL,O -3 uninstalltype=IE
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2015-02-02] (Bitdefender)
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-11-13] (Bitdefender)
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2014-11-13] (Bitdefender)
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44032 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\Run: [SSync] => C:\Users\Roman\AppData\Roaming\SSync\SSync.exe [37376 2013-12-09] ()
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\Run: [Sixth] => C:\Users\Roman\AppData\Roaming\Sixth\Sixth.exe [74471 2014-11-24] ()
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\Run: [Seventh] => C:\Users\Roman\AppData\Roaming\Seventh\Seventh.exe [98491 2015-02-22] ()
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\Run: [OMESupervisor] => C:\Users\Roman\AppData\Local\omesuperv.exe [933597 2015-02-22] ()
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\Run: [SCheck] => C:\Users\Roman\AppData\Roaming\SCheck\SCheck.exe [37376 2013-12-09] ()
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\Run: [DataMgr] => C:\Users\Roman\AppData\Roaming\DataMgr\DataMgr.exe [168880 2014-02-26] (HTTO Group, Ltd.)
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\Run: [Intermediate] => C:\Users\Roman\AppData\Roaming\Intermediate\Intermediate.exe [37376 2013-12-09] ()
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2015-02-02] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-11-13] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2014-11-13] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2013-07-08] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2013-07-08] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2013-07-08] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2013-07-08] (Bitdefender)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-846500394-140593827-909769170-1002\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = Search-Gol
HKU\S-1-5-21-846500394-140593827-909769170-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.tb.ask.com/index.jhtml?n=781B1D06&p2=^BYC^xdm001^YYA^de&ptb=DEFBB2B8-207B-4512-A055-0AA2099B7C04
URLSearchHook: HKU\S-1-5-21-846500394-140593827-909769170-1002 - (No Name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - No File
SearchScopes: HKLM -> {66D804E6-9660-4B51-B8EB-531703A6AA20} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2459} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=152&systemid=459&v=n12521-402&apn_uid=0433522012234485&apn_dtid=BND103&o=APN10652&apn_ptnrs=AGD&q={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = Elektronik, Autos, Mode, Sammlerstücke, Gutscheine und mehr Online-Shopping | eBay ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {66D804E6-9660-4B51-B8EB-531703A6AA20} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm070^S11123^de&si=flvrunner&ptb=186ED164-3DDD-4D30-834A-A94D5107EAA5&ind=2014110112&n=780ce1a0&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2459} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=152&systemid=459&v=n12521-402&apn_uid=0433522012234485&apn_dtid=BND103&o=APN10652&apn_ptnrs=AGD&q={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = Elektronik, Autos, Mode, Sammlerstücke, Gutscheine und mehr Online-Shopping | eBay ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://search.fbdownloader.com/search.php?channel=fpo&q={searchTerms}
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> {0A2A7DB5-29EF-4DE2-8919-08F9C61C3BE9} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=C215F4B7E2C62A71&affID=119357&tt=160913_m1&tsp=5014
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> {66D804E6-9660-4B51-B8EB-531703A6AA20} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm070^S11123^de&si=flvrunner&ptb=186ED164-3DDD-4D30-834A-A94D5107EAA5&ind=2014110112&n=780ce1a0&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> {7EAA0FBC-BC95-4669-8160-BAA339E6FA0C} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://search.fbdownloader.com/search.php?channel=fpo&q={searchTerms}
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2459} URL = 
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> {C4F6B663-BE11-4F9E-9FCA-E386458BC45D} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> {CA3BF3FC-5F7B-4DA7-B082-21B6E51FE1C6} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = Elektronik, Autos, Mode, Sammlerstücke, Gutscheine und mehr Online-Shopping | eBay ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll [2014-11-13] (Bitdefender)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll [2014-11-13] (Bitdefender)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM-x32 - Recorder Toolbar - {120A8821-2BEE-4C29-BCDA-62C577781992} - C:\Program Files (x86)\MedienTeam66\CHIP Free MP3 converter for YouTube\IEPlugin.dll [2014-01-22] (MedienTeam66)
Toolbar: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> No Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Allin1Convert_8h.com/Plugin -> C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\NP8hStub.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-846500394-140593827-909769170-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Roman\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-01-23] (Unity Technologies ApS)
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-01-30]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext

Chrome: 
=======
CHR Profile: C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bitdefender Wallet) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-01-30]
CHR Extension: (WebConnect) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieakfmpjhljbpbfpldjkddkjmmgjmgon [2014-12-06]
CHR Extension: (FavGenius) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\llpnaddghmkpkmnghbdpahlgncpieofn [2014-11-19]
CHR Extension: (Google Wallet) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR Extension: (Simple New Tab) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgkeimkiojpjcoiiipekfjaopchhjga [2014-12-08]
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2015-02-02]
CHR HKLM-x32\...\Chrome\Extension: [ieakfmpjhljbpbfpldjkddkjmmgjmgon] - C:\Program Files (x86)\WebConnect\ieakfmpjhljbpbfpldjkddkjmmgjmgon.crx [2013-08-30]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2014-11-13] (Bitdefender)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173248 2014-11-26] (Microsoft Corp.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-10-27] (Freemake) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2014-11-13] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1538672 2015-02-02] (Bitdefender)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-07-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
S2 Allin1Convert_8hService; C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbarsvc.exe [X]
S2 Update WebConnect; "C:\Program Files (x86)\WebConnect\updateWebConnect.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-22] (Advanced Micro Devices)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2015-02-02] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [263032 2015-02-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-11-13] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2014-05-27] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [277648 2012-09-20] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-25] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-25] (Synaptics Incorporated)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2015-02-02] (BitDefender S.R.L.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-28 23:09 - 2015-04-28 23:27 - 00042983 _____ () C:\Users\Roman\Downloads\Addition.txt
2015-04-28 22:41 - 2015-04-29 05:58 - 00024598 _____ () C:\Users\Roman\Downloads\FRST.txt
2015-04-28 22:41 - 2015-04-29 05:54 - 00000000 ____D () C:\FRST
2015-04-28 22:40 - 2015-04-28 22:40 - 02100736 _____ (Farbar) C:\Users\Roman\Downloads\FRST64.exe
2015-04-28 22:30 - 2015-04-28 22:17 - 01037896 _____ (Mindspark) C:\Program Files (x86)\dzUninstall PConverter.dll
2015-04-28 22:30 - 2015-04-28 22:17 - 00196480 _____ (Mindspark) C:\Program Files (x86)\dzres.dll
2015-04-28 22:21 - 2015-04-28 22:21 - 00443264 _____ () C:\Users\Roman\Downloads\PConverter.exe
2015-04-28 22:17 - 2015-04-28 22:30 - 00000000 ____D () C:\Users\Roman\AppData\Local\PConverter_dz
2015-04-28 22:17 - 2015-04-28 22:17 - 00000000 ____D () C:\Program Files (x86)\PConverter_dz
2015-04-28 22:15 - 2015-04-28 22:15 - 00443264 _____ () C:\Users\Roman\Desktop\PConverter.exe
2015-04-28 22:15 - 2015-04-28 22:15 - 00000000 ____D () C:\Program Files (x86)\PConverter_dzEI
2015-04-25 13:49 - 2015-04-25 13:49 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-04-21 07:05 - 2015-04-25 15:58 - 00000000 ____D () C:\Users\Roman\AppData\Roaming\Snz
2015-04-15 06:40 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-04-15 06:40 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-04-15 06:40 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-04-15 06:40 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-04-15 06:40 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-04-15 06:40 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-15 06:40 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-04-15 06:40 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-04-15 06:40 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-04-15 06:40 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-04-15 06:40 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-04-15 06:40 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-04-15 06:40 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-04-15 06:40 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-04-15 06:40 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-04-15 06:40 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-04-15 06:40 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-04-15 06:40 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-04-15 06:40 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-04-15 06:40 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-04-15 06:40 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-04-15 06:40 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-04-15 06:40 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-04-15 06:40 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-04-15 06:40 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-04-15 06:40 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-04-15 06:40 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-04-15 06:40 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-04-15 06:40 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-15 06:39 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-15 06:39 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-15 06:39 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-15 06:39 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-15 06:39 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-15 06:39 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-15 06:39 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-15 06:39 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-04-15 06:39 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-04-15 06:39 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-04-15 06:39 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-15 06:39 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-04-15 06:39 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-04-15 06:39 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-04-15 06:39 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-04-15 06:39 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-04-15 06:39 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-04-15 06:39 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-15 06:39 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-04-15 06:39 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-04-15 06:39 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-04-15 06:39 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-04-15 06:39 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-04-15 06:39 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-04-15 06:39 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-04-15 06:39 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-04-15 06:39 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-04-15 06:39 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-04-15 06:39 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-04-15 06:39 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-04-15 06:39 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-04-15 06:39 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-04-15 06:39 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-04-15 06:39 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-04-15 06:39 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-04-15 06:39 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-04-15 06:39 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-04-15 06:39 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-04-15 06:39 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-04-15 06:39 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-04-15 06:39 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-04-10 07:41 - 2015-04-10 07:41 - 00003576 _____ () C:\WINDOWS\System32\Tasks\Bitdefender Auto-Scan
2015-04-04 09:12 - 2015-04-04 09:14 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-04-04 09:12 - 2015-04-04 09:12 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-04-01 09:26 - 2015-04-01 09:26 - 02347384 _____ (ESET) C:\Users\Roman\Downloads\esetsmartinstaller_deu (1).exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-29 06:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-29 05:50 - 2013-09-03 13:32 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-29 05:42 - 2015-02-05 20:37 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04172bb9d33e4.job
2015-04-29 02:08 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-04-29 01:42 - 2014-02-01 14:35 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{103CE50C-E971-4B87-98BE-1CF84A1160BE}
2015-04-29 00:52 - 2014-02-01 13:08 - 01242707 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-28 19:41 - 2015-02-05 20:36 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d04172b9784e7c.job
2015-04-28 09:11 - 2014-06-11 09:11 - 00000326 _____ () C:\WINDOWS\Tasks\MT66 Software Update.job
2015-04-28 06:22 - 2014-09-04 07:12 - 00000000 ____D () C:\Users\Roman\AppData\Roaming\Seventh
2015-04-28 06:22 - 2014-02-19 10:31 - 00000000 __RDO () C:\Users\Roman\SkyDrive
2015-04-28 06:22 - 2013-09-03 13:32 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-27 17:12 - 2013-11-14 09:27 - 01980934 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-27 17:12 - 2013-11-14 09:11 - 00842568 _____ () C:\WINDOWS\system32\perfh007.dat
2015-04-27 17:12 - 2013-11-14 09:11 - 00191764 _____ () C:\WINDOWS\system32\perfc007.dat
2015-04-27 17:08 - 2014-11-12 22:15 - 00015872 ___SH () C:\Users\Roman\Documents\Thumbs.db
2015-04-27 17:07 - 2014-02-03 23:43 - 00000000 ____D () C:\Users\Roman\Documents\Wohnungen bis2011
2015-04-25 16:17 - 2013-08-22 16:46 - 00322650 _____ () C:\WINDOWS\setupact.log
2015-04-25 16:17 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-25 16:16 - 2013-08-22 15:25 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-25 15:57 - 2014-03-05 23:57 - 00000000 ____D () C:\Program Files (x86)\Plus-HD-9.0
2015-04-25 15:57 - 2013-09-23 11:01 - 00000000 ____D () C:\Program Files (x86)\WebConnect
2015-04-25 15:57 - 2013-09-12 14:03 - 00000000 ____D () C:\ProgramData\DSearchLink
2015-04-25 08:50 - 2014-02-03 18:35 - 00000000 ____D () C:\Users\Roman\Documents\WHB
2015-04-24 07:01 - 2013-09-12 21:27 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2015-04-22 07:28 - 2014-03-05 23:59 - 00000000 ____D () C:\Users\Roman\AppData\Roaming\Intermediate
2015-04-21 07:05 - 2014-03-05 23:59 - 00000000 ____D () C:\Users\Roman\AppData\Roaming\DataMgr
2015-04-19 08:02 - 2013-09-03 13:07 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-846500394-140593827-909769170-1002
2015-04-17 08:29 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-04-17 07:28 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-04-16 11:51 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-04-16 06:52 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-16 06:21 - 2013-11-14 00:18 - 00150074 _____ () C:\WINDOWS\PFRO.log
2015-04-15 23:00 - 2014-12-10 11:27 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-15 23:00 - 2014-07-10 22:24 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-15 07:22 - 2014-04-08 15:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 07:21 - 2013-09-12 16:17 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-04-15 07:09 - 2013-09-12 16:17 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-04-15 06:59 - 2013-08-22 15:25 - 00000167 _____ () C:\WINDOWS\win.ini
2015-04-14 01:24 - 2015-03-12 08:20 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2015-03-12 08:20 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-01 23:26 - 2014-02-01 12:50 - 00000000 ____D () C:\Users\Roman
2015-03-31 16:54 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF

==================== Files in the root of some directories =======

2015-04-28 22:30 - 2015-04-28 22:17 - 0196480 _____ (Mindspark) C:\Program Files (x86)\dzres.dll
2015-04-28 22:30 - 2015-04-28 22:17 - 1037896 _____ (Mindspark) C:\Program Files (x86)\dzUninstall PConverter.dll
2013-09-04 13:37 - 2013-09-16 18:29 - 0000114 _____ () C:\Users\Roman\AppData\Roaming\WB.CFG
2013-09-04 13:37 - 2013-09-16 18:29 - 0000005 _____ () C:\Users\Roman\AppData\Roaming\WBPU-TTL.DAT
2015-02-22 22:21 - 2015-02-22 22:21 - 0933597 _____ () C:\Users\Roman\AppData\Local\omesuperv.exe
2014-01-30 13:59 - 2014-01-30 13:59 - 0318390 _____ () C:\ProgramData\1391082090.bdinstall.bin
2014-01-30 14:09 - 2014-01-30 14:09 - 0492776 _____ () C:\ProgramData\1391083368.bdinstall.bin
2013-09-03 12:56 - 2013-09-03 12:56 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.2492.dll


Some content of TEMP:
====================
C:\Users\Roman\AppData\Local\Temp\Extract.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-25 16:57

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---
DE][/CODE]

hallo ich hoffe das ist ok so? es fing an als ich keine Verlängerung für Bitdefender (Code) mehr hatte!

hallo nochmal eine info.....nachdem ich erst heute morgen den PC ausgemacht habe läuft die Mouse wieder schneller und die Tastatur auch!!

cosinus · 30.04.2015, 00:09

Was ist mit meiner Frage nach bisherigen Funden und wenn es welche gab, den Logs dazu?

cevvi · 30.04.2015, 06:50

hallo
ja der Scan mit Eset, da finde ich leider nichts mehr, das Programm sehe ich zwar noch auf meinem Rechner aber ich sehe da keine Logs! sorry
Vermutlich habe ich jetzt einen großen Fehler gemacht, ich habe Spyhunter4 herunter geladen und das System gescannt, habe dann während dem scannen hier gelesen das das schlecht ist und abgebrochen nach 1226 Bedrohungen!

Nun habe ich mit dem hier angebotenen SpyhunterKillerexe das Programm wieder entfernt! sorry ich bin nicht der Beste am PC.

cosinus · 30.04.2015, 14:43

Für ESET gibt es eine bebilderte Anleitung => http://www.trojaner-board.de/125889-...tml#post941546

cevvi · 30.04.2015, 17:00

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=c3cdf5d929b90c4ead48676e6dd96c36
# engine=23555
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-04-25 01:58:47
# local_time=2015-04-25 03:58:47 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Bitdefender Antivirus'
# compatibility_mode=2064 16777213 100 100 9775 108679287 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 3862115 43878621 0 0
# scanned=289931
# found=62
# cleaned=61
# scan_time=6242
sh=246DDBC3A2C223A6B9072637D93DC2A2832D097A ft=1 fh=c71c0011b04f613a vn="Win32/Toolbar.Babylon.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\DSearchLink\DSearchLink.exe"
sh=E2C833EEE68FDD07D916E2EE74A9C4A23BE37DEE ft=1 fh=9e162fcde915f174 vn="Variante von Win32/Toolbar.MyWebSearch.AJ evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbar.dll"
sh=47588E8E5A2034DA062CD6E61D7072809C265366 ft=1 fh=bd6b7f873a46cf67 vn="Variante von Win32/Toolbar.MyWebSearch.AE evtl. unerwünschte Anwendung (gelöscht (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbarsvc.exe"
sh=9F5A321AE114FC1A18879D9020B858F38D2B3E89 ft=1 fh=bf44e0c89f37d168 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbprtct.dll"
sh=F099D51F0AD47D96B5A590BCDFC1CC1F8749DD65 ft=1 fh=a780294ee5143a96 vn="Variante von Win32/Toolbar.MyWebSearch.AK evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hdatact.dll"
sh=21D7D87AD8231E253747555C0EF523281B301731 ft=1 fh=1ccff04835db7f03 vn="Variante von Win32/Toolbar.MyWebSearch.AK evtl. unerwünschte Anwendung (gelöscht (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hdlghk.dll"
sh=B53F3279B1FD544923C76A3DD70A1491C6C771C0 ft=1 fh=f6c7d42c7e589fa1 vn="Variante von Win64/Toolbar.MyWebSearch.B evtl. unerwünschte Anwendung (gelöscht (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hdlghk64.dll"
sh=A70939B7F5D70B3362AF7E409FE5694CD0332F42 ft=1 fh=52cbc77cb56ac7b3 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hfeedmg.dll"
sh=7A0D74B0F762389FC64212073902C53BAB06EF93 ft=1 fh=45fa6db7aba0514d vn="Variante von Win32/Toolbar.MyWebSearch.AJ evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hhighin.exe"
sh=3E6A3D2F7BED9458A6463483C84B5455EB6FD001 ft=1 fh=3d34a9c7920b0ace vn="Variante von Win32/Toolbar.MyWebSearch.AM evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hhkstub.dll"
sh=9EB7640F7FB0B699C6DF75E66C7E8C0D9E21F3CC ft=1 fh=38be5ef24383a5d0 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hhtmlmu.dll"
sh=BDADBCED025A8A20B40049CC17414E198FEF4E81 ft=1 fh=f9bdd3e0e43cc208 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hhttpct.dll"
sh=4CD512C5942F1DEEE5ACB26559BB9FC6B4A8204E ft=1 fh=a878d59d734b935e vn="Variante von Win32/Toolbar.MyWebSearch.AE evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hidle.dll"
sh=60906D0380A0B29D67B153784C4F78432FC99986 ft=1 fh=34ae1a71b9c6839b vn="Variante von Win32/Toolbar.MyWebSearch.AJ evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hmedint.exe"
sh=76657B4BFF0FD6BD949A0E15337FBABEFD8AB326 ft=1 fh=cac4f013d6372fb6 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hmlbtn.dll"
sh=1F72EFEF3BCA27FFF74DBEF4C08762B2D9BA3E15 ft=1 fh=fd2482e65b8791ab vn="Variante von Win32/Toolbar.MyWebSearch.AJ evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hPlugin.dll"
sh=AF4C3D99BAFC83B3594676BFC5FCA734CCF4D0E0 ft=1 fh=96272da6e6dd71cb vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hregfft.dll"
sh=99E81D983023608B908F7A8390CE995C253030D7 ft=1 fh=d2071bce09b9bac6 vn="Variante von Win32/Toolbar.MyWebSearch.AK evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hreghk.dll"
sh=4BA5E4C514C254C7248F6FA6B540A9ABC2805565 ft=1 fh=273cb58db048e71e vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hregiet.dll"
sh=EDC6F99BCAC6616FC160FE0240F5101580F528D0 ft=1 fh=5f6023e1200c1318 vn="Variante von Win32/Toolbar.MyWebSearch.AK evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hscript.dll"
sh=CA89F61D9A80272F560256F312A537F777A87AEF ft=1 fh=d92df48e556aedca vn="Variante von Win32/Toolbar.MyWebSearch.P evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hskin.dll"
sh=77D0C33BAC54A50FB83438215C73F493CD7BBF9E ft=1 fh=d15ef7d26608f47d vn="Variante von Win32/Toolbar.MyWebSearch.AJ evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hskplay.exe"
sh=E7A14A77EAAE6CB9FC6CC487B1CE1CB70C063502 ft=1 fh=a479c3fc682024f1 vn="Variante von Win32/Toolbar.MyWebSearch.AK evtl. unerwünschte Anwendung (gelöscht (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll"
sh=72489280930F183E34FE5AF817F207A5EB65F8D4 ft=1 fh=033eb58713fd33d4 vn="Variante von Win32/Toolbar.MyWebSearch.AA evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8htpinst.dll"
sh=9736DD448F1751787A8457AFE3D789543A327C9C ft=1 fh=ea966f1845a5c441 vn="Variante von Win32/Toolbar.MyWebSearch.AJ evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\APPINTEGRATOR.EXE"
sh=A526A314F90D61F8132D8E2DB5982ABBFE022C1D ft=1 fh=3c4a262bc57b3aff vn="Win64/Toolbar.MyWebSearch.D evtl. unerwünschte Anwendung (gelöscht (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\AppIntegrator64.exe"
sh=4CA4CF526BAB3ACF1E6A649F6AAA232D2AC41868 ft=1 fh=bdd8282939c97a30 vn="Variante von Win32/Toolbar.MyWebSearch.AM evtl. unerwünschte Anwendung (gelöscht (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\APPINTEGRATORSTUB.DLL"
sh=D07B6FD168B29CE7BC7DDEC0EEEBA0E005EB9431 ft=1 fh=d76e053361562658 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwünschte Anwendung (gelöscht (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\AppIntegratorStub64.dll"
sh=BAB6681DE94799B603E62C40D171D74C7842FB17 ft=1 fh=33cf14314fda0344 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\ASSISTMONITOR.DLL"
sh=899D23DE4C2379EDFBD2E9FE7F09550771D038D4 ft=1 fh=c3e98bbd9f35c6ba vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwünschte Anwendung (gelöscht (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\ASSISTMONITOR64.DLL"
sh=2AFE6690FA1CF56D287C31A9857578363F5A2D67 ft=1 fh=027fcd1b6271324d vn="Variante von Win32/Toolbar.MyWebSearch.Z evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\CREXT.DLL"
sh=73FCC496487920A14146D46A787454F89B5F793E ft=1 fh=5386ecf351ab8164 vn="Variante von Win32/Toolbar.MyWebSearch.AO evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\FF-NativeMessagingDispatcher.dll"
sh=C4E4F01CA5F0B4ED10F796C102FF8BDEF6B6B678 ft=1 fh=fba9786493da4386 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwünschte Anwendung (gelöscht (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\HPG.DLL"
sh=75A91B8490235724542C34E4EA62D4DB8443B7D8 ft=1 fh=02c55ebfd7926ce0 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwünschte Anwendung (gelöscht (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\Hpg64.dll"
sh=FB594A15D77C57A0E0BB41FB17383D80877E6CEE ft=1 fh=ffe6c0c499ffa4e3 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\T8EPMSUP.DLL"
sh=6DA69E00DCB0DA9D648EB5D63F895ED020447618 ft=1 fh=43b4b1abba357bad vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\T8EXTEX.DLL"
sh=388DD4FF1E3CF6BFCF34DED0C86E154C1D3EE73E ft=1 fh=35048c9d01a08485 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\T8EXTPEX.DLL"
sh=139FBF5145FB3A0FEDA5EE93DF36BE7E00B90817 ft=1 fh=b2180dc33cd50010 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\T8HTML.DLL"
sh=A187B0341C1444615B4E0D4A6B8BED3F4599CA3A ft=1 fh=b7685368d5405ed9 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\T8TICKER.DLL"
sh=0EB06DF026A32B1CA4B335088948B66247506EAF ft=1 fh=4f153c8941af29df vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwünschte Anwendung (gelöscht (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\TOOLBARGUARD.DLL"
sh=48873B11EC917BD1358D544DF131C74D0DFAE052 ft=1 fh=38dee7cd1cd56751 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwünschte Anwendung (gelöscht (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\TOOLBARGUARD64.DLL"
sh=A101A107497B01BF635E45E2E24A67917056CE48 ft=1 fh=959d8e1131c82b89 vn="Win32/Toolbar.MyWebSearch.AI evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\TPIMANAGERCONSOLE.EXE"
sh=E5EF5447933372B3B7237635F12D5CD1BE4EF5CC ft=1 fh=b94dd24e0709c2a4 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\VERIFY.DLL"
sh=A6C707660A23BF1CA6AB60D4DE4E60C2BA794976 ft=1 fh=b653663677980fb3 vn="Variante von Win32/Toolbar.MyWebSearch.AM evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\assists\ie_default_search_provider\ARBITER.DLL"
sh=A66AA13DA54773B2408FF28A24456E959EAFE46D ft=1 fh=86e6eee54614f6c8 vn="Variante von Win64/Toolbar.MyWebSearch.C evtl. unerwünschte Anwendung (gelöscht (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\assists\ie_default_search_provider\ARBITER64.DLL"
sh=1F5CB72E95336B2FE932CB549E75A2C523D1001C ft=1 fh=560481649e2dfeec vn="Variante von Win32/Toolbar.MyWebSearch.AF evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\assists\ie_default_search_provider\ASSIST.EXE"
sh=A122817A0393732546C63277F2DDF3B4074B2C8B ft=1 fh=31a7ce2cfb5d6e74 vn="Variante von Win64/Toolbar.Crossrider.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Plus-HD-9.0\Plus-HD-9.0-bho64.dll"
sh=CD995AF5B19EFDBAA6017DDF2C9B57441E3F5B6D ft=1 fh=cdf42fb7649723ed vn="Variante von Win32/Packed.VMDetector.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Plus-HD-9.0\utils.exe"
sh=2D8A0375397A0CE2F99ADB9D1C7FB9B6AA53D1FF ft=1 fh=891319e7c1f8b5bf vn="Variante von MSIL/BrowseFox.A evtl. unerwünschte Anwendung (gelöscht (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\WebConnect\updateWebConnect.exe"
sh=3B88B9BD67A6D948F9D70FD055155CA6D3E808D1 ft=1 fh=ca0fa7dbab587652 vn="Variante von MSIL/BrowseFox.A evtl. unerwünschte Anwendung (gelöscht (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\WebConnect\WebConnect.Common.dll"
sh=387A912265A531AAF768CE5F48ED900E0D6F7066 ft=1 fh=5618ca983c5bf41c vn="Variante von Win32/BrowseFox.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\WebConnect\WebConnectBHO.dll"
sh=1D7B5FD0A67A70BE93386D553C8623917F63E653 ft=1 fh=688b16a15015434a vn="Win32/BrowseFox.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\WebConnect\WebConnectUninstall.exe"
sh=246DDBC3A2C223A6B9072637D93DC2A2832D097A ft=1 fh=c71c0011b04f613a vn="Win32/Toolbar.Babylon.Y evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\ProgramData\DSearchLink\DSearchLink.exe"
sh=D67283E9C5245735C08C633EDB27D9009461ED25 ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieakfmpjhljbpbfpldjkddkjmmgjmgon\1.0.0_1\background.js"
sh=C9DD8F6335C983611BDB183C867B1FCBF48D4B25 ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieakfmpjhljbpbfpldjkddkjmmgjmgon\1.0.0_1\content.js"
sh=2F48F28A2B8E51BDF4F512D91CBF7DC07624D094 ft=1 fh=2ab6379708911b37 vn="Variante von Win32/Systweak evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Roman\AppData\Local\Microsoft\Windows\Burn\Burn\Bilder\Terrot\rcpsetupmapp1_mapp11941872.exe"
sh=D67283E9C5245735C08C633EDB27D9009461ED25 ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Roman\AppData\Local\Temp\scoped_dir_4160_32500\CRX_INSTALL\background.js"
sh=C9DD8F6335C983611BDB183C867B1FCBF48D4B25 ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Roman\AppData\Local\Temp\scoped_dir_4160_32500\CRX_INSTALL\content.js"
sh=3021C12410EBE87EA3B133170B6DECE572B05D28 ft=1 fh=abc416924b1804c2 vn="Win32/AdWare.Snoozer.A Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Roman\AppData\Roaming\Snz\Snz.exe"
sh=C0E0864E36B7D2969008FAA05B9911D4A4B7FD83 ft=1 fh=4141c588af4ff6c0 vn="Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Roman\Downloads\SoftonicDownloader_fuer_pixum-fotobuch.exe"
sh=33F6EF4F4DCE6337B545FCE43D0A6A24382F3BD1 ft=1 fh=56e50d4780d6d29a vn="Variante von Win32/Toolbar.SearchSuite.AA.gen evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows\Temp\92591b15\patch_ff.exe"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwünschte Anwendung (Enthielt infizierte Datei(en))" ac=C fn="${Memory}"

vielen dank für die Anweisung....echt toll! Ich lerne sehr gerne dazu! Danke
ach ja da sind auch Sachen in Quarantine!!??

cosinus · 30.04.2015, 18:37

Adware/Junkware/Toolbars entfernen

1. Schritt: Malwarebytes

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

(alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!)

2. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

3. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

4. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

cevvi · 30.04.2015, 20:18

Code:

ATTFilter

# AdwCleaner v4.202 - Bericht erstellt 30/04/2015 um 20:51:20
# Aktualisiert 23/04/2015 von Xplode
# Datenbank : 2015-04-27.1 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Roman - ROMAN
# Gestarted von : C:\Users\Roman\Downloads\AdwCleaner_4.202.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : Allin1Convert_8hService

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Users\Roman\AppData\LocalLow\iac
Ordner Gelöscht : C:\Users\Roman\AppData\Roaming\Common\LuaRT
Ordner Gelöscht : C:\Users\Roman\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\Roman\AppData\Roaming\fbDownloader
Ordner Gelöscht : C:\Users\Roman\AppData\Roaming\Fifth
Ordner Gelöscht : C:\Users\Roman\AppData\Roaming\Intermediate
Ordner Gelöscht : C:\Users\Roman\AppData\Roaming\SCheck
Ordner Gelöscht : C:\Users\Roman\AppData\Roaming\Seventh
Ordner Gelöscht : C:\Users\Roman\AppData\Roaming\Sixth
Ordner Gelöscht : C:\Users\Roman\AppData\Roaming\Snz
Ordner Gelöscht : C:\Users\Roman\AppData\Roaming\SSync
Ordner Gelöscht : C:\Users\Roman\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Roman\AppData\Roaming\UpdaterEX
Ordner Gelöscht : C:\Users\Roman\AppData\Roaming\RHEng
Ordner Gelöscht : C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Ordner Gelöscht : C:\Users\Roman\Documents\PC Speed Maximizer
Ordner Gelöscht : C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\llpnaddghmkpkmnghbdpahlgncpieofn
Datei Gelöscht : C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pmgkeimkiojpjcoiiipekfjaopchhjga_0.localstorage
Datei Gelöscht : C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_llpnaddghmkpkmnghbdpahlgncpieofn_0.localstorage
Datei Gelöscht : C:\WINDOWS\System32\roboot64.exe

***** [ Geplante Tasks ] *****

Task Gelöscht : DSite
Task Gelöscht : Fifth
Task Gelöscht : LaunchApp
Task Gelöscht : OMESupervisor
Task Gelöscht : UpdaterEX

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Intermediate]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [scheck]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Seventh]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Sixth]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ssync]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\allin1convert_8h.feedmanager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\allin1convert_8h.feedmanager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\allin1convert_8h.htmlmenu
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\allin1convert_8h.htmlmenu.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\allin1convert_8h.htmlpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\allin1convert_8h.htmlpanel.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\allin1convert_8h.multiplebutton
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\allin1convert_8h.multiplebutton.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\allin1convert_8h.pseudotransparentplugin
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\allin1convert_8h.pseudotransparentplugin.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\allin1convert_8h.scriptbutton
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\allin1convert_8h.scriptbutton.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\allin1convert_8h.settingsplugin
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\allin1convert_8h.settingsplugin.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\allin1convert_8h.thirdpartyinstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\allin1convert_8h.thirdpartyinstaller.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKCU\Software\84dfdce035e417
Schlüssel Gelöscht : HKLM\SOFTWARE\84dfdce035e417
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{248B3E95-17A4-482D-A8A8-6B3DF4D05C35}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{27F49273-DE3A-4111-90F9-6C474C37AEFB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{39D4F1A1-A94D-4B7D-BF1D-7446308800ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{443321F7-E46C-42F8-812B-F35E98CBB44F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7EB7381C-FB01-47FC-9C42-ED64122C1B92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{889F49D2-6CEA-40BE-BE5F-7217485F9745}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8F83D657-5993-4FFA-9AEE-DA0B20D828A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD1A63BA-A08C-431B-9A34-F240AADC728D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE0F6787-9D1C-42B7-A0B9-EAC630F87902}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E4EF697F-434B-4DC7-A464-4412462206DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EF3F28C8-0330-4D18-B901-D24CB83E5AA1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EF5DB804-585B-472E-B415-BC63F8F01BF6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F2C368C5-9F44-4D43-89F3-A1CC87F1DA96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F99DDD9A-07D0-47AB-86F1-193533DD2C60}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522292214}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5E58CDA9-3B21-4611-A859-26EE28950E61}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C5561B6-3DD2-46B5-83BE-EAE744366046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2561FD25-FE31-4E56-A120-AF7FEAAE3124}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4BD0FCFF-AD64-4315-9F2C-960EF3C21623}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{507C73BB-FC69-425E-8A49-9204F886B328}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{6EC57031-1740-4151-93C5-C465D6063DD2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{76FC1003-0825-48BD-B59B-3B7A5754972C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9D217B94-6FC9-44FE-94B1-30C711871266}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B48AC2CD-9662-47E0-A3C0-3B01BB3F463E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{BE698E51-830B-447A-954D-901D6E05DDE2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{BFCF748F-A56E-451F-AA45-0D7EB699E416}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D617CF84-B0BC-441F-9984-B676AFBA1E8D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CD1A63BA-A08C-431B-9A34-F240AADC728D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CD1A63BA-A08C-431B-9A34-F240AADC728D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{27F49273-DE3A-4111-90F9-6C474C37AEFB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7EB7381C-FB01-47FC-9C42-ED64122C1B92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E4EF697F-434B-4DC7-A464-4412462206DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F99DDD9A-07D0-47AB-86F1-193533DD2C60}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{248B3E95-17A4-482D-A8A8-6B3DF4D05C35}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{5BCF818D-78C8-41B8-BA89-65C5FDAC4FC4}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522292214}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5E58CDA9-3B21-4611-A859-26EE28950E61}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6C5561B6-3DD2-46B5-83BE-EAE744366046}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2459}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2459}
Schlüssel Gelöscht : HKCU\Software\BABSOLUTION
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\distromatic
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\Protector
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\UpdaterEX
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\lyrixeeker
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\allin1convert_8hbar uninstall firefox
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebConnect
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v42.0.2311.90

[C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.fbdownloader.com/search.php?channel=fpo&q={searchTerms}
[C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.fbdownloader.com/search.php?channel=fpo&q={searchTerms}
[C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : gbmdkmlcnbapgegninelmjbfibaghdmk
[C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : llpnaddghmkpkmnghbdpahlgncpieofn

*************************

AdwCleaner[R0].txt - [11678 Bytes] - [30/04/2015 20:46:26]
AdwCleaner[S0].txt - [10872 Bytes] - [30/04/2015 20:51:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10932  Bytes] ##########

Code:

ATTFilter

Junkware Removal Tool (JRT) by Thisisu
Version: 6.6.7 (04.30.2015:1)
OS: Windows 8.1 x64
Ran by Roman on 30.04.2015 at 21:02:25,47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] update webconnect
Successfully deleted: [Service] update webconnect



~~~ Tasks

Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-56747669-1492320734-3887672677-500
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-778921381-3118999903-100346665-500
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-846500394-140593827-909769170-1002
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-846500394-140593827-909769170-1008
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-846500394-140593827-909769170-500



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\PConverter_dz.ToolbarProtector
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\PConverter_dz.ToolbarProtector.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update WebConnect



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.04.2015 at 21:15:37,62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cevvi · 30.04.2015, 20:25

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 30.04.2015
Suchlauf-Zeit: 19:46:24
Logdatei: mbamlog.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.04.30.05
Rootkit Datenbank: v2015.04.21.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Roman

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 433012
Verstrichene Zeit: 47 Min, 30 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 55
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\CLASSES\APPID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}, In Quarantäne, [44799cd65d2d12249b54344ee61dab55], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}, In Quarantäne, [44799cd65d2d12249b54344ee61dab55], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}, In Quarantäne, [44799cd65d2d12249b54344ee61dab55], 
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [bd003b379cee8da93a420082db28b947], 
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [bd003b379cee8da93a420082db28b947], 
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [bd003b379cee8da93a420082db28b947], 
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [dfde3a38d5b50f275745255daa59639d], 
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [dfde3a38d5b50f275745255daa59639d], 
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [dfde3a38d5b50f275745255daa59639d], 
PUP.Optional.WebConnect.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{2316c625-b487-4410-a1a5-ff040b65245f}, In Quarantäne, [803dc3af3753e84e5748d8aa946ff709], 
PUP.Optional.WebConnect.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{d8caf2df-52d3-42cf-9ddb-f4ff828db4f8}, In Quarantäne, [803dc3af3753e84e5748d8aa946ff709], 
PUP.Optional.WebConnect.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{7C28CEF1-A4A6-4B6A-8B97-C44F1267753C}, In Quarantäne, [803dc3af3753e84e5748d8aa946ff709], 
PUP.Optional.WebConnect.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7C28CEF1-A4A6-4B6A-8B97-C44F1267753C}, In Quarantäne, [803dc3af3753e84e5748d8aa946ff709], 
PUP.Optional.WebConnect.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{7C28CEF1-A4A6-4B6A-8B97-C44F1267753C}, In Quarantäne, [803dc3af3753e84e5748d8aa946ff709], 
PUP.Optional.WebConnect.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{d8caf2df-52d3-42cf-9ddb-f4ff828db4f8}, In Quarantäne, [803dc3af3753e84e5748d8aa946ff709], 
PUP.Optional.WebConnect.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{d8caf2df-52d3-42cf-9ddb-f4ff828db4f8}, In Quarantäne, [803dc3af3753e84e5748d8aa946ff709], 
PUP.Optional.WebConnect.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2316C625-B487-4410-A1A5-FF040B65245F}, In Quarantäne, [803dc3af3753e84e5748d8aa946ff709], 
PUP.Optional.WebConnect.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{2316C625-B487-4410-A1A5-FF040B65245F}, In Quarantäne, [803dc3af3753e84e5748d8aa946ff709], 
PUP.Optional.WebConnect.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{2316C625-B487-4410-A1A5-FF040B65245F}, In Quarantäne, [803dc3af3753e84e5748d8aa946ff709], 
PUP.Optional.Babylon.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [219c046ec4c674c28e91dc6d32d104fc], 
PUP.Optional.OfferMosquito, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{82B16A3D-F03E-4565-A532-666B219C9A53}, In Quarantäne, [209dc8aa08825adcf3436ae518eb53ad], 
PUP.Optional.Delta.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{82E1477C-B154-48D3-9891-33D83C26BCD3}, In Quarantäne, [d1ec49291f6b270f9ae299e836cd4cb4], 
PUP.Optional.Datamngr.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}, In Quarantäne, [febf76fc8ffb79bd3923087bd82b2fd1], 
PUP.Optional.Delta.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}, In Quarantäne, [1ca1f979d8b2c27496e58df445be1be5], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0052914.Sandbox, In Quarantäne, [605dc1b16a2038fe1c35fbf8f60d6997], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0052914.Sandbox.1, In Quarantäne, [427babc75931fe38e66bf9faac57b64a], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\CLASSES\APPID\PricePeep.DLL, In Quarantäne, [734ae58d8bff2f07ed7c1619b64f9f61], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\PricePeep.DLL, In Quarantäne, [94294b277a100a2cf178c36cba4ba55b], 
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\${dtUserElevationPolicyID}, In Quarantäne, [15a8c8aa296139fd368e98b6d72e05fb], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\Allin1Convert_8h, In Quarantäne, [1ca193df8802a78f34572b1d6b9abd43], 
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\Datamngr, In Quarantäne, [4b723e346525f640ae99de207291f709], 
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\WOW6432NODE\Plus-HD-9.0, In Quarantäne, [1ba2a8ca2c5e082ee2e437e3a1637b85], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0052914.Sandbox, In Quarantäne, [328b650d6b1f69cdc38ea54eae55837d], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0052914.Sandbox.1, In Quarantäne, [9924c6ac16748babaaa79c574cb739c7], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\PricePeep.DLL, In Quarantäne, [b6075121137789ad0d5c4ce31ee76d93], 
PUP.Optional.WebConnect.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ieakfmpjhljbpbfpldjkddkjmmgjmgon, In Quarantäne, [8835c2b0a9e14aecd6a2ba5732d2c739], 
PUP.Optional.Ask.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75B4241F-171E-44A3-BF44-23613B6E3E03}, In Quarantäne, [6459452d90faa78f6ebff269f70e0bf5], 
PUP.Optional.Mindspark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@Allin1Convert_8h.com/Plugin, In Quarantäne, [308df0820f7b2610fb4640c5e123639d], 
PUP.Optional.PlusHD.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-9.0, In Quarantäne, [5c61e58dec9e93a35bb458b409fb6d93], 
PUP.Optional.Mindspark.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\Allin1Convert_8h, In Quarantäne, [516cf87a880273c36923fb4d8e77758b], 
PUP.Optional.DataMngr.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\DataMngr_Toolbar, In Quarantäne, [5568a2d0fb8f49eda11f39f48b7a5ea2], 
PUP.Optional.DigitalSites.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\DSiteProducts, In Quarantäne, [2c91dc96474374c2a59a6aeb7c89fc04], 
PUP.Optional.OfferMosquito.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\OfferMosquito, In Quarantäne, [0bb2b2c0f89231052a8cc092c63f4cb4], 
PUP.Optional.SimpleNewTab.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\SimpleNewTab, In Quarantäne, [932a2d45622858de1bdfc33e4db79e62], 
PUP.Optional.Mindspark.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\APPDATALOW\SOFTWARE\Allin1Convert_8h, In Quarantäne, [4b7200721b6ff64044a423dc6c975ba5], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, In Quarantäne, [5568046e8505c472a64f28195ca921df], 
PUP.Optional.PlusHD.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-9.0, In Quarantäne, [f4c932406228ca6c709f98744bb9926e], 
PUP.Optional.Babylon.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\BABSOLUTION\Redir, In Quarantäne, [9d204b277a103006249e909ea65f639d], 
PUP.Optional.Babylon.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\BABSOLUTION\Updater, In Quarantäne, [536aaec49bef03334c778aa415f057a9], 
PUP.Optional.AlexaTB.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\DISTROMATIC\Toolbars, In Quarantäne, [5f5eb3bf1e6c280e40110e261aeb6a96], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [dbe2c2b0d5b58da9ce4b5cbc1ce849b7], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\INSTALLCORE, In Quarantäne, [1ba272005f2bdc5a80647bb2e223827e], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Plus HD, In Quarantäne, [7b42cca682080d293766e30a996a58a8], 
PUP.Optional.Ask.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75B4241F-171E-44A3-BF44-23613B6E3E03}, In Quarantäne, [9627d1a16426ef4786a605569a6bcc34], 
PUP.Optional.WebConnect.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\WEBCONNECT, In Quarantäne, [a11c3f332664f73f87a37ab524e15ea2], 

Registrierungswerte: 16
Adware.Agent, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|OMESupervisor, "C:\Users\Roman\AppData\Local\omesuperv.exe", In Quarantäne, [e0dde58d9feb05317d4c0e46ae5412ee]
PUP.Optional.DataMgr.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|DataMgr, "C:\Users\Roman\AppData\Roaming\DataMgr\DataMgr.exe", In Quarantäne, [ba033c36d7b3ca6ca588676bde25916f]
PUP.Optional.Ask.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75b4241f-171e-44a3-bf44-23613b6e3e03}|DisplayName, Ask Web Search, In Quarantäne, [6459452d90faa78f6ebff269f70e0bf5]
PUP.Optional.ASK.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75b4241f-171e-44a3-bf44-23613b6e3e03}|URL, hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm070^S11123^de&si=flvrunner&ptb=186ED164-3DDD-4D30-834A-A94D5107EAA5&ind=2014110112&n=780ce1a0&psa=&st=sb&searchfor={searchTerms}, In Quarantäne, [c0fd581a206a280eb15fef6ebe47ae52]
PUP.Optional.Mindspark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Allin1Convert AppIntegrator 32-bit, C:\PROGRA~2\ALLIN1~2\bar\1.bin\AppIntegrator.exe, In Quarantäne, [437a5022d2b836005788b92d3ac99f61]
PUP.Optional.Mindspark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Allin1Convert AppIntegrator 64-bit, C:\PROGRA~2\ALLIN1~2\bar\1.bin\AppIntegrator64.exe, In Quarantäne, [fcc1650d8406ba7c26b91bcbd92a55ab]
PUP.Optional.Mindspark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|PConverter AppIntegrator 32-bit, C:\PROGRA~2\PCONVE~2\bar\1.bin\AppIntegrator.exe, In Quarantäne, [af0ea3cf018985b1825daa3cd62df808]
PUP.Optional.Mindspark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|PConverter AppIntegrator 64-bit, C:\PROGRA~2\PCONVE~2\bar\1.bin\AppIntegrator64.exe, In Quarantäne, [9f1e9dd52961db5bedf2bf27b74c25db]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\INSTALLCORE|tb, 0L1N1H2O1S, In Quarantäne, [1ba272005f2bdc5a80647bb2e223827e]
PUP.BProtector, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|bProtector Start Page, hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=C215F4B7E2C62A71&affID=119357&tt=160913_m1&tsp=5014, In Quarantäne, [9d20640e553579bd5c669d908481f907]
PUP.BProtector, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [a815086a97f3b4828c37210c08fd23dd]
PUP.Optional.Babylon.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|FaviconURL, search.babylon.com/favicon.ico, In Quarantäne, [2d90601233573303396bd18ac540718f]
PUP.Optional.Ask.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75b4241f-171e-44a3-bf44-23613b6e3e03}|DisplayName, Ask Web Search, In Quarantäne, [9627d1a16426ef4786a605569a6bcc34]
PUP.Optional.ASK.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{75b4241f-171e-44a3-bf44-23613b6e3e03}|URL, hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm070^S11123^de&si=flvrunner&ptb=186ED164-3DDD-4D30-834A-A94D5107EAA5&ind=2014110112&n=780ce1a0&psa=&st=sb&searchfor={searchTerms}, In Quarantäne, [2499630f414986b061ae530ace37cc34]
PUP.Optional.OfferMosquito, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|OMESupervisor, "C:\Users\Roman\AppData\Local\omesuperv.exe", In Quarantäne, [a11c5c163b4f91a52e95cd79ca3b1fe1]
PUP.Optional.WebConnect.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\WEBCONNECT|iid, def_WebConnect, In Quarantäne, [a11c3f332664f73f87a37ab524e15ea2]

Registrierungsdaten: 1
PUP.Optional.StartPage.A, HKU\S-1-5-21-846500394-140593827-909769170-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|bProtector Start Page, hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=C215F4B7E2C62A71&affID=119357&tt=160913_m1&tsp=5014, Gut: (www.google.com), Schlecht: (hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=C215F4B7E2C62A71&affID=119357&tt=160913_m1&tsp=5014),Ersetzt,[724bd49e4b3fa096c4557b93a75fed13]

Ordner: 76
PUP.Optional.DataMgr.A, C:\Users\Roman\AppData\Roaming\DataMgr, In Quarantäne, [ba033c36d7b3ca6ca588676bde25916f], 
PUP.Optional.WebConnect.A, C:\Program Files (x86)\WebConnect, In Quarantäne, [b904abc7028874c2420f0b23858051af], 
PUP.Optional.Babylon.C, C:\Users\Roman\AppData\Roaming\Babylon, In Quarantäne, [7647dd95ef9bc96d30d268f857ae6d93], 
PUP.Optional.OpenCandy, C:\Users\Roman\AppData\Roaming\OpenCandy, In Quarantäne, [f0cdadc593f7cf6730c18c0af0137a86], 
PUP.Optional.OpenCandy, C:\Users\Roman\AppData\Roaming\OpenCandy\08FEF0FFF9D54FBBB48C41917D9412E2, In Quarantäne, [f0cdadc593f7cf6730c18c0af0137a86], 
PUP.Optional.OpenCandy, C:\Users\Roman\AppData\Roaming\OpenCandy\DE124B6C659D4F5AA1D11B3AE16C646C, In Quarantäne, [f0cdadc593f7cf6730c18c0af0137a86], 
PUP.Optional.WebConnect.A, C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieakfmpjhljbpbfpldjkddkjmmgjmgon, In Quarantäne, [4776cba7711980b6b5e7edad6b98cf31], 
PUP.Optional.WebConnect.A, C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieakfmpjhljbpbfpldjkddkjmmgjmgon\1.0.0_1, In Quarantäne, [4776cba7711980b6b5e7edad6b98cf31], 
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.0, In Quarantäne, [aa13a1d17b0f40f6be17b4e837ccd32d], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\chrome, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\ThirdPartyInstallers, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\assists, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\assists\ie_default_search_provider, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\assists\ie_enable, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\assists, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\gen1, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\Message, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\Settings, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\fonts, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\libs, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\images, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\fonts, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\fonts, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\images, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\swf, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.SimpleNewTab.A, C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgkeimkiojpjcoiiipekfjaopchhjga, In Quarantäne, [8b3280f2d2b82c0aa5d3e6bd5da6c53b], 
PUP.Optional.SimpleNewTab.A, C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgkeimkiojpjcoiiipekfjaopchhjga\1.0.1_0, In Quarantäne, [8b3280f2d2b82c0aa5d3e6bd5da6c53b], 
PUP.Optional.SimpleNewTab.A, C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgkeimkiojpjcoiiipekfjaopchhjga\1.0.1_0\_metadata, In Quarantäne, [8b3280f2d2b82c0aa5d3e6bd5da6c53b], 
PUP.Optional.SimpleNewTab.A, C:\Users\Roman\AppData\Local\simple_new_tab, In Quarantäne, [ccf1314126647db933462c771ee5669a], 
PUP.Optional.SimpleNewTab.A, C:\Users\Roman\AppData\Local\simple_new_tab\htmls, In Quarantäne, [ccf1314126647db933462c771ee5669a], 
PUP.Optional.OfferMosquito.A, C:\Users\Roman\AppData\Roaming\OfferMosquito, In Quarantäne, [b20b066cafdb85b14832fda611f27d83], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Cache, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\History, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Message, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Message\COMMON, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Settings, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8hEI, In Quarantäne, [13aa8be7b3d784b278702d773ec535cb], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8hEI\Installr, In Quarantäne, [13aa8be7b3d784b278702d773ec535cb], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8hEI\Installr\Cache, In Quarantäne, [13aa8be7b3d784b278702d773ec535cb], 
PUP.Optional.Updater.A, C:\Users\Roman\AppData\Roaming\UpdaterEX\UpdateProc, In Quarantäne, [d3ea3c368109cb6b36943c7117ec5ea2], 
PUP.Optional.Updater.A, C:\Users\Roman\AppData\Roaming\DSite\UpdateProc, In Quarantäne, [7c41abc7e4a6d660e1ece5c80201fc04], 
PUP.Optional.DSearchLink.A, C:\ProgramData\DSearchLink, In Quarantäne, [6a53d89a3b4ff046a8b805ad6f94c63a], 
PUP.Optional.SearchResultsTB.A, C:\Users\Roman\AppData\LocalLow\searchresultstb, In Quarantäne, [efcee68c1575a98d224a6c464fb460a0], 
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup, In Quarantäne, [0bb2b7bb2d5d64d28537a91ef90a34cc], 

Dateien: 416
Adware.Agent, C:\Users\Roman\AppData\Local\omesuperv.exe, In Quarantäne, [e0dde58d9feb05317d4c0e46ae5412ee], 
PUP.Optional.MindSpark, C:\Program Files (x86)\dzres.dll, In Quarantäne, [665796dc8406cd695c50656f5ba642be], 
PUP.Optional.MindSpark, C:\Program Files (x86)\dzUninstall PConverter.dll, In Quarantäne, [1f9e3939f7933600bbf1b51f01001fe1], 
PUP.Optional.Mindspark.A, C:\$Recycle.Bin\S-1-5-21-846500394-140593827-909769170-1002\$R2GNK3J.exe, In Quarantäne, [b508b7bb424842f4fa09c3f17d88ff01], 
PUP.Optional.OpenCandy, C:\Users\Roman\Downloads\FreemakeVideoConverterSetup.exe, In Quarantäne, [66578ae84446b185b43a5ae533ce6997], 
PUP.Optional.Mindspark.A, C:\Users\Roman\Downloads\PConverter.exe, In Quarantäne, [24998ce6800a989ef211e8cc9c696c94], 
PUP.Optional.DataMgr.A, C:\Users\Roman\AppData\Roaming\DataMgr\DataMgr.exe, In Quarantäne, [ba033c36d7b3ca6ca588676bde25916f], 
PUP.Optional.DataMgr.A, C:\Users\Roman\AppData\Roaming\DataMgr\version.txt, In Quarantäne, [ba033c36d7b3ca6ca588676bde25916f], 
PUP.Optional.PlusHD.A, C:\Windows\Tasks\Plus-HD-9.0-chromeinstaller.job, In Quarantäne, [b805d59ddab042f408bf8371897a7b85], 
PUP.Optional.PlusHD.A, C:\Windows\Tasks\Plus-HD-9.0-codedownloader.job, In Quarantäne, [7d40373b51396dc9b116678d24dfb44c], 
PUP.Optional.PlusHD.A, C:\Windows\Tasks\Plus-HD-9.0-enabler.job, In Quarantäne, [03ba126091f9e3539e2911e35fa4ec14], 
PUP.Optional.PlusHD.A, C:\Windows\Tasks\Plus-HD-9.0-updater.job, In Quarantäne, [724ba6ccabdfc076ad1a955ffa097c84], 
PUP.Optional.WebConnect.A, C:\Program Files (x86)\WebConnect\ieakfmpjhljbpbfpldjkddkjmmgjmgon.crx, In Quarantäne, [b904abc7028874c2420f0b23858051af], 
PUP.Optional.WebConnect.A, C:\Program Files (x86)\WebConnect\Microsoft.Win32.TaskScheduler.dll, In Quarantäne, [b904abc7028874c2420f0b23858051af], 
PUP.Optional.WebConnect.A, C:\Program Files (x86)\WebConnect\sqlite3.exe, In Quarantäne, [b904abc7028874c2420f0b23858051af], 
PUP.Optional.WebConnect.A, C:\Program Files (x86)\WebConnect\updateWebConnect.InstallState, In Quarantäne, [b904abc7028874c2420f0b23858051af], 
PUP.Optional.WebConnect.A, C:\Program Files (x86)\WebConnect\WebConnect.ico, In Quarantäne, [b904abc7028874c2420f0b23858051af], 
PUP.Optional.BProtector.A, C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data, In Quarantäne, [e9d4acc67614f046e0271918887db050], 
PUP.Optional.BProtector.A, C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences, In Quarantäne, [84399ad8f991e35368a0e34ee91c39c7], 
PUP.Optional.PricePeep.A, C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage, In Quarantäne, [5766cda5fc8ebe780722202bd134f808], 
PUP.Optional.PricePeep.A, C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage-journal, In Quarantäne, [b20bf67cc8c21d19c2674b00bd482fd1], 
PUP.Optional.Babylon.C, C:\Users\Roman\AppData\Roaming\Babylon\log_file.txt, In Quarantäne, [7647dd95ef9bc96d30d268f857ae6d93], 
PUP.Optional.OfferMosquito, C:\Users\Roman\AppData\Local\omesuperv.exe, In Quarantäne, [a11c5c163b4f91a52e95cd79ca3b1fe1], 
PUP.Optional.WebConnect.A, C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieakfmpjhljbpbfpldjkddkjmmgjmgon\1.0.0_1\icon.png, In Quarantäne, [4776cba7711980b6b5e7edad6b98cf31], 
PUP.Optional.WebConnect.A, C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieakfmpjhljbpbfpldjkddkjmmgjmgon\1.0.0_1\manifest.json, In Quarantäne, [4776cba7711980b6b5e7edad6b98cf31], 
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.0\52914.crx, In Quarantäne, [aa13a1d17b0f40f6be17b4e837ccd32d], 
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.0\52914.xpi, In Quarantäne, [aa13a1d17b0f40f6be17b4e837ccd32d], 
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.0\background.html, In Quarantäne, [aa13a1d17b0f40f6be17b4e837ccd32d], 
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.0\Installer.log, In Quarantäne, [aa13a1d17b0f40f6be17b4e837ccd32d], 
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.0\Plus-HD-9.0.ico, In Quarantäne, [aa13a1d17b0f40f6be17b4e837ccd32d], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\BOOTSTRAP.JS, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\CHROME.MANIFEST, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\CrExtP8h.exe, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\DPNMNGR.DLL, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\HKFXMGR.DLL, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\HKFXMGR64.DLL, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\INSTALL.RDF, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\installKeys.js, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\LOGO.BMP, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\T8RES.DLL, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\chrome\8hffxtbr.jar, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\assists\ie_default_search_provider\CONFIG.XML, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\assists\ie_enable\ARBITER.DLL, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\assists\ie_enable\ARBITER64.DLL, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\assists\ie_enable\CONFIG.XML, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\assists\COMMON.T8S, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\gen1\COMMON.T8S, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\Message\COMMON.T8S, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Program Files (x86)\Allin1Convert_8h\bar\Settings\s_pid.dat, In Quarantäne, [209dfd755d2dd75f0ece9e003ec5b24e], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\UrlFolderExtension.uf1, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\UrlFolderExtension.ufm, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\App.html, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\Background.html, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\ChromeReview.html, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\lang-default.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\manifest.json, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\css\App.min.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\css\reset.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\css\reset.min.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\css\WeatherBlink.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\fonts\cabin.eot, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\fonts\cabin.woff, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\close.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\icon.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\icon.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\MainIcon.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\MainIcon.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\minimize.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\rateUISprite.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\rate_WB.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\search.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\WBlogo.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\ChanceOfRain.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\ChanceOfRain.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\ChanceOfRain_60x60.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\ChanceOfRain_90x90.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\ChanceOfSnow.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\ChanceOfSnow.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\ChanceOfSnow_60x60.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\ChanceOfSnow_90x90.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\ChanceOfStorm.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\ChanceOfStorm.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\ChanceOfStorm_90x90.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\ChanceOfTstorm.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\ChanceOfTstorm.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\ChanceOfTstorm_60x60.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\ChanceOfTstorm_90x90.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Cloudy.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Cloudy.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Cloudy_90x90.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Dust.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Dust.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Dust_60x60.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Dust_90x90.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Fog.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Fog.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Fog_60x60.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Fog_90x90.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Ice.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Ice.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Ice_60x60.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Ice_90x90.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\MainIcon.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\MainIcon.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Misc.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Misc.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Misc_60x60.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Misc_90x90.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Misty.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Misty.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Misty_60x60.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Misty_90x90.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\MostlyCloudy.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\MostlyCloudy_60x60.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\MostlyCloudy_90x90.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\MostlySunny.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\MostlySunny.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\MostlySunny_60x60.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\MostlySunny_90x90.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Rain.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Rain.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Rain_60x60.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\SevereWeatherAdvisory.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\SevereWeatherAdvisory.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\SevereWeatherWarning.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\SevereWeatherWarning.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\SevereWeatherWatch.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\SevereWeatherWatch.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Showers.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Showers.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Showers_60x60.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\ChanceOfStorm_60x60.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Cloudy_60x60.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\MostlyCloudy.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Rain_90x90.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Showers_90x90.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Sleet.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Sleet.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Sleet_60x60.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Sleet_90x90.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Snow.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Snow.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Snow_60x60.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Snow_90x90.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Sunny.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Sunny.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Sunny_60x60.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Sunny_90x90.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Thunderstorm.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Thunderstorm.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Thunderstorm_60x60.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Thunderstorm_90x90.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Windy.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Windy.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Windy_60x60.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\images\weather\Windy_90x90.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\js\Background.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\js\Review.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\js\Widget.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\libs\anemone-1.2.7.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\libs\ChromeReview.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\libs\EventManager.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\libs\hogan-2.0.0.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\libs\i18nImporter.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\libs\jquery-1.8.2.min.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\libs\jquery.browser.min.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\libs\json2.min.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\libs\reset.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\libs\underscore-1.4.4.min.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\0f21f5f88ab18f8107fdcffdf8c5c898ec8c3ddb\1.2.3\libs\widget-api-1.4.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\background.html, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\lang-en.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\manifest.json, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\window.html, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\css\App.branded.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\css\App.branded.min.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\css\App.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\css\App.min.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\css\de.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\css\nl.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\images\branded-translationSprite.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\images\branded-translator-icon.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\images\branded-translator-icon.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\images\translate-logo.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\images\Translate.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\images\Translate.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\images\TranslationBuddy.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\images\TranslationBuddy.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\images\TranslationBuddy_SpeechBubble.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\images\TranslationBuddy_SpeechBubble.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\images\TranslationSprite.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\images\Translation_dd.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\images\Translation_input.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\js\Background.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\10b19c4cb4f3fa6c193860bc175eed63b209d408\1.1.2\js\Widget.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\background.html, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\lang-en.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\manifest.json, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\measurement-converterWindow.html, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\window.html, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\css\App.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\css\App.measurement.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\css\App.measurement.min.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\css\App.min.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\css\de.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\css\es.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\css\fr.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\css\it.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\css\nl.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\css\pt.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\fonts\cabin-regular-webfont.eot, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\fonts\cabin-regular-webfont.svg, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\fonts\cabin-regular-webfont.ttf, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\fonts\cabin-regular-webfont.woff, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\fonts\Offside-Regular.eot, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\fonts\Offside-Regular.ttf, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\fonts\Offside-Regular.woff, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\ConverterLogo.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\ConverterSprite.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\Converter_menu.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\Currency_header.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\Currency_hr.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\DropDownArrow.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\icon.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\icon.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\measurement-converter-icon.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\measurement-converter-icon.bmp,hot,flags=none.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\measurement-converter-icon.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\measurement-converterSelect.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\measurement-converterSprite.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\_measurement-converterSprite.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\IDR.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\AED.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\ARS.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\AUD.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\BGN.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\BHD.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\BND.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\BRL.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\BWP.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\CAD.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\CHF.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\CLP.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\CNY.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\COP.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\CZK.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\DKK.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\EUR.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\GBP.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\HKD.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\HRK.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\HUF.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\ILS.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\INR.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\IRR.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\ISK.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\JPY.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\KRW.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\KWD.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\KZT.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\LKR.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\LTL.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\LVL.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\LYD.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\MUR.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\MXN.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\MYR.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\NOK.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\NPR.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\NZD.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\OMR.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\PHP.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\PKR.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\PLN.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\QAR.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\RON.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\RUB.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\SAR.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\SEK.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\SGD.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\THB.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\TRY.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\TTD.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\TWD.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\USD.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\VEF.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\images\currency_symbols\ZAR.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\js\Background.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\8fd4683d8d862b8564aca600e8e89608d4dda76e\1.1.8\js\Widget.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\App.html, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\Background.html, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\ChromeReview.html, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\lang-en.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\manifest.json, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\css\App-allin1.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\css\App-allin1.min.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\css\App-audio.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\css\App-audio.min.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\css\App-image.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\css\App-image.min.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\fonts\cabin.eot, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\fonts\cabin.woff, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\images\chrome_review_icon_allin1.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\images\chrome_review_icon_image.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\images\DropBoxArrow.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\images\FileType.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\images\icon-allin1.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\images\icon-allin1.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\images\icon-audio.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\images\icon-audio.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\images\icon-image.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\images\icon-image.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\images\rateUISprite.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\images\spinner.gif, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\images\sprites-allin1.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\images\sprites-audio.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\images\sprites-image.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\js\Background.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\js\Review.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\js\Widget.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\acc8ee23a134bbe7164ac2f3d3d6d56a49c5e130\1.0.0\swf\Converter.swf, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\background.html, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\hidden-window.html, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\lang-en.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\manifest.json, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\window.html, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\css\App.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\css\App.min.css, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\favicon.ico, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\FBwidget_sprite.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icon.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icon.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\loading.gif, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F0.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F0.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F1.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F1.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F10.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F10.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F2.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F2.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F3.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F3.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F4.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F4.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F5.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F5.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F6.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F6.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F7.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F7.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F8.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F8.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F9.bmp, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F9.png, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\js\Background.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\js\Hidden.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\Local\Allin1Convert_8h\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\js\Widget.js, In Quarantäne, [734ab3bf4c3e3cfaba23920c9b6841bf], 
PUP.Optional.SimpleNewTab.A, C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgkeimkiojpjcoiiipekfjaopchhjga\1.0.1_0\manifest.json, In Quarantäne, [8b3280f2d2b82c0aa5d3e6bd5da6c53b], 
PUP.Optional.SimpleNewTab.A, C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgkeimkiojpjcoiiipekfjaopchhjga\1.0.1_0\newtab.js, In Quarantäne, [8b3280f2d2b82c0aa5d3e6bd5da6c53b], 
PUP.Optional.SimpleNewTab.A, C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgkeimkiojpjcoiiipekfjaopchhjga\1.0.1_0\options.html, In Quarantäne, [8b3280f2d2b82c0aa5d3e6bd5da6c53b], 
PUP.Optional.SimpleNewTab.A, C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgkeimkiojpjcoiiipekfjaopchhjga\1.0.1_0\options.js, In Quarantäne, [8b3280f2d2b82c0aa5d3e6bd5da6c53b], 
PUP.Optional.SimpleNewTab.A, C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgkeimkiojpjcoiiipekfjaopchhjga\1.0.1_0\snt.html, In Quarantäne, [8b3280f2d2b82c0aa5d3e6bd5da6c53b], 
PUP.Optional.SimpleNewTab.A, C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgkeimkiojpjcoiiipekfjaopchhjga\1.0.1_0\snt.js, In Quarantäne, [8b3280f2d2b82c0aa5d3e6bd5da6c53b], 
PUP.Optional.SimpleNewTab.A, C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgkeimkiojpjcoiiipekfjaopchhjga\1.0.1_0\_metadata\verified_contents.json, In Quarantäne, [8b3280f2d2b82c0aa5d3e6bd5da6c53b], 
PUP.Optional.SimpleNewTab.A, C:\Users\Roman\AppData\Local\simple_new_tab\simple_new_tab.dll, In Quarantäne, [ccf1314126647db933462c771ee5669a], 
PUP.Optional.SimpleNewTab.A, C:\Users\Roman\AppData\Local\simple_new_tab\htmls\index.html, In Quarantäne, [ccf1314126647db933462c771ee5669a], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Cache\1663DDAA, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Cache\1663E154, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Cache\1663E29C.bmp, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Cache\1663E461.bmp, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Cache\1663E52C.bmp, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Cache\1663E636.bmp, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Cache\1663E76E.bmp, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Cache\1663E924.cab, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Cache\1663F4AD.bmp, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Cache\166407C7.cab, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Cache\16640D94.bmp, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Cache\16640E5F.cab, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Cache\16642012.bmp, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Cache\166420CE.cab, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Cache\166423CB.bmp, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Cache\16642448.cab, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Cache\files.ini, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\History\search3, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Message\COMMON\8_step1.gif, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Message\COMMON\anemone.js, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Message\COMMON\bd_grad.gif, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Message\COMMON\hpguard.js, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Message\COMMON\hpguard1.htm, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Message\COMMON\hpguard2.htm, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Message\COMMON\hpp_ok.png, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Message\COMMON\hpp_x.png, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Message\COMMON\hpp_x2.png, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Message\COMMON\index.htm, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Message\COMMON\localizedStrings.js, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Message\COMMON\mid_dots.gif, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Message\COMMON\mws_logo.gif, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Message\COMMON\protect.htm, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Message\COMMON\rebut4b.htm, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Message\COMMON\shield.png, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Message\COMMON\stop.gif, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Message\COMMON\systrayp.htm, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Message\COMMON\tbguard1.htm, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Message\COMMON\tbguard2.htm, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Message\COMMON\tp_grad.gif, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Settings\prevcfg2.htm, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8h\bar\Settings\ToolbarStructure.json, In Quarantäne, [17a69dd55e2c0e2845a31e86bb48fb05], 
PUP.Optional.Mindspark.A, C:\Users\Roman\AppData\LocalLow\Allin1Convert_8hEI\Installr\Cache\files.ini, In Quarantäne, [13aa8be7b3d784b278702d773ec535cb], 
PUP.Optional.Updater.A, C:\Users\Roman\AppData\Roaming\UpdaterEX\UpdateProc\config.dat, In Quarantäne, [d3ea3c368109cb6b36943c7117ec5ea2], 
PUP.Optional.Updater.A, C:\Users\Roman\AppData\Roaming\UpdaterEX\UpdateProc\prod.dat, In Quarantäne, [d3ea3c368109cb6b36943c7117ec5ea2], 
PUP.Optional.Updater.A, C:\Users\Roman\AppData\Roaming\DSite\UpdateProc\config.dat, In Quarantäne, [7c41abc7e4a6d660e1ece5c80201fc04], 
PUP.Optional.Updater.A, C:\Users\Roman\AppData\Roaming\DSite\UpdateProc\TTL.DAT, In Quarantäne, [7c41abc7e4a6d660e1ece5c80201fc04], 
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\DEL_UnRegisterExtensions.exe, In Quarantäne, [0bb2b7bb2d5d64d28537a91ef90a34cc], 
PUP.Optional.Delta.A, C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences, Gut: (), Schlecht: ( "homepage": "hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=C215F4B7E2C62A71&affID=119357&tsp=4994",), Ersetzt,[4974185a4b3fd4624dd299b6709636ca]
PUP.Optional.SearchGol.A, C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\ChromePreferences, Gut: (), Schlecht: (   "homepage" : "hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=C215F4B7E2C62A71&affID=119357&tt=160913_m1&tsp=5014",), Ersetzt,[2994304281091323b5809eb14fb7ec14]

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)

cevvi · 30.04.2015, 20:36

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01
Ran by Roman (administrator) on ROMAN on 30-04-2015 21:30:15
Running from C:\Users\Roman\Downloads
Loaded Profiles: Roman (Available profiles: Roman)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Farbar) C:\Users\Roman\Downloads\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6839952 2012-08-22] (Realtek Semiconductor)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1757520 2015-02-02] (Bitdefender)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2014-03-13] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491632 2012-09-10] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2372800 2014-11-26] (Microsoft Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2015-02-02] (Bitdefender)
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-11-13] (Bitdefender)
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2014-11-13] (Bitdefender)
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44032 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2015-02-02] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-11-13] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2014-11-13] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2013-07-08] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2013-07-08] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2013-07-08] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2013-07-08] (Bitdefender)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
SearchScopes: HKLM -> {66D804E6-9660-4B51-B8EB-531703A6AA20} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {66D804E6-9660-4B51-B8EB-531703A6AA20} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> {0A2A7DB5-29EF-4DE2-8919-08F9C61C3BE9} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> {66D804E6-9660-4B51-B8EB-531703A6AA20} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> {7EAA0FBC-BC95-4669-8160-BAA339E6FA0C} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2459} URL = 
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> {C4F6B663-BE11-4F9E-9FCA-E386458BC45D} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> {CA3BF3FC-5F7B-4DA7-B082-21B6E51FE1C6} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll [2014-11-13] (Bitdefender)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll [2014-11-13] (Bitdefender)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM-x32 - Recorder Toolbar - {120A8821-2BEE-4C29-BCDA-62C577781992} - C:\Program Files (x86)\MedienTeam66\CHIP Free MP3 converter for YouTube\IEPlugin.dll [2014-01-22] (MedienTeam66)
Toolbar: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-846500394-140593827-909769170-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Roman\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-01-23] (Unity Technologies ApS)
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-01-30]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext

Chrome: 
=======
CHR Profile: C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bitdefender Wallet) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-01-30]
CHR Extension: (Google Wallet) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2015-02-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2014-11-13] (Bitdefender)
S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173248 2014-11-26] (Microsoft Corp.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-10-27] (Freemake) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2014-11-13] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1538672 2015-02-02] (Bitdefender)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-07-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-22] (Advanced Micro Devices)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2015-02-02] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [263032 2015-02-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-11-13] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2014-05-27] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-30] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [277648 2012-09-20] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-25] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-25] (Synaptics Incorporated)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2015-02-02] (BitDefender S.R.L.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-30 21:29 - 2015-04-30 21:29 - 02101248 _____ (Farbar) C:\Users\Roman\Downloads\FRST64 (1).exe
2015-04-30 21:15 - 2015-04-30 21:15 - 00001796 _____ () C:\Users\Roman\Desktop\JRT.txt
2015-04-30 21:02 - 2015-04-30 21:02 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-ROMAN-Windows-8.1-(64-bit).dat
2015-04-30 21:02 - 2015-04-30 21:02 - 00000000 ____D () C:\RegBackup
2015-04-30 21:01 - 2015-04-30 21:01 - 02716306 _____ (Thisisu) C:\Users\Roman\Downloads\JRT.exe
2015-04-30 20:46 - 2015-04-30 20:51 - 00000000 ____D () C:\AdwCleaner
2015-04-30 20:45 - 2015-04-30 20:45 - 02224640 _____ () C:\Users\Roman\Downloads\AdwCleaner_4.202.exe
2015-04-30 19:44 - 2015-04-30 21:19 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-04-30 19:44 - 2015-04-30 19:44 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-30 19:44 - 2015-04-30 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-30 19:44 - 2015-04-30 19:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-30 19:44 - 2015-04-30 19:44 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-04-30 19:44 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-04-30 19:44 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-04-30 19:44 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-04-30 19:42 - 2015-04-30 19:42 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Roman\Downloads\mbam-setup-2.1.6.1022.exe
2015-04-30 07:46 - 2015-04-30 07:46 - 00464381 _____ () C:\Users\Roman\Desktop\SpyHunterKiller.exe
2015-04-30 06:34 - 2015-04-30 06:34 - 00000000 _____ () C:\autoexec.bat
2015-04-30 06:33 - 2015-04-30 06:33 - 00000000 ____D () C:\Users\Roman\AppData\Roaming\Enigma Software Group
2015-04-28 23:09 - 2015-04-29 06:28 - 00042983 _____ () C:\Users\Roman\Downloads\Addition.txt
2015-04-28 22:41 - 2015-04-30 21:30 - 00018769 _____ () C:\Users\Roman\Downloads\FRST.txt
2015-04-28 22:41 - 2015-04-30 21:30 - 00000000 ____D () C:\FRST
2015-04-28 22:40 - 2015-04-28 22:40 - 02100736 _____ (Farbar) C:\Users\Roman\Downloads\FRST64.exe
2015-04-25 13:49 - 2015-04-25 13:49 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-04-15 06:40 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-04-15 06:40 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-04-15 06:40 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-04-15 06:40 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-04-15 06:40 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-04-15 06:40 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-15 06:40 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-04-15 06:40 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-04-15 06:40 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-04-15 06:40 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-04-15 06:40 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-04-15 06:40 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-04-15 06:40 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-04-15 06:40 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-04-15 06:40 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-04-15 06:40 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-04-15 06:40 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-04-15 06:40 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-04-15 06:40 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-04-15 06:40 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-04-15 06:40 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-04-15 06:40 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-04-15 06:40 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-04-15 06:40 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-04-15 06:40 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-04-15 06:40 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-04-15 06:40 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-04-15 06:40 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-04-15 06:40 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-15 06:39 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-15 06:39 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-15 06:39 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-15 06:39 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-15 06:39 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-15 06:39 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-15 06:39 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-15 06:39 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-04-15 06:39 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-04-15 06:39 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-04-15 06:39 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-15 06:39 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-04-15 06:39 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-04-15 06:39 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-04-15 06:39 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-04-15 06:39 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-04-15 06:39 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-04-15 06:39 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-15 06:39 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-04-15 06:39 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-04-15 06:39 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-04-15 06:39 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-04-15 06:39 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-04-15 06:39 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-04-15 06:39 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-04-15 06:39 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-04-15 06:39 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-04-15 06:39 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-04-15 06:39 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-04-15 06:39 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-04-15 06:39 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-04-15 06:39 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-04-15 06:39 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-04-15 06:39 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-04-15 06:39 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-04-15 06:39 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-04-15 06:39 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-04-15 06:39 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-04-15 06:39 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-04-15 06:39 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-04-15 06:39 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-04-10 07:41 - 2015-04-10 07:41 - 00003576 _____ () C:\WINDOWS\System32\Tasks\Bitdefender Auto-Scan
2015-04-04 09:12 - 2015-04-04 09:14 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-04-04 09:12 - 2015-04-04 09:12 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-04-01 09:26 - 2015-04-01 09:26 - 02347384 _____ (ESET) C:\Users\Roman\Downloads\esetsmartinstaller_deu (1).exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-30 21:19 - 2014-02-01 13:08 - 01622864 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-30 21:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-30 20:59 - 2013-11-14 09:27 - 01980934 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-30 20:59 - 2013-11-14 09:11 - 00842568 _____ () C:\WINDOWS\system32\perfh007.dat
2015-04-30 20:59 - 2013-11-14 09:11 - 00191764 _____ () C:\WINDOWS\system32\perfc007.dat
2015-04-30 20:55 - 2014-02-19 10:31 - 00000000 ___DO () C:\Users\Roman\SkyDrive
2015-04-30 20:54 - 2015-02-05 20:36 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d04172b9784e7c.job
2015-04-30 20:54 - 2013-09-03 13:32 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-30 20:52 - 2013-11-14 00:18 - 00339776 _____ () C:\WINDOWS\PFRO.log
2015-04-30 20:52 - 2013-08-22 16:46 - 00322881 _____ () C:\WINDOWS\setupact.log
2015-04-30 20:52 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-30 20:52 - 2013-08-22 15:25 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-30 20:51 - 2014-03-05 23:57 - 00000000 ____D () C:\Users\Roman\AppData\Roaming\Common
2015-04-30 20:50 - 2013-09-03 13:32 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-30 20:43 - 2014-02-01 14:35 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{103CE50C-E971-4B87-98BE-1CF84A1160BE}
2015-04-30 20:42 - 2015-02-05 20:37 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04172bb9d33e4.job
2015-04-30 20:39 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Help
2015-04-30 06:33 - 2014-02-01 12:50 - 00000000 ____D () C:\Users\Roman
2015-04-29 18:46 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-04-29 09:11 - 2014-06-11 09:11 - 00000326 _____ () C:\WINDOWS\Tasks\MT66 Software Update.job
2015-04-27 17:08 - 2014-11-12 22:15 - 00015872 ___SH () C:\Users\Roman\Documents\Thumbs.db
2015-04-27 17:07 - 2014-02-03 23:43 - 00000000 ____D () C:\Users\Roman\Documents\Wohnungen bis2011
2015-04-25 08:50 - 2014-02-03 18:35 - 00000000 ____D () C:\Users\Roman\Documents\WHB
2015-04-24 07:01 - 2013-09-12 21:27 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2015-04-17 08:29 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-04-17 07:28 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-04-16 11:51 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-04-16 06:52 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-15 23:00 - 2014-12-10 11:27 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-15 23:00 - 2014-07-10 22:24 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-15 07:22 - 2014-04-08 15:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 07:21 - 2013-09-12 16:17 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-04-15 07:09 - 2013-09-12 16:17 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-04-15 06:59 - 2013-08-22 15:25 - 00000167 _____ () C:\WINDOWS\win.ini
2015-04-14 01:24 - 2015-03-12 08:20 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2015-03-12 08:20 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-31 16:54 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF

==================== Files in the root of some directories =======

2013-09-04 13:37 - 2013-09-16 18:29 - 0000114 _____ () C:\Users\Roman\AppData\Roaming\WB.CFG
2013-09-04 13:37 - 2013-09-16 18:29 - 0000005 _____ () C:\Users\Roman\AppData\Roaming\WBPU-TTL.DAT
2014-01-30 13:59 - 2014-01-30 13:59 - 0318390 _____ () C:\ProgramData\1391082090.bdinstall.bin
2014-01-30 14:09 - 2014-01-30 14:09 - 0492776 _____ () C:\ProgramData\1391083368.bdinstall.bin
2013-09-03 12:56 - 2013-09-03 12:56 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.2492.dll


Some content of TEMP:
====================
C:\Users\Roman\AppData\Local\Temp\Extract.exe
C:\Users\Roman\AppData\Local\Temp\Quarantine.exe
C:\Users\Roman\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-29 09:40

==================== End Of Log ============================

--- --- ---

--- --- ---

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01
Ran by Roman (administrator) on ROMAN on 30-04-2015 21:33:38
Running from C:\Users\Roman\Downloads
Loaded Profiles: Roman (Available profiles: Roman)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Farbar) C:\Users\Roman\Downloads\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6839952 2012-08-22] (Realtek Semiconductor)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1757520 2015-02-02] (Bitdefender)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2014-03-13] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491632 2012-09-10] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2372800 2014-11-26] (Microsoft Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2015-02-02] (Bitdefender)
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-11-13] (Bitdefender)
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2014-11-13] (Bitdefender)
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44032 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2015-02-02] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-11-13] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2014-11-13] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2013-07-08] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2013-07-08] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2013-07-08] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2013-07-08] (Bitdefender)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
SearchScopes: HKLM -> {66D804E6-9660-4B51-B8EB-531703A6AA20} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {66D804E6-9660-4B51-B8EB-531703A6AA20} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> {0A2A7DB5-29EF-4DE2-8919-08F9C61C3BE9} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> {66D804E6-9660-4B51-B8EB-531703A6AA20} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> {7EAA0FBC-BC95-4669-8160-BAA339E6FA0C} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2459} URL = 
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> {C4F6B663-BE11-4F9E-9FCA-E386458BC45D} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> {CA3BF3FC-5F7B-4DA7-B082-21B6E51FE1C6} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll [2014-11-13] (Bitdefender)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll [2014-11-13] (Bitdefender)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM-x32 - Recorder Toolbar - {120A8821-2BEE-4C29-BCDA-62C577781992} - C:\Program Files (x86)\MedienTeam66\CHIP Free MP3 converter for YouTube\IEPlugin.dll [2014-01-22] (MedienTeam66)
Toolbar: HKU\S-1-5-21-846500394-140593827-909769170-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-846500394-140593827-909769170-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Roman\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-01-23] (Unity Technologies ApS)
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-01-30]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext

Chrome: 
=======
CHR Profile: C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bitdefender Wallet) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-01-30]
CHR Extension: (Google Wallet) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2015-02-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2014-11-13] (Bitdefender)
S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173248 2014-11-26] (Microsoft Corp.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-10-27] (Freemake) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2014-11-13] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1538672 2015-02-02] (Bitdefender)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-07-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-22] (Advanced Micro Devices)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2015-02-02] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [263032 2015-02-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-11-13] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2014-05-27] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-30] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [277648 2012-09-20] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-25] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-25] (Synaptics Incorporated)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2015-02-02] (BitDefender S.R.L.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-30 21:29 - 2015-04-30 21:29 - 02101248 _____ (Farbar) C:\Users\Roman\Downloads\FRST64 (1).exe
2015-04-30 21:15 - 2015-04-30 21:15 - 00001796 _____ () C:\Users\Roman\Desktop\JRT.txt
2015-04-30 21:02 - 2015-04-30 21:02 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-ROMAN-Windows-8.1-(64-bit).dat
2015-04-30 21:02 - 2015-04-30 21:02 - 00000000 ____D () C:\RegBackup
2015-04-30 21:01 - 2015-04-30 21:01 - 02716306 _____ (Thisisu) C:\Users\Roman\Downloads\JRT.exe
2015-04-30 20:46 - 2015-04-30 20:51 - 00000000 ____D () C:\AdwCleaner
2015-04-30 20:45 - 2015-04-30 20:45 - 02224640 _____ () C:\Users\Roman\Downloads\AdwCleaner_4.202.exe
2015-04-30 19:44 - 2015-04-30 21:19 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-04-30 19:44 - 2015-04-30 19:44 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-30 19:44 - 2015-04-30 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-30 19:44 - 2015-04-30 19:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-30 19:44 - 2015-04-30 19:44 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-04-30 19:44 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-04-30 19:44 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-04-30 19:44 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-04-30 19:42 - 2015-04-30 19:42 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Roman\Downloads\mbam-setup-2.1.6.1022.exe
2015-04-30 07:46 - 2015-04-30 07:46 - 00464381 _____ () C:\Users\Roman\Desktop\SpyHunterKiller.exe
2015-04-30 06:34 - 2015-04-30 06:34 - 00000000 _____ () C:\autoexec.bat
2015-04-30 06:33 - 2015-04-30 06:33 - 00000000 ____D () C:\Users\Roman\AppData\Roaming\Enigma Software Group
2015-04-28 23:09 - 2015-04-29 06:28 - 00042983 _____ () C:\Users\Roman\Downloads\Addition.txt
2015-04-28 22:41 - 2015-04-30 21:33 - 00018769 _____ () C:\Users\Roman\Downloads\FRST.txt
2015-04-28 22:41 - 2015-04-30 21:33 - 00000000 ____D () C:\FRST
2015-04-28 22:40 - 2015-04-28 22:40 - 02100736 _____ (Farbar) C:\Users\Roman\Downloads\FRST64.exe
2015-04-25 13:49 - 2015-04-25 13:49 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-04-15 06:40 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-04-15 06:40 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-04-15 06:40 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-04-15 06:40 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-04-15 06:40 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-04-15 06:40 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-15 06:40 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-04-15 06:40 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-04-15 06:40 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-04-15 06:40 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-04-15 06:40 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-04-15 06:40 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-04-15 06:40 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-04-15 06:40 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-04-15 06:40 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-04-15 06:40 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-04-15 06:40 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-04-15 06:40 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-04-15 06:40 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-04-15 06:40 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-04-15 06:40 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-04-15 06:40 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-04-15 06:40 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-04-15 06:40 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-04-15 06:40 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-04-15 06:40 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-04-15 06:40 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-04-15 06:40 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-04-15 06:40 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-15 06:39 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-15 06:39 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-15 06:39 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-15 06:39 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-15 06:39 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-15 06:39 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-15 06:39 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-15 06:39 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-04-15 06:39 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-04-15 06:39 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-04-15 06:39 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-15 06:39 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-04-15 06:39 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-04-15 06:39 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-04-15 06:39 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-04-15 06:39 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-04-15 06:39 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-04-15 06:39 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-15 06:39 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-04-15 06:39 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-04-15 06:39 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-04-15 06:39 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-04-15 06:39 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-04-15 06:39 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-04-15 06:39 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-04-15 06:39 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-04-15 06:39 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-04-15 06:39 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-04-15 06:39 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-04-15 06:39 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-04-15 06:39 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-04-15 06:39 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-04-15 06:39 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-04-15 06:39 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-04-15 06:39 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-04-15 06:39 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-04-15 06:39 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-04-15 06:39 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-04-15 06:39 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-04-15 06:39 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-04-15 06:39 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-04-10 07:41 - 2015-04-10 07:41 - 00003576 _____ () C:\WINDOWS\System32\Tasks\Bitdefender Auto-Scan
2015-04-04 09:12 - 2015-04-04 09:14 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-04-04 09:12 - 2015-04-04 09:12 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-04-01 09:26 - 2015-04-01 09:26 - 02347384 _____ (ESET) C:\Users\Roman\Downloads\esetsmartinstaller_deu (1).exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-30 21:19 - 2014-02-01 13:08 - 01622864 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-30 21:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-30 20:59 - 2013-11-14 09:27 - 01980934 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-30 20:59 - 2013-11-14 09:11 - 00842568 _____ () C:\WINDOWS\system32\perfh007.dat
2015-04-30 20:59 - 2013-11-14 09:11 - 00191764 _____ () C:\WINDOWS\system32\perfc007.dat
2015-04-30 20:55 - 2014-02-19 10:31 - 00000000 ___DO () C:\Users\Roman\SkyDrive
2015-04-30 20:54 - 2015-02-05 20:36 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d04172b9784e7c.job
2015-04-30 20:54 - 2013-09-03 13:32 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-30 20:52 - 2013-11-14 00:18 - 00339776 _____ () C:\WINDOWS\PFRO.log
2015-04-30 20:52 - 2013-08-22 16:46 - 00322881 _____ () C:\WINDOWS\setupact.log
2015-04-30 20:52 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-30 20:52 - 2013-08-22 15:25 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-30 20:51 - 2014-03-05 23:57 - 00000000 ____D () C:\Users\Roman\AppData\Roaming\Common
2015-04-30 20:50 - 2013-09-03 13:32 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-30 20:43 - 2014-02-01 14:35 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{103CE50C-E971-4B87-98BE-1CF84A1160BE}
2015-04-30 20:42 - 2015-02-05 20:37 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04172bb9d33e4.job
2015-04-30 20:39 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Help
2015-04-30 06:33 - 2014-02-01 12:50 - 00000000 ____D () C:\Users\Roman
2015-04-29 18:46 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-04-29 09:11 - 2014-06-11 09:11 - 00000326 _____ () C:\WINDOWS\Tasks\MT66 Software Update.job
2015-04-27 17:08 - 2014-11-12 22:15 - 00015872 ___SH () C:\Users\Roman\Documents\Thumbs.db
2015-04-27 17:07 - 2014-02-03 23:43 - 00000000 ____D () C:\Users\Roman\Documents\Wohnungen bis2011
2015-04-25 08:50 - 2014-02-03 18:35 - 00000000 ____D () C:\Users\Roman\Documents\WHB
2015-04-24 07:01 - 2013-09-12 21:27 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2015-04-17 08:29 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-04-17 07:28 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-04-16 11:51 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-04-16 06:52 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-15 23:00 - 2014-12-10 11:27 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-15 23:00 - 2014-07-10 22:24 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-15 07:22 - 2014-04-08 15:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 07:21 - 2013-09-12 16:17 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-04-15 07:09 - 2013-09-12 16:17 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-04-15 06:59 - 2013-08-22 15:25 - 00000167 _____ () C:\WINDOWS\win.ini
2015-04-14 01:24 - 2015-03-12 08:20 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2015-03-12 08:20 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-31 16:54 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF

==================== Files in the root of some directories =======

2013-09-04 13:37 - 2013-09-16 18:29 - 0000114 _____ () C:\Users\Roman\AppData\Roaming\WB.CFG
2013-09-04 13:37 - 2013-09-16 18:29 - 0000005 _____ () C:\Users\Roman\AppData\Roaming\WBPU-TTL.DAT
2014-01-30 13:59 - 2014-01-30 13:59 - 0318390 _____ () C:\ProgramData\1391082090.bdinstall.bin
2014-01-30 14:09 - 2014-01-30 14:09 - 0492776 _____ () C:\ProgramData\1391083368.bdinstall.bin
2013-09-03 12:56 - 2013-09-03 12:56 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.2492.dll


Some content of TEMP:
====================
C:\Users\Roman\AppData\Local\Temp\Extract.exe
C:\Users\Roman\AppData\Local\Temp\Quarantine.exe
C:\Users\Roman\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-29 09:40

==================== End Of Log ============================

--- --- ---

--- --- ---

Hallo ich hoffe das wars....und ich hab alles richtig gemacht !

cosinus · 30.04.2015, 22:40

Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Scan klicken.

cevvi · 01.05.2015, 05:33

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2015 01
Ran by Roman at 2015-05-01 06:22:56
Running from C:\Users\Roman\AppData\Local\Microsoft\Windows\INetCache\IE\3MNU22I5
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-846500394-140593827-909769170-500 - Administrator - Disabled)
Gast (S-1-5-21-846500394-140593827-909769170-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-846500394-140593827-909769170-1007 - Limited - Enabled)
Roman (S-1-5-21-846500394-140593827-909769170-1002 - Administrator - Enabled) => C:\Users\Roman

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Disabled - Out of date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Spyware-Schutz (Disabled - Out of date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Disabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Catalyst Install Manager (HKLM\...\{039B859F-360B-58D8-F86F-C277BA6ED7D8}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.4.167.0 - Microsoft Corporation)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 17.23.0.996 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CHIP Free MP3 converter for YouTube 3.0 Professional-E (HKLM-x32\...\{2ED4869A-6D7B-4a8f-8261-B842DA4852FA}_is1) (Version:  - )
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2.5712 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.2.2114 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.2.2110 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.7.4528 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.5.5811 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Express Rip (HKLM-x32\...\ExpressRip) (Version: 1.94 - NCH Software)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1218 - Hewlett-Packard)
HP Documentation (HKLM-x32\...\{8C3E36C3-7615-46B9-B043-6053810E591B}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{8A9FC225-75F6-4B5D-911C-0ED230565643}) (Version: 11.15.0009 - HP)
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{C2E428EB-116E-41C0-9E84-B22DE9CCA42F}) (Version: 1.1.6232.4245 - Hewlett-Packard)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.8 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-846500394-140593827-909769170-1002\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MT66 Software Update (HKLM-x32\...\{F2E4F3A5-A8F0-46F4-8E91-E8C1DE1FCFE5}_is1) (Version:  - )
Pixum Fotobuch (HKLM-x32\...\Pixum Fotobuch) (Version: 5.1.2 - CEWE COLOR AG u Co. OHG)
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6714 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.29040 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.19.13.4482 - Enigma Software Group, LLC)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.3.3 - Synaptics Incorporated)
Unity Web Player (HKU\S-1-5-21-846500394-140593827-909769170-1002\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-846500394-140593827-909769170-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Roman\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-846500394-140593827-909769170-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Roman\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-846500394-140593827-909769170-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Roman\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-846500394-140593827-909769170-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Roman\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-846500394-140593827-909769170-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Roman\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

13-04-2015 09:05:43 Geplanter Prüfpunkt
24-04-2015 11:06:51 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1174996E-F39F-4A89-99A0-1979C8C8ECF8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
Task: {18250422-79F9-4EC9-A4DE-6A4C5F6DEFC2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {3A11530E-B6B5-4FB2-87CF-DE865E933F8D} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {47900229-5958-4C3A-9718-27004CC60A8F} - \Plus-HD-9.0-firefoxinstaller No Task File <==== ATTENTION
Task: {499808E7-A3A8-42D8-8573-E82539E8FD33} - System32\Tasks\Bitdefender Auto-Scan => C:\Program Files\Bitdefender\Bitdefender\mtasklaunch.exe [2014-11-13] (Bitdefender)
Task: {5A815D44-C4DA-4130-B539-BAB7088F58AA} - \Optimize Start Menu Cache Files-S-1-5-21-846500394-140593827-909769170-1008 No Task File <==== ATTENTION
Task: {5B069F42-5174-4E85-8F87-5E2D226E5F16} - System32\Tasks\{3D73DAF1-073A-4989-96EE-3EAE21BC90C4} => pcalua.exe -a "F:\ANSTOSS 3_extracted\setup.exe" -d "F:\ANSTOSS 3_extracted"
Task: {61956698-775E-4D7C-B197-B1D301426EA9} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {62713FD9-E969-4CD6-99D5-95445F09E3A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-03] (Google Inc.)
Task: {67A5BCD8-7961-47AF-AA70-AB2329B64790} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {78013DDF-0DEE-422C-842D-F9161101A5CE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7D97E78C-1811-4AB4-BB52-22CB799C6AC7} - System32\Tasks\{768A7C87-05AA-457C-A3B7-C661EDB650A7} => pcalua.exe -a "C:\Program Files (x86)\ANSTOSS 3\anstoss3.exe" -d "C:\Program Files (x86)\ANSTOSS 3"
Task: {7D9E2C1A-2699-4291-A06B-C0AE6B4BF341} - System32\Tasks\GoogleUpdateTaskMachineCore1d04172b9784e7c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-03] (Google Inc.)
Task: {8493F824-5E5A-4D57-81D9-BACE6E3DE8C5} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {8A22A7A2-53F2-428D-AE34-380CDE0CDE1D} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {A29DC1AA-5B7F-4AF9-B1D3-D89D70C58E60} - \SpyHunter4Startup No Task File <==== ATTENTION
Task: {A4863726-8ACE-415C-A408-D790D620405E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {B280CB64-F7F6-4468-9FC8-81752E9F0665} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {B65F3139-2736-4A0C-BB92-0DC3AD451412} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-15] (Microsoft Corporation)
Task: {C8EDC144-F8BD-4503-9F8C-3DCEF5AAEA59} - System32\Tasks\{13AC75C1-42FC-4AA1-ADA2-7A59BCA62CBD} => pcalua.exe -a "C:\ProgramData\Package Cache\{fd97d1e2-368a-4cd9-af63-8eeff938044a}\adblockplusie-1.1.exe" -c  /uninstall
Task: {D5EC425A-7343-4704-B45D-C2E7A0CEA94F} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-10-12] (CyberLink)
Task: {DF0A9EA0-8124-47D2-A425-B2750BCD866C} - System32\Tasks\MT66 Software Update => C:\Program Files (x86)\Common Files\MT66 Software Update\UpdateClient.exe [2009-11-18] (MedienTeam66)
Task: {DFD44381-EFA3-4FF6-BCBB-62C1F4C12DF2} - System32\Tasks\GoogleUpdateTaskMachineUA1d04172bb9d33e4 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-03] (Google Inc.)
Task: {DFF825C0-0F3A-442E-A02E-33CE2F0BE2C0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
Task: {E7CB9809-452F-4250-983B-638C166D803A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-03] (Google Inc.)
Task: {EA9840C7-72BF-4B82-8270-0329B9F4C659} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {FADE5DB5-0456-4909-9AA4-14E8EEC41218} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)
Task: {FE79DA40-42A1-44BD-AC8F-EA43F0C7BE53} - \Optimize Start Menu Cache Files-S-1-5-21-846500394-140593827-909769170-500 No Task File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d04172b9784e7c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04172bb9d33e4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForRoman.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\MT66 Software Update.job => C:\Program Files (x86)\Common Files\MT66 Software Update\UpdateClient.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) ==============

2014-11-13 22:47 - 2014-11-13 22:47 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2014-11-13 22:47 - 2014-11-13 22:47 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\accessl.ui
2014-01-30 14:08 - 2011-11-14 20:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender\bdfwcore.dll
2015-04-02 22:17 - 2015-04-02 22:17 - 00785736 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00150_012\ashttpbr.mdl
2015-04-02 22:17 - 2015-04-02 22:17 - 00706408 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00150_012\ashttpdsp.mdl
2015-04-02 22:17 - 2015-04-02 22:17 - 02681448 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00150_012\ashttpph.mdl
2015-04-02 22:17 - 2015-04-02 22:17 - 01324432 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00150_012\ashttprbl.mdl
2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-30 14:08 - 2013-03-25 16:16 - 01117920 _____ () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll
2012-10-12 17:22 - 2012-10-12 17:22 - 00120224 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-10-12 17:22 - 2012-10-12 17:22 - 00048544 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-10-12 17:22 - 2012-10-12 17:22 - 00180224 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-11-26 14:21 - 2014-11-26 14:21 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-07-04 22:33 - 2014-07-04 22:33 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-02-01 13:56 - 2014-02-01 13:56 - 00120224 _____ () C:\Users\Roman\AppData\Local\assembly\dl3\XK65N7RQ.A7P\5C13BKKD.04W\b657af02\00e39356_8da8cd01\HPItunesModule.DLL
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-03-06 19:17 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-01-30 14:07 - 2014-11-13 22:45 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\msln.exe:b68feb29116e077df23fda1c47fcd031
AlternateDataStreams: C:\ProgramData\Temp:AD022376
AlternateDataStreams: C:\Users\Roman\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Roman\SkyDrive (2).old:ms-properties
AlternateDataStreams: C:\Users\Roman\SkyDrive (3).old:ms-properties
AlternateDataStreams: C:\Users\Roman\Desktop\SpyHunterKiller.exe:BDU
AlternateDataStreams: C:\Users\Roman\Downloads\AdwCleaner_4.202.exe:BDU
AlternateDataStreams: C:\Users\Roman\Downloads\CHIP_Free_MP3_Converter_for_YouTube-3.0.exe:BDU
AlternateDataStreams: C:\Users\Roman\Downloads\esetsmartinstaller_deu (1).exe:BDU
AlternateDataStreams: C:\Users\Roman\Downloads\esetsmartinstaller_deu.exe:BDU
AlternateDataStreams: C:\Users\Roman\Downloads\FreeAudioCDToMP3Converter_1.3.12.1228.exe:BDU
AlternateDataStreams: C:\Users\Roman\Downloads\FRST64 (1).exe:BDU
AlternateDataStreams: C:\Users\Roman\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Roman\Downloads\JRT.exe:BDU
AlternateDataStreams: C:\Users\Roman\Downloads\mbam-setup-2.1.6.1022.exe:BDU
AlternateDataStreams: C:\Users\Roman\Downloads\MicrosoftInstaller (1).exe:BDU
AlternateDataStreams: C:\Users\Roman\Downloads\MicrosoftInstaller.exe:BDU
AlternateDataStreams: C:\Users\Roman\Downloads\switchsetupDE.exe:BDU

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-846500394-140593827-909769170-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman\AppData\Local\Microsoft\BingDesktop\themes\2014-06-29.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-846500394-140593827-909769170-1002\...\StartupApproved\Run: => "ApplePhotoStreams"

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C1E22237-5107-4F3C-AED6-F880D61FD261}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6270EC1C-342A-4E1F-86EA-4D17D6D39648}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{00F1D487-3B7A-43AE-B638-0A2E4217C820}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E439B33E-C38C-4256-906E-ED6A8E5C3B1D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{46664AC5-3693-4B07-BCD4-D4D0628C2E47}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{86CFAE71-4C07-4968-BF2F-7FBC5FE342EF}] => (Allow) C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{1DF7E49C-A1D3-4BC6-A9DD-D04275325655}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6F63D6C7-544B-4C8F-B9A5-B50CBB76D878}] => (Allow) LPort=2869
FirewallRules: [{3488851E-B2B3-4EAB-840E-4478EA76BAC6}] => (Allow) LPort=1900
FirewallRules: [{90A432B5-9CC2-416A-A02E-228CBC6DE394}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
FirewallRules: [{DEA381A6-963A-460E-B607-C3532B8BA941}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
FirewallRules: [{FF6A2A87-16AE-4987-8015-E079D1866852}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE
FirewallRules: [{98A1E135-E202-4464-A90F-4D0A155DC188}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE
FirewallRules: [{807F809D-793F-4212-A0D0-D8525038BA12}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\outlook.exe
FirewallRules: [{0D848370-3D29-4546-9088-DF7E4A7257B1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{32714B84-90BA-4A16-A67E-D4D710AEF1A7}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{D1D9739D-6FBB-474F-9121-B0E780A0B062}] => (Allow) LPort=53000
FirewallRules: [{162EB825-140E-45EC-91CF-A9F9CE03EA4B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{3C866E98-BE39-4FEB-9063-48C81B2F5471}] => (Allow) LPort=52000

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/30/2015 05:58:39 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (04/30/2015 00:32:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (04/30/2015 00:21:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (04/30/2015 00:03:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm BackgroundTaskHost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1e54

Startzeit: 01d083134d2952e5

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\System32\BackgroundTaskHost.exe

Berichts-ID: 2c4fb131-ef20-11e4-bee4-f4b7e2c62a77

Vollständiger Name des fehlerhaften Pakets: Microsoft.BingNews_3.0.4.268_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexNews

Error: (04/30/2015 09:00:14 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (04/30/2015 08:47:38 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (04/30/2015 08:26:45 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (04/29/2015 10:42:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15031

Error: (04/29/2015 10:42:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15031

Error: (04/29/2015 10:42:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (04/30/2015 10:58:39 PM) (Source: DCOM) (EventID: 10010) (User: ROMAN)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.2

Error: (04/30/2015 10:58:39 PM) (Source: DCOM) (EventID: 10010) (User: ROMAN)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.2

Error: (04/30/2015 10:58:38 PM) (Source: DCOM) (EventID: 10010) (User: ROMAN)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.2

Error: (04/30/2015 10:58:38 PM) (Source: DCOM) (EventID: 10010) (User: ROMAN)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.2

Error: (04/30/2015 10:58:38 PM) (Source: DCOM) (EventID: 10010) (User: ROMAN)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.2

Error: (04/30/2015 10:58:38 PM) (Source: DCOM) (EventID: 10010) (User: ROMAN)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.2

Error: (04/30/2015 10:58:38 PM) (Source: DCOM) (EventID: 10010) (User: ROMAN)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.2

Error: (04/30/2015 10:58:37 PM) (Source: DCOM) (EventID: 10010) (User: ROMAN)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.2

Error: (04/30/2015 09:05:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/30/2015 09:05:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "HP Support Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (04/30/2015 05:58:39 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (04/30/2015 00:32:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (04/30/2015 00:21:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (04/30/2015 00:03:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: BackgroundTaskHost.exe6.3.9600.174151e5401d083134d2952e54294967295C:\WINDOWS\System32\BackgroundTaskHost.exe2c4fb131-ef20-11e4-bee4-f4b7e2c62a77Microsoft.BingNews_3.0.4.268_x64__8wekyb3d8bbweAppexNews

Error: (04/30/2015 09:00:14 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (04/30/2015 08:47:38 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (04/30/2015 08:26:45 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (04/29/2015 10:42:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15031

Error: (04/29/2015 10:42:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15031

Error: (04/29/2015 10:42:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info =========================== 

Processor: AMD E1-1200 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 55%
Total physical RAM: 3682.26 MB
Available physical RAM: 1626.09 MB
Total Pagefile: 4642.26 MB
Available Pagefile: 2137.62 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:450.64 GB) (Free:395.73 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:14.01 GB) (Free:1.83 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: () (Removable) (Total:0.12 GB) (Free:0.08 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: ED0E6540)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 123.4 MB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

cevvi · 05.05.2015, 06:53

habe ich noch was vergessen?

cosinus · 05.05.2015, 08:55

FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

Task: {47900229-5958-4C3A-9718-27004CC60A8F} - \Plus-HD-9.0-firefoxinstaller No Task File <==== ATTENTION
Task: {5A815D44-C4DA-4130-B539-BAB7088F58AA} - \Optimize Start Menu Cache Files-S-1-5-21-846500394-140593827-909769170-1008 No Task File <==== ATTENTION
Task: {A29DC1AA-5B7F-4AF9-B1D3-D89D70C58E60} - \SpyHunter4Startup No Task File <==== ATTENTION
Task: {FE79DA40-42A1-44BD-AC8F-EA43F0C7BE53} - \Optimize Start Menu Cache Files-S-1-5-21-846500394-140593827-909769170-500 No Task File <==== ATTENTION
C:\Users\Public\AlexaNSISPlugin.2492.dll
EmptyTemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

30.04.2015, 00:09	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Mouse wird langsamer und Tastatur auch! Was ist mit meiner Frage nach bisherigen Funden und wenn es welche gab, den Logs dazu? __________________ Logfiles bitte immer in CODE-Tags posten

30.04.2015, 14:43	#6
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Mouse wird langsamer und Tastatur auch! Für ESET gibt es eine bebilderte Anleitung => http://www.trojaner-board.de/125889-...tml#post941546 __________________ --> Mouse wird langsamer und Tastatur auch!

30.04.2015, 22:40	#12
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Mouse wird langsamer und Tastatur auch! Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Scan klicken. __________________ Logfiles bitte immer in CODE-Tags posten

Mouse wird langsamer und Tastatur auch!

Plagegeister aller Art und deren Bekämpfung: Mouse wird langsamer und Tastatur auch!