| |
| |||||||
Log-Analyse und Auswertung: Windows 7: Opera, verlinkte Wörter auf Website und WerbefensterWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
18.08.2015, 22:06
| #1 |
 |  Windows 7: Opera, verlinkte Wörter auf Website und Werbefenster Hallo, ich habe gesehen ihr habt euch mit diesem Thema schon öfters beschäftigt und es lösen können. Mein Problem, verlinkte Wörter in Texten auf Websites (auch hier). Ich habe Schritt 1 - 8 erledigt. Die log-files schicke ich mit. Ich hoffe ihr könnt mir auch helfen. Lg und schon jetzt ein riesiges Dankeschön yukiona Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:16 on 18/08/2015 (Katrin)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-08-2015
durchgeführt von Katrin (Administrator) auf KATRIN-PC (18-08-2015 22:19:00)
Gestartet von C:\Users\Katrin\Downloads
Geladene Profile: Katrin & Martin (Verfügbare Profile: Katrin & Martin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Opera)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\WTouch\WTouchService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\GoogleGGupdate.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Wacom Technology, Corp.) C:\Windows\System32\WTablet\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Akamai Technologies, Inc.) C:\Users\Katrin\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Katrin\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Wacom Technology, Corp.) C:\Program Files\WTouch\WTouchUser.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
() C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Farbar) C:\Users\Katrin\Downloads\FRST64 (1).exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-14] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-07] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Katrin\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-07] (Samsung)
HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe [1155760 2015-07-20] (Adobe Systems Incorporated)
AppInit_DLLs-x32: c:\progra~3\browse~1\261125~1.80\{c16c1~1\mngr.dll => "c:\progra~3\browse~1\261125~1.80\{c16c1~1\mngr.dll" Datei nicht gefunden
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ACHTUNG
GroupPolicyUsers\S-1-5-21-2455217175-4274658696-198378322-1006\User: Beschränkung erkannt <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1394037025&from=ild&uid=WDCXWD5000BPVT-22HXZT3_WD-WXJ1A71A1064A1064&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1394037025&from=ild&uid=WDCXWD5000BPVT-22HXZT3_WD-WXJ1A71A1064A1064&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1394037025&from=ild&uid=WDCXWD5000BPVT-22HXZT3_WD-WXJ1A71A1064A1064
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1394037025&from=ild&uid=WDCXWD5000BPVT-22HXZT3_WD-WXJ1A71A1064A1064
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1394037025&from=ild&uid=WDCXWD5000BPVT-22HXZT3_WD-WXJ1A71A1064A1064&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1394037025&from=ild&uid=WDCXWD5000BPVT-22HXZT3_WD-WXJ1A71A1064A1064&q={searchTerms}
HKU\S-1-5-21-2455217175-4274658696-198378322-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-2455217175-4274658696-198378322-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1394037025&from=ild&uid=WDCXWD5000BPVT-22HXZT3_WD-WXJ1A71A1064A1064
HKU\S-1-5-21-2455217175-4274658696-198378322-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-AT&Src=MSE&Tid=000328B0&OHP=http%3A%2F%2Ffacebook.com%2F&OSP=http%3A%2F%2Fwww.claro%2Dsearch.com%2F%3Fq%3D%7BsearchTerms%7D%26affID%3D114508%26tt%3D4912%5F8%26babsrc%3DSP%5Fclro%26mntrId%3De4a7224a000000000000d0df9a967395
HKU\S-1-5-21-2455217175-4274658696-198378322-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-at/?ocid=iehp
HKU\S-1-5-21-2455217175-4274658696-198378322-1006\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-AT&Src=MSE&Tid=000328B0&OHP=http%3A%2F%2Fgo.microsoft.com%2Ffwlink%2Fp%2F%3FLinkId%3D255141&OSP=http%3A%2F%2Fwww.awesomehp.com%2Fweb%2F%3Ftype%3Dds%26ts%3D1394037025%26from%3Dild%26uid%3DWDCXWD5000BPVT%2D22HXZT3%5FWD%2DWXJ1A71A1064A1064%26q%3D%7BsearchTerms%7D
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-21-2455217175-4274658696-198378322-1000 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2455217175-4274658696-198378322-1000 -> bProtectorDefaultScope {0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-2455217175-4274658696-198378322-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3328140&octid=EB_ORIGINAL_CTID&ISID=MDAFEDD5F-8976-483D-A95D-52A67D13DA72&SearchSource=58&CUI=&UM=2&UP=SP2C966881-1383-4134-B4CE-76A9BBDF7DD3&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-2455217175-4274658696-198378322-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2455217175-4274658696-198378322-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2455217175-4274658696-198378322-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-2455217175-4274658696-198378322-1000 -> {7EF2ADDD-4F3E-4C7E-B1B9-5A8FD2243087} URL = hxxp://search.softonic.com/MON00005/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=103
SearchScopes: HKU\S-1-5-21-2455217175-4274658696-198378322-1006 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2455217175-4274658696-198378322-1006 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: saviinGtioyoiu -> {C4C8DD2C-3163-461D-B2FE-15287B2362C3} -> C:\Program Files (x86)\saviinGtioyoiu\WEOFLDtWeXNMGF.x64.dll [2015-08-15] ()
BHO-x32: saviinGtioyoiu -> {C4C8DD2C-3163-461D-B2FE-15287B2362C3} -> C:\Program Files (x86)\saviinGtioyoiu\WEOFLDtWeXNMGF.dll [2015-08-15] ()
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{16487531-B73D-4A61-A0A1-D5C275028BCB}: [DhcpNameServer] 213.94.78.16 213.94.78.17
Tcpip\..\Interfaces\{24D56DD0-2FBE-42FA-BC05-1300280A189D}: [NameServer] 82.163.143.172,82.163.142.174
Tcpip\..\Interfaces\{24D56DD0-2FBE-42FA-BC05-1300280A189D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{77187876-313D-4CB3-8052-1566C9D9D308}: [NameServer] 82.163.143.172,82.163.142.174
Tcpip\..\Interfaces\{77187876-313D-4CB3-8052-1566C9D9D308}: [DhcpNameServer] 10.0.0.138
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1394037025&from=ild&uid=WDCXWD5000BPVT-22HXZT3_WD-WXJ1A71A1064A1064
FireFox:
========
FF ProfilePath: C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\1k37nphq.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.at/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-20] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-20] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Keine Datei]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2011-07-29] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-02-18] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll [2015-07-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll [2015-07-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-07-19] (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2009-09-25] (Wacom, Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2455217175-4274658696-198378322-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Katrin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2455217175-4274658696-198378322-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Katrin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-23] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2455217175-4274658696-198378322-1006: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Martin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\1k37nphq.default\user.js [2015-06-05]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\1k37nphq.default\searchplugins\trovi-search.xml [2014-12-09]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\awesomehp.xml [2014-03-05]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011-09-25]
Chrome:
=======
CHR dev: Chrome dev build erkannt! <======= ACHTUNG
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\gcswf32.dll Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll Keine Datei
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll Keine Datei
CHR Plugin: ( Wacom Dynamic Link Library) - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Katrin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll Keine Datei
CHR Plugin: (Default Plug-in) - default_plugin Keine Datei
CHR Profile: C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (jQuery Debugger) - C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhhnnnpaeobfddmlalhnehgclcmjimi [2015-08-12]
CHR Extension: (NewsHub) - C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnoejnlbkbnckikbkmnpippafneemknp [2015-08-15]
CHR Extension: (Extended Protection) - C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2015-08-16]
CHR Extension: (Pandora Audio Ad Remover) - C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhodhemilmjleephoimbfhoajnglghf [2015-06-09]
CHR Extension: (Kein Name) - C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\peibencbagcfjmachldjenlalojmkila [2015-01-12]
CHR Extension: (Quick Start) - C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2015-05-12]
CHR HKLM-x32\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-03-05]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-03-05]
Opera:
=======
OPR Extension: (adblockforopera) - C:\Users\Katrin\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2015-07-20]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ce0aaa3b; c:\Program Files (x86)\SystemPreserve\SystemPreserve.dll [2133504 2015-01-12] () [Datei ist nicht signiert]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [39528 2011-01-18] (Acer Incorporated)
R2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [255376 2012-04-05] (Acer Incorporated)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [Datei ist nicht signiert]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-14] (Electronic Arts)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [Datei ist nicht signiert]
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7414256 2015-05-19] (Reimage®)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTouchService; C:\Program Files\WTouch\WTouchService.exe [127784 2009-11-24] (Wacom Technology, Corp.)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-03-20] () [Datei ist nicht signiert]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 synusb64; C:\Windows\System32\DRIVERS\synusb64.sys [30352 2010-09-17] (Steinberg Media Technologies GmbH)
R1 {d749cb38-e48d-4f33-bfd4-0edca43efe21}Gw64; C:\Windows\System32\drivers\{d749cb38-e48d-4f33-bfd4-0edca43efe21}Gw64.sys [48824 2014-12-08] (StdLib)
R3 cpuz134; \??\C:\Users\Katrin\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S1 tcfd_vt_1_10_0_21; system32\drivers\tcfd_vt_1_10_0_21.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-18 22:19 - 2015-08-18 22:19 - 00028513 _____ C:\Users\Katrin\Downloads\FRST.txt
2015-08-18 22:17 - 2015-08-18 22:17 - 02173440 _____ (Farbar) C:\Users\Katrin\Downloads\FRST64 (1).exe
2015-08-18 22:15 - 2015-08-18 22:16 - 00000474 _____ C:\Users\Katrin\Desktop\defogger_disable.log
2015-08-18 22:15 - 2015-08-18 22:15 - 00000000 _____ C:\Users\Katrin\defogger_reenable
2015-08-18 22:13 - 2015-08-18 22:13 - 00050477 _____ C:\Users\Katrin\Desktop\Defogger.exe
2015-08-18 22:04 - 2015-08-18 22:04 - 00003440 _____ C:\Windows\System32\Tasks\Reimage Reminder
2015-08-18 22:03 - 2015-08-18 22:03 - 00004278 _____ C:\Windows\System32\Tasks\ReimageUpdater
2015-08-18 22:02 - 2015-08-18 22:03 - 00000000 ____D C:\ProgramData\Reimage Protector
2015-08-18 22:02 - 2015-08-18 22:02 - 00001913 _____ C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2015-08-18 22:02 - 2015-08-18 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2015-08-18 22:01 - 2015-08-18 22:04 - 00000000 ____D C:\rei
2015-08-18 22:01 - 2015-08-18 22:03 - 00000000 ____D C:\Program Files\Reimage
2015-08-18 21:55 - 2015-08-18 21:56 - 00772016 _____ (Reimage®) C:\Users\Katrin\Downloads\ReimageRepair (1).exe
2015-08-18 21:51 - 2015-08-18 21:51 - 00000000 ____D C:\Users\Katrin\AppData\Local\{C5EC8686-AC8B-4E78-A71A-E1020E0032E2}
2015-08-18 21:09 - 2015-08-18 21:09 - 00000000 ____D C:\ProgramData\{b6f24e06-57ab-5155-b6f2-24e0657a3819}
2015-08-17 22:16 - 2015-08-18 21:29 - 00010834 _____ C:\Users\Katrin\Desktop\Howrse Futter.ods
2015-08-17 18:36 - 2015-08-17 18:37 - 00000000 ____D C:\Users\Katrin\AppData\Local\{7F8127CB-8013-498B-8EA0-D305AE3EE690}
2015-08-17 18:34 - 2015-08-17 18:34 - 00000000 ____D C:\Users\Katrin\AppData\Local\{172D3C9C-E0E8-4153-B0CC-5B691BB49B80}
2015-08-16 11:38 - 2015-08-18 21:09 - 00003256 _____ C:\Windows\System32\Tasks\Superclean
2015-08-16 11:38 - 2015-08-18 21:09 - 00000342 _____ C:\Windows\Tasks\Superclean.job
2015-08-16 11:38 - 2015-08-16 11:38 - 00000000 ____D C:\ProgramData\{7f80dd45-f618-ad6c-7f80-0dd45f617517}
2015-08-15 10:29 - 2015-08-15 10:29 - 00000000 ____D C:\Program Files (x86)\saviingttoyou
2015-08-15 10:29 - 2015-08-15 10:29 - 00000000 ____D C:\Program Files (x86)\saviinGtioyoiu
2015-08-15 10:28 - 2015-08-15 10:29 - 00000000 ____D C:\Program Files (x86)\savingtoyoui
2015-08-15 10:28 - 2015-08-15 10:28 - 00000000 ____D C:\Program Files (x86)\NewsHub
2015-08-12 22:35 - 2015-08-12 22:35 - 00000000 ____D C:\Program Files (x86)\CaoupScanner
2015-08-12 22:34 - 2015-08-12 22:34 - 00000000 ____D C:\Program Files (x86)\COUpSCanNer
2015-08-12 22:33 - 2015-08-12 22:33 - 00000000 ____D C:\Program Files (x86)\jQuery Debugger
2015-08-12 22:29 - 2015-08-12 22:29 - 00000000 ____D C:\Program Files (x86)\CoUpScANiner
2015-08-07 20:55 - 2015-08-07 20:56 - 04847032 _____ (Opera Software ASA ) C:\Users\Katrin\Downloads\Opera 9 Eng Setup.exe
2015-08-07 20:45 - 2015-08-07 20:45 - 08969716 _____ C:\Users\Katrin\Downloads\Opera_964_int_Setup [1].exe
2015-08-07 20:43 - 2015-08-07 20:44 - 00894960 _____ (Internet Web ) C:\Users\Katrin\Downloads\Opera_964_int_Setup.exe
2015-07-31 23:40 - 2015-07-31 23:44 - 00000000 ____D C:\0a5fdeaa37df6b20cfe6f0
2015-07-31 23:35 - 2015-07-31 23:40 - 00000000 ____D C:\380cc8c85f97f435a6
2015-07-31 23:30 - 2015-07-31 23:35 - 00000000 ____D C:\ee65a3c4cdf5270d95fcfdb99859a5
2015-07-31 10:03 - 2015-07-31 10:03 - 00000000 ____D C:\Users\Katrin\AppData\Local\GWX
2015-07-30 21:54 - 2015-07-30 21:55 - 00000000 ____D C:\Users\Katrin\AppData\Local\{75440EFD-E967-465E-9BFA-70A34E2FDD28}
2015-07-29 00:08 - 2015-07-29 00:12 - 00000000 ____D C:\037733898ee144e0bf926940
2015-07-29 00:03 - 2015-07-29 00:08 - 00000000 ____D C:\68800b228f25db4b33
2015-07-28 23:59 - 2015-07-29 00:03 - 00000000 ____D C:\b6063ca14a055dc780c00c8aa3ea22
2015-07-28 21:46 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 21:46 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 21:46 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 21:46 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 21:46 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 21:46 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 21:46 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 21:46 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-27 15:38 - 2015-07-27 15:38 - 00000000 ____D C:\Users\Katrin\AppData\Local\{9AE93149-2C54-4AA4-A239-2128780A4042}
2015-07-21 00:40 - 2015-07-21 00:40 - 00000000 _____ C:\Windows\SysWOW64\shoD9ED.tmp
2015-07-20 22:31 - 2015-07-20 22:31 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-20 22:31 - 2015-07-20 22:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-20 22:29 - 2015-08-16 11:19 - 00000946 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-07-20 22:29 - 2015-07-20 22:29 - 00003944 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-07-20 22:20 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-20 22:20 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-20 22:20 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-20 22:20 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-20 22:20 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-20 22:20 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-20 22:20 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-20 22:20 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-20 22:20 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-20 22:20 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-20 22:20 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-20 22:20 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-20 22:18 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-20 22:18 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 22:18 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-20 22:18 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-20 22:18 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-20 22:18 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-20 22:18 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-20 22:18 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-20 22:18 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-20 22:18 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-20 22:18 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-20 22:18 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-20 22:18 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-20 22:18 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-20 22:18 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-20 22:18 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-20 22:18 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-20 22:18 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-20 22:18 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-20 22:18 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-20 22:18 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-20 22:18 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-20 22:18 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-20 22:18 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-20 22:18 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-20 22:18 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-20 22:18 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-20 22:18 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-20 22:17 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-20 22:17 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-20 22:17 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-20 22:16 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-20 22:16 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-20 22:16 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-20 22:16 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-20 22:16 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-20 22:16 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-20 22:16 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-20 22:16 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-20 22:16 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-20 22:16 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-20 22:16 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-20 22:16 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-20 22:16 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-20 22:16 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-20 22:16 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-20 22:16 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-20 22:15 - 2015-07-20 22:15 - 00000000 ____D C:\Users\Katrin\AppData\Local\Opera Software
2015-07-20 22:15 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-20 22:15 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-20 22:15 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-20 22:15 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-20 22:15 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-20 22:15 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-20 22:15 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-20 22:15 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-20 22:15 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-20 22:15 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-20 22:15 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-20 22:15 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-20 22:15 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-20 22:15 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-20 22:15 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-20 22:15 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-20 22:15 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-20 22:15 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-20 22:15 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-20 22:15 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-20 22:15 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-20 22:15 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-20 22:15 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-20 22:15 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-20 22:15 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-20 22:15 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-20 22:15 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-20 22:15 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-20 22:15 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-20 22:15 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-20 22:15 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-20 22:15 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-20 22:15 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-20 22:15 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-20 22:15 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-20 22:15 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-20 22:14 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-20 22:14 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-20 22:14 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-20 22:14 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-20 22:14 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-20 22:14 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-20 22:14 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-20 22:14 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-20 22:13 - 2015-08-06 22:14 - 00003854 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1437423186
2015-07-20 22:13 - 2015-07-20 22:13 - 00001147 _____ C:\Users\Public\Desktop\Opera.lnk
2015-07-20 22:13 - 2015-07-20 22:13 - 00001147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-07-20 22:13 - 2015-07-20 22:13 - 00000000 ____D C:\Users\Katrin\AppData\Roaming\Opera Software
2015-07-20 22:10 - 2015-08-06 22:14 - 00000000 ____D C:\Program Files (x86)\Opera
2015-07-20 22:10 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-20 22:10 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-20 22:10 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-20 22:10 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-20 22:10 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-20 22:10 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-20 22:10 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-20 22:10 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-20 22:10 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-20 22:10 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-20 22:10 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-20 22:10 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-20 22:10 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-20 22:10 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-20 22:10 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-20 22:10 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-20 22:10 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-20 22:10 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-20 22:10 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-20 22:10 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-20 22:10 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-20 22:10 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-20 22:10 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-20 22:10 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-20 22:10 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-20 22:10 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-20 22:10 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-20 22:10 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-20 22:10 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-20 22:10 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-20 22:10 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-20 22:10 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-20 22:10 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-20 22:10 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-20 22:10 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-20 22:10 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-20 22:10 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-20 22:10 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-20 22:10 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-20 22:10 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-20 22:10 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-20 22:10 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-20 22:10 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-20 22:10 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-20 22:10 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-20 22:10 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-20 22:10 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-20 22:10 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-20 22:09 - 2015-07-20 22:10 - 00687528 _____ (Opera Software) C:\Users\Katrin\Downloads\Opera_NI_stable.exe
2015-07-20 21:21 - 2015-07-20 21:21 - 00000000 ____D C:\Users\Katrin\AppData\Local\{C293AA5C-E483-4B6D-A031-741B0147E890}
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-18 22:19 - 2014-03-27 22:42 - 00000000 ____D C:\FRST
2015-08-18 22:15 - 2011-09-25 13:13 - 00000000 ____D C:\Users\Katrin
2015-08-18 22:12 - 2009-07-14 06:45 - 00023440 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-18 22:12 - 2009-07-14 06:45 - 00023440 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-18 22:07 - 2015-06-17 20:21 - 00001232 _____ C:\Users\Katrin\Desktop\Spielplan.txt
2015-08-18 22:04 - 2015-02-21 20:29 - 00000148 _____ C:\Windows\Reimage.ini
2015-08-18 21:57 - 2011-08-16 19:15 - 01775058 _____ C:\Windows\WindowsUpdate.log
2015-08-18 20:57 - 2012-03-02 12:47 - 00001142 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2455217175-4274658696-198378322-1000UA.job
2015-08-18 20:54 - 2012-03-02 12:47 - 00001120 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2455217175-4274658696-198378322-1000Core.job
2015-08-18 20:51 - 2011-12-12 18:50 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{77177907-A101-456D-BC6D-99E3A6237DE9}
2015-08-16 11:37 - 2011-07-25 11:56 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support
2015-08-15 10:30 - 2015-02-01 13:40 - 00000000 ____D C:\ProgramData\417994988090366824
2015-08-15 10:08 - 2011-08-17 05:07 - 00766186 _____ C:\Windows\system32\perfh007.dat
2015-08-15 10:08 - 2011-08-17 05:07 - 00175126 _____ C:\Windows\system32\perfc007.dat
2015-08-15 10:08 - 2009-07-14 07:13 - 01808470 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-12 22:35 - 2015-06-09 10:22 - 00000079 _____ C:\Program Files (x86)\prefs.js
2015-08-11 20:40 - 2009-07-14 06:51 - 00249310 _____ C:\Windows\setupact.log
2015-08-10 23:16 - 2013-05-01 22:51 - 00000000 ____D C:\Users\Katrin\AppData\Local\Akamai
2015-08-09 21:59 - 2015-04-29 10:16 - 00000000 ____D C:\Users\Katrin\AppData\Roaming\WTablet
2015-08-09 21:57 - 2010-11-21 05:47 - 00818418 _____ C:\Windows\PFRO.log
2015-08-09 21:57 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-31 23:44 - 2011-09-25 13:32 - 01836088 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-07-31 20:53 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT
2015-07-31 20:29 - 2007-07-12 03:49 - 00000000 ____D C:\Windows\Panther
2015-07-28 23:48 - 2014-05-08 00:09 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-25 18:36 - 2015-04-07 23:42 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-22 20:32 - 2015-06-21 17:02 - 00000000 ____D C:\Program Files (x86)\FaIneDEaalSofTT
2015-07-21 12:20 - 2009-07-14 06:45 - 18823360 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 12:16 - 2015-04-07 23:42 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-21 12:16 - 2014-12-16 12:33 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-21 12:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-20 23:39 - 2013-08-11 09:12 - 00000000 ____D C:\Windows\system32\MRT
2015-07-20 22:40 - 2011-09-25 13:15 - 00000000 ____D C:\Users\Katrin\AppData\Local\Adobe
2015-07-20 22:31 - 2012-03-05 17:16 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-20 22:29 - 2015-06-05 21:25 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-20 22:29 - 2015-06-05 21:25 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-20 22:24 - 2014-12-24 16:08 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-01-22 14:23 - 2013-01-22 14:22 - 0021494 _____ () C:\Program Files (x86)\0x0409.ini
2013-01-22 14:23 - 2013-01-22 14:22 - 0003584 _____ () C:\Program Files (x86)\1033.MST
2015-06-09 10:22 - 2015-08-12 22:35 - 0000079 _____ () C:\Program Files (x86)\prefs.js
2013-01-22 14:23 - 2013-01-22 14:22 - 67047424 _____ () C:\Program Files (x86)\Samsung Kies.msi
2012-04-19 16:52 - 2014-11-11 13:19 - 0000132 _____ () C:\Users\Katrin\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-12-08 21:18 - 2014-12-08 21:18 - 2004448 _____ (home) C:\Users\Katrin\AppData\Roaming\PJXXML.exe
2014-12-08 21:18 - 2014-12-08 21:18 - 1520608 _____ (home) C:\Users\Katrin\AppData\Roaming\TZ.exe
2015-04-22 19:55 - 2015-04-22 19:56 - 0011708 _____ () C:\Users\Katrin\AppData\Local\Temp-log.txt
2015-05-11 23:13 - 2015-05-11 23:13 - 0000000 _____ () C:\Users\Katrin\AppData\Local\Temp.dat
2012-04-01 21:28 - 2012-04-01 21:33 - 0000356 _____ () C:\ProgramData\hpzinstall.log
2014-03-24 20:12 - 2014-03-24 20:12 - 0000032 _____ () C:\ProgramData\Temp.log
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Public\AlexaNSISPlugin.2168.dll
Einige Dateien in TEMP:
====================
C:\Users\Katrin\AppData\Local\Temp\AcDeltree.exe
C:\Users\Katrin\AppData\Local\Temp\BackupSetup.exe
C:\Users\Katrin\AppData\Local\Temp\bstrapInstall.exe
C:\Users\Katrin\AppData\Local\Temp\DivXSetup.exe
C:\Users\Katrin\AppData\Local\Temp\divx_cd_autostart.exe
C:\Users\Katrin\AppData\Local\Temp\dlLogic.exe
C:\Users\Katrin\AppData\Local\Temp\dltr.exe
C:\Users\Katrin\AppData\Local\Temp\DWPUpgradeInstaller.exe
C:\Users\Katrin\AppData\Local\Temp\EAD7409.exe
C:\Users\Katrin\AppData\Local\Temp\EAD9932.exe
C:\Users\Katrin\AppData\Local\Temp\EADAB.exe
C:\Users\Katrin\AppData\Local\Temp\Execute2App.exe
C:\Users\Katrin\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Katrin\AppData\Local\Temp\GCVerifier.dll
C:\Users\Katrin\AppData\Local\Temp\i4jdel0.exe
C:\Users\Katrin\AppData\Local\Temp\ICReinstall_Opera_964_int_Setup.exe
C:\Users\Katrin\AppData\Local\Temp\InstallAX.exe
C:\Users\Katrin\AppData\Local\Temp\installerdll11255565.dll
C:\Users\Katrin\AppData\Local\Temp\installerdll12362096.dll
C:\Users\Katrin\AppData\Local\Temp\installerdll12375106.dll
C:\Users\Katrin\AppData\Local\Temp\installerdll12774344.dll
C:\Users\Katrin\AppData\Local\Temp\installerdll142304.dll
C:\Users\Katrin\AppData\Local\Temp\installerdll67033.dll
C:\Users\Katrin\AppData\Local\Temp\installerdll839285.dll
C:\Users\Katrin\AppData\Local\Temp\installerdll900078.dll
C:\Users\Katrin\AppData\Local\Temp\InstallPlugin.exe
C:\Users\Katrin\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Katrin\AppData\Local\Temp\Kies2RemoveAll.exe
C:\Users\Katrin\AppData\Local\Temp\msvcp90.dll
C:\Users\Katrin\AppData\Local\Temp\msvcr90.dll
C:\Users\Katrin\AppData\Local\Temp\optprosetup.exe
C:\Users\Katrin\AppData\Local\Temp\Quarantine.exe
C:\Users\Katrin\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Katrin\AppData\Local\Temp\rootsupd.exe
C:\Users\Katrin\AppData\Local\Temp\sdan.exe
C:\Users\Katrin\AppData\Local\Temp\sdapk.exe
C:\Users\Katrin\AppData\Local\Temp\sdaspwn.exe
C:\Users\Katrin\AppData\Local\Temp\Setup-Giga1.exe
C:\Users\Katrin\AppData\Local\Temp\Setup.exe
C:\Users\Katrin\AppData\Local\Temp\supoptsetup.exe
C:\Users\Katrin\AppData\Local\Temp\TuneUpUtilities2013_de-AT.exe
C:\Users\Katrin\AppData\Local\Temp\uninst1.exe
C:\Users\Katrin\AppData\Local\Temp\UninstallEADM.dll
C:\Users\Katrin\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Katrin\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Katrin\AppData\Local\Temp\verifier.exe
C:\Users\Katrin\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
C:\Users\Katrin\AppData\Local\Temp\_is9607.exe
C:\Users\Katrin\AppData\Local\Temp\_isD327.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2014-02-19 20:06
==================== Ende von Ergebnis ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-08-2015
durchgeführt von Katrin (2015-08-18 22:20:37)
Gestartet von C:\Users\Katrin\Downloads
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2455217175-4274658696-198378322-500 - Administrator - Disabled)
Gast (S-1-5-21-2455217175-4274658696-198378322-501 - Limited - Disabled)
Katrin (S-1-5-21-2455217175-4274658696-198378322-1000 - Administrator - Enabled) => C:\Users\Katrin
Martin (S-1-5-21-2455217175-4274658696-198378322-1006 - Limited - Enabled) => C:\Users\Martin
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
.avi-CD Autostart 1.2.0 (HKLM-x32\...\.avi-CD Autostart_is1) (Version: - Aaron Spettl)
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{439760BC-7737-4386-9B1D-A90A3E8A22EA}) (Version: 3.4.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{E7F13A64-2E17-6800-06A9-D898C728A755}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Autodesk Backburner 2012.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2012.0.0 - Autodesk, Inc.)
Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit (HKLM\...\Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit) (Version: - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2012 (HKLM-x32\...\{B5751715-EC10-43D9-8C95-62E1368433EF}) (Version: 2.5.0.8 - Autodesk)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CaoupScanner (HKLM-x32\...\{80E8B0A0-117D-1402-7CDE-688156237115}) (Version: - CoupScanner) <==== ACHTUNG
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Composite 2012 64-bit (HKLM\...\{EA234BC3-39FE-4734-B72F-076086889F6D}) (Version: 7.0.0 - Autodesk)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1720_38230 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.54.95 - Electronic Arts)
Die*Sims*Mittelalter (HKLM-x32\...\{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}) (Version: 2.0.113 - Electronic Arts)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
DJ_AIO_06_F4500_SW_MIN (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
EA Download Manager (HKLM-x32\...\EADM) (Version: 5.0.0.255 - Electronic Arts, Inc.)
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: - Steinberg Media Technologies GmbH)
ETDWare PS/2-X64 8.0.6.0_WHQL (HKLM\...\Elantech) (Version: 8.0.6.0 - ELAN Microelectronic Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free YouTube Download version 3.0.20.1228 (HKLM-x32\...\Free YouTube Download_is1) (Version: - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.10.14.1206 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GetTheDiscount (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version: - GetTheDiscount) <==== ACHTUNG
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
HomeMedia (HKLM-x32\...\{AA4BF92B-2AAF-11DA-9D78-000129760D75}) (Version: 2.0.8920 - CyberLink Corporation)
HP Deskjet F4500 All-in-One Driver 14.0 Rel. 6 (HKLM\...\{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}) (Version: 14.0 - HP)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Packard Bell)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
iTunes (HKLM\...\{997C9EC4-B53D-479D-81B7-0AEC8D174BA1}) (Version: 10.4.1.10 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.710 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
jQuery Debugger (HKLM-x32\...\{5C28578D-D0F1-699F-01B0-CC0653A28C11}) (Version: - "")
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kurso de Esperanto 4 (HKLM-x32\...\{021F206C-3243-420E-9F0B-82639583E425}_is1) (Version: 4.1.1 - Esperanto)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Packard Bell)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.8.11000.8.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{68AFA3A7-9265-4ABD-994A-ACA413E3715C}) (Version: 10.6.10300 - Nero AG)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
NewsHub (HKLM-x32\...\{F6423EE4-93D8-FA04-D09D-A8598F6EFDFD}) (Version: - "") <==== ACHTUNG
NexusFont 2.5 (ver 2.5.4.1400) (HKLM-x32\...\{EFEDD205-43FE-4208-B682-0937E803E19E}_is1) (Version: - xiles)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Opera Stable 31.0.1889.99 (HKLM-x32\...\Opera 31.0.1889.99) (Version: 31.0.1889.99 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.04.3502 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.1025.2010 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.)
Packard Bell Social Networks (x32 Version: 3.0.3106 - CyberLink Corp.) Hidden
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Packard Bell)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayCatan Zugangssoftware (HKLM-x32\...\PlayCatan Client) (Version: 3.1148 - Catan GmbH)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30123 - Realtek Semiconductor Corp.)
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.2.0 - Reimage) <==== ACHTUNG
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
saviingttoyou (HKLM-x32\...\{A2616871-3463-BCEE-5AFA-73773317A381}) (Version: - "") <==== ACHTUNG
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Spotify (HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\Spotify) (Version: 0.9.4.178.g259772ba - Spotify AB)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Steinberg Cubase 6 64bit (HKLM\...\{C6651CD0-4892-4465-96AC-C9864A695FF9}) (Version: 6.0.5 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.5.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content (HKLM-x32\...\{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82}) (Version: 1.5.2.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 2.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content 2 (HKLM-x32\...\{88C337F0-4CF2-4098-BDC0-D94859ECA2B4}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Stifttablett (HKLM-x32\...\Pen Tablet Driver) (Version: - Wacom Technology Corp.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SystemPreserve (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{ce0aaa3b}) (Version: - Software Publisher) <==== ACHTUNG
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Unity Web Player (HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2455217175-4274658696-198378322-1006\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Web Camera (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2904.00 - CyberLink Corp.)
Video Web Camera (x32 Version: 1.5.2904.00 - CyberLink Corp.) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.4 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.3 - Wacom Technology Corp.)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3503 - Packard Bell)
WildTangent Games App (x32 Version: 4.0.11.9 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Wizard101(DE) (HKU\S-1-5-21-2455217175-4274658696-198378322-1006\...\Wizard101(DE)_is1) (Version: - Gameforge 4D GmbH)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2455217175-4274658696-198378322-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Katrin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2455217175-4274658696-198378322-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2455217175-4274658696-198378322-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2455217175-4274658696-198378322-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2455217175-4274658696-198378322-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0320B9DC-1004-423C-B96C-A22A55467142} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-05-20] (CyberLink)
Task: {1F5552FA-0FF4-4A9A-8F9B-ACCC3D7C266A} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2455217175-4274658696-198378322-1000
Task: {24FB42EA-E1E8-4CA1-A974-2CD3C61983E0} - System32\Tasks\{2F30E417-2728-4869-BFE4-6C694D744743} => pcalua.exe -a C:\Users\Katrin\Downloads\gamesplayerinstall(2).exe -d C:\Users\Katrin\Downloads
Task: {3114661F-7A9C-4F98-BA74-43CFD5A3071E} - System32\Tasks\{DEB83D54-97BD-45F7-97B4-2C2BDBC21567} => pcalua.exe -a D:\Sims3Setup.exe -d D:\
Task: {33A7B15E-256D-43C8-B3DF-30D5E60304B5} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe [2015-07-20] (Adobe Systems Incorporated)
Task: {46D49838-A182-4F18-9BFF-27E0F435766B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2455217175-4274658696-198378322-1000UA => C:\Users\Katrin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-04] (Facebook Inc.)
Task: {4BF1FE6A-31A6-47F5-AA3A-FD7AAC5C24D7} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-05-19] (Reimage®) <==== ACHTUNG
Task: {4CBCFB91-1206-4F84-B46E-DE391327D07E} - System32\Tasks\NBAgent => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-07-06] (Nero AG)
Task: {595D1A15-CABD-4F08-971D-00B7100FB283} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {9200AD5C-28C4-4821-BD8E-BD9DBC666AC4} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe [2015-07-27] (Reimage ltd.) <==== ACHTUNG
Task: {92C0DD9D-F828-42AF-8BFF-0F3F03C330E9} - System32\Tasks\{66D16A3C-0A42-4EBC-8132-29344CFF9849} => pcalua.exe -a "C:\Users\Katrin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q381I1E6\fxsetup.exe" -d C:\Users\Katrin\Desktop
Task: {9DE64921-E8F3-424A-9FEB-3ABBF33FB8F8} - System32\Tasks\AdobeAAMUpdater-1.0-Katrin-PC-Katrin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {A8C947F3-6654-4E67-87E8-E6059A991CB7} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2014-09-04] (Adobe Systems Incorporated)
Task: {B56E4A4E-D982-49C8-ADCB-232AC5B9EAED} - System32\Tasks\{8FCD024C-B72B-4A00-8EF0-4E700F96E162} => pcalua.exe -a C:\ProgramData\ssaveroon\RYTK2pJg3TOEtG.exe -c /s /n /i:"ExecuteCommands;UninstallCommands" ""
Task: {C0B63EBA-BB74-4053-AECD-5F436FED351B} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {D3DAB2C6-BBCE-49A6-BAFE-0C2ACFCD0C89} - System32\Tasks\{B4C1923A-BA5F-4901-8191-0EFF52C8A422} => pcalua.exe -a C:\ProgramData\Deaol2iDealit\nf5DFool9mFdcN.exe -c /s /n /i:"ExecuteCommands;UninstallCommands" ""
Task: {D7D9C284-0B70-4225-BC7D-565942499A44} - System32\Tasks\{ACB5E49B-B32A-45B7-A2C5-CCEA8FDC18A3} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}\SimsMedievalSetup.exe" -c -runfromtemp -l0x0007 -removeonly
Task: {E79C6358-E883-420D-AEDD-304F89290A8B} - System32\Tasks\{C5237E6C-897C-421F-89EA-A86B1AA287A9} => C:\Program Files (x86)\Buena Vista Games\Desperate Housewives\DesperateHousewives.exe
Task: {F2AE96B2-4231-4327-8B57-33AEA2D9D3EC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2455217175-4274658696-198378322-1000Core => C:\Users\Katrin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-04] (Facebook Inc.)
Task: {F7D5FC09-1766-492D-9AF9-91389631D511} - System32\Tasks\Superclean => c:\programdata\{b6f24e06-57ab-5155-b6f2-24e0657a3819}\hqghumeaylnlf.exe [2014-08-18] (Super PC Tools Ltd) <==== ACHTUNG
Task: {F959A88A-5044-4C8C-BB8A-3965AB2C96D0} - System32\Tasks\Opera scheduled Autoupdate 1437423186 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-30] (Opera Software)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2455217175-4274658696-198378322-1000Core.job => C:\Users\Katrin\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2455217175-4274658696-198378322-1000UA.job => C:\Users\Katrin\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\Superclean.job => c:\programdata\{b6f24e06-57ab-5155-b6f2-24e0657a3819}\hqghumeaylnlf.exe <==== ACHTUNG
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2015-05-19 12:46 - 2015-05-19 12:46 - 06759912 _____ () C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
2015-01-12 14:44 - 2015-01-12 14:44 - 02133504 _____ () c:\Program Files (x86)\SystemPreserve\SystemPreserve.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2011-07-25 11:18 - 2011-01-13 02:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-07-20 22:31 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2015-07-20 22:31 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2015-08-06 22:14 - 2015-08-06 22:14 - 58599032 _____ () C:\Program Files (x86)\Opera\31.0.1889.99\opera.dll
2015-08-06 22:14 - 2015-08-06 22:14 - 01781368 _____ () C:\Program Files (x86)\Opera\31.0.1889.99\libglesv2.dll
2015-08-06 22:14 - 2015-08-06 22:14 - 00081528 _____ () C:\Program Files (x86)\Opera\31.0.1889.99\libegl.dll
2015-07-20 22:29 - 2015-07-20 22:29 - 16307888 _____ () C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Katrin\Lokale Einstellungen:a43Cjom7bb6rfDhpFlKPxhiu
AlternateDataStreams: C:\Users\Katrin\Lokale Einstellungen:O1pr20QndOfWjqkxGTpv5
AlternateDataStreams: C:\Users\Katrin\AppData\Local:a43Cjom7bb6rfDhpFlKPxhiu
AlternateDataStreams: C:\Users\Katrin\AppData\Local:O1pr20QndOfWjqkxGTpv5
AlternateDataStreams: C:\Users\Katrin\AppData\Local\Anwendungsdaten:a43Cjom7bb6rfDhpFlKPxhiu
AlternateDataStreams: C:\Users\Katrin\AppData\Local\Anwendungsdaten:O1pr20QndOfWjqkxGTpv5
AlternateDataStreams: C:\Users\Katrin\AppData\Local\Temporary Internet Files:TY5E7Mafb9WPC77oY2rKN
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\aeriagames.com -> hxxp://aeriagames.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2455217175-4274658696-198378322-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
HKU\S-1-5-21-2455217175-4274658696-198378322-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 82.163.143.172 - 82.163.142.174
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^Users^Katrin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Katrin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EA Core => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
MSCONFIG\startupreg: ETDCtrl => %ProgramFiles%\Elantech\ETDCtrl.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\Katrin\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: Power Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RESTART_STICKY_NOTES => C:\Windows\System32\StikyNot.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Katrin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{2E2145BE-A74B-44B1-8B16-9BDEA941B951}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{9CAB31BE-7A75-4657-BD3F-169E8D4A5A89}] => (Allow) LPort=2869
FirewallRules: [{596BD085-D099-4072-8924-3534BB0BD10E}] => (Allow) LPort=1900
FirewallRules: [{118DAC96-3027-42FC-A8AD-0E53FDA4C67F}] => (Allow) C:\Program Files (x86)\CyberLink\HomeMedia\HomeMedia.exe
FirewallRules: [{1DB02CF5-E5FD-44C3-8E00-220D87329432}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{AD79A16E-0CBD-4FBC-9330-7356FD7C95ED}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BEB3A0FF-ECA1-4E20-A4A7-10995D11F7EE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4AEAB6D4-EA70-4BFF-B6F5-1D2522786CC7}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{890652D6-5B65-48CC-BDF7-A4ADE3105F0F}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{3D9EC7C3-7679-48EE-B59A-1591D88B586C}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{B66DB85C-D4A0-411C-92BD-A45D692A7394}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{76EE452D-259C-4556-8AB8-0DA6B7313D85}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{ED5EEDF3-DA59-42FB-8BA8-99C1EED7F1F7}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{80FF1608-B557-4AAF-9E1B-173270B339B1}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{A887EAA1-6532-484C-939B-F24F34C91B5D}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{3B752B93-C345-425E-842E-C760130496C2}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{854BFFD7-6677-46AD-8BF8-9CA312EB9BB7}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\3dsmax.exe
FirewallRules: [{68831568-F536-45B6-A9BE-BEC1BBE0C09C}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\3dsmax.exe
FirewallRules: [{E28F3B4E-5A50-4656-9DAF-BBE9F9B1EE92}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
FirewallRules: [{21ACBB0E-D793-4ED8-9D38-6FAE31C992D7}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
FirewallRules: [{D5EACDF4-7876-4366-B055-26E9DDF753C6}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64.exe
FirewallRules: [{3C638B32-1A49-4F8B-BF9A-2DDBD075B268}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64.exe
FirewallRules: [TCP Query User{5767AA50-5B52-4457-875D-D9029DBCE5C3}C:\program files\steinberg\cubase 6\cubase6.exe] => (Allow) C:\program files\steinberg\cubase 6\cubase6.exe
FirewallRules: [UDP Query User{1C6F2059-E555-4F20-A74B-012D9BB0F81F}C:\program files\steinberg\cubase 6\cubase6.exe] => (Allow) C:\program files\steinberg\cubase 6\cubase6.exe
FirewallRules: [TCP Query User{6BC4D746-D771-4BFE-BE86-6B3B22949E1D}C:\program files\steinberg\cubase 6\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 6\components\vstbridgeapp.exe
FirewallRules: [UDP Query User{401D6E87-44A7-448B-AED3-3EBE1DFA0F08}C:\program files\steinberg\cubase 6\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 6\components\vstbridgeapp.exe
FirewallRules: [{FC8D8E40-CD3F-4A20-B7C5-83A9EF738236}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{AB5A1335-5C1F-4EF6-9C44-63EE42A12745}] => (Allow) C:\Users\Katrin\AppData\Local\Temp\7zS4EB5\setup\hpznui40.exe
FirewallRules: [{9E8054C1-BB4B-4715-933F-29523F65BDF2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{1BC91A5B-2D66-40C2-A653-57AE7FDFE606}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{15859FA2-F01E-4A3D-B41F-4366EDCEB583}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [TCP Query User{FF67B927-EC08-4793-A235-098E6B54D3F8}C:\users\katrin\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\katrin\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{8C4FF2E9-A4C1-44D2-9137-79D5153898FF}C:\users\katrin\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\katrin\appdata\local\akamai\netsession_win.exe
FirewallRules: [{747E323F-DAC8-4F8B-8F2B-C0414E4CA39F}] => (Allow) C:\AeriaGames\EdenEternal-DE\_Launcher.exe
FirewallRules: [{2B1D03E7-C261-4BE4-AF00-1631FF0F92F9}] => (Allow) C:\AeriaGames\EdenEternal-DE\_Launcher.exe
FirewallRules: [{FC432E7B-2DD7-41D4-BDF7-B7E128EB15CD}] => (Allow) C:\AeriaGames\EdenEternal-DE\_Launcher.exe
FirewallRules: [{8A80D549-EA1E-4FA3-A42B-C05E0B69A5CF}] => (Allow) C:\AeriaGames\EdenEternal-DE\_Launcher.exe
FirewallRules: [TCP Query User{81D69A74-DE64-478F-8544-4620756C48CB}C:\users\katrin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\katrin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5DB9527E-78CB-4357-99D2-E3D1D8282CDB}C:\users\katrin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\katrin\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{94024430-A30A-4511-8E28-757DB8AD2240}C:\users\katrin\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\katrin\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{2E58B01A-EDC0-465C-9712-E138FD0C7C2D}C:\users\katrin\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\katrin\appdata\local\akamai\netsession_win.exe
FirewallRules: [{D66DCD1D-9F99-4497-BB75-7DB0CBCF8951}] => (Allow) C:\Users\Katrin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{25ED5E4A-8D12-4F5A-BCC9-FE6730598B2C}] => (Allow) C:\Users\Katrin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{C6544234-7719-47A2-9369-178245B6E831}C:\users\katrin\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\katrin\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{6460434E-B11F-4728-99E3-EF9E88F68C1C}C:\users\katrin\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\katrin\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{5C60F32B-8704-4CAA-940B-DC77FCF4608A}] => (Allow) C:\Users\Katrin\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{0B963D84-A336-4503-9A7E-CE9662FC3191}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{A9F33512-2C1E-4EC8-9729-B2459A7B3A29}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{E5C2EE14-41E4-4DAE-B671-F2FE44949C39}] => (Allow) LPort=49170
FirewallRules: [{8ADC90EC-8E0A-46EF-8B1E-22FFEDA17041}] => (Allow) LPort=5000
FirewallRules: [{E417D833-194F-4A81-B5AC-1C528C6CD20F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F546CECA-C8F7-492D-87B1-9F5A2EFAA6CF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Konnte Geräte nicht auflisten. Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/18/2015 09:50:55 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{e9afa979-c82a-11e0-8df3-806e6f6e6963} - 0000000000000154,0x0053c008,00000000002CE7C0,0,0000000000309FD0,4096,[0])". hr = 0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (08/18/2015 09:40:01 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x81000101).
Error: (08/18/2015 09:18:00 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (08/17/2015 09:01:44 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{e9afa979-c82a-11e0-8df3-806e6f6e6963} - 0000000000000150,0x0053c008,00000000003CE7C0,0,0000000000409FD0,4096,[0])". hr = 0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (08/17/2015 08:51:34 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x81000101).
Error: (08/17/2015 07:19:53 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (08/17/2015 07:01:35 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{e9afa979-c82a-11e0-8df3-806e6f6e6963} - 0000000000000150,0x0053c008,000000000044E7C0,0,00000000002C9FD0,4096,[0])". hr = 0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (08/17/2015 06:50:22 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x81000101).
Error: (08/16/2015 11:48:42 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (08/15/2015 03:31:54 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{e9afa979-c82a-11e0-8df3-806e6f6e6963} - 0000000000000150,0x0053c008,00000000002FE7C0,0,00000000001F9FD0,4096,[0])". hr = 0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Systemfehler:
=============
Error: (08/18/2015 09:50:54 PM) (Source: volsnap) (EventID: 67) (User: )
Description: Die Schattenkopie des erstellten Volumes "C:" konnte nicht installiert werden.
Error: (08/17/2015 09:01:44 PM) (Source: volsnap) (EventID: 67) (User: )
Description: Die Schattenkopie des erstellten Volumes "C:" konnte nicht installiert werden.
Error: (08/17/2015 07:01:35 PM) (Source: volsnap) (EventID: 67) (User: )
Description: Die Schattenkopie des erstellten Volumes "C:" konnte nicht installiert werden.
Error: (08/15/2015 03:31:54 PM) (Source: volsnap) (EventID: 67) (User: )
Description: Die Schattenkopie des erstellten Volumes "C:" konnte nicht installiert werden.
Error: (08/15/2015 01:31:51 PM) (Source: volsnap) (EventID: 67) (User: )
Description: Die Schattenkopie des erstellten Volumes "C:" konnte nicht installiert werden.
Error: (08/15/2015 11:36:15 AM) (Source: volsnap) (EventID: 67) (User: )
Description: Die Schattenkopie des erstellten Volumes "C:" konnte nicht installiert werden.
Error: (08/15/2015 01:32:57 AM) (Source: volsnap) (EventID: 67) (User: )
Description: Die Schattenkopie des erstellten Volumes "C:" konnte nicht installiert werden.
Error: (08/13/2015 09:44:17 PM) (Source: volsnap) (EventID: 67) (User: )
Description: Die Schattenkopie des erstellten Volumes "C:" konnte nicht installiert werden.
Error: (08/13/2015 12:21:02 AM) (Source: volsnap) (EventID: 67) (User: )
Description: Die Schattenkopie des erstellten Volumes "C:" konnte nicht installiert werden.
Error: (08/11/2015 09:21:19 PM) (Source: volsnap) (EventID: 67) (User: )
Description: Die Schattenkopie des erstellten Volumes "C:" konnte nicht installiert werden.
Microsoft Office:
=========================
Error: (08/18/2015 09:50:55 PM) (Source: VSS) (EventID: 12289) (User: )
Description: DeviceIoControl(\\?\Volume{e9afa979-c82a-11e0-8df3-806e6f6e6963} - 0000000000000154,0x0053c008,00000000002CE7C0,0,0000000000309FD0,4096,[0])0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (08/18/2015 09:40:01 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101
Error: (08/18/2015 09:18:00 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (08/17/2015 09:01:44 PM) (Source: VSS) (EventID: 12289) (User: )
Description: DeviceIoControl(\\?\Volume{e9afa979-c82a-11e0-8df3-806e6f6e6963} - 0000000000000150,0x0053c008,00000000003CE7C0,0,0000000000409FD0,4096,[0])0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (08/17/2015 08:51:34 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101
Error: (08/17/2015 07:19:53 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (08/17/2015 07:01:35 PM) (Source: VSS) (EventID: 12289) (User: )
Description: DeviceIoControl(\\?\Volume{e9afa979-c82a-11e0-8df3-806e6f6e6963} - 0000000000000150,0x0053c008,000000000044E7C0,0,00000000002C9FD0,4096,[0])0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (08/17/2015 06:50:22 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101
Error: (08/16/2015 11:48:42 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (08/15/2015 03:31:54 PM) (Source: VSS) (EventID: 12289) (User: )
Description: DeviceIoControl(\\?\Volume{e9afa979-c82a-11e0-8df3-806e6f6e6963} - 0000000000000150,0x0053c008,00000000002FE7C0,0,00000000001F9FD0,4096,[0])0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
CodeIntegrity:
===================================
Date: 2013-04-08 14:34:08.289
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:34:08.264
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:34:06.213
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:34:06.187
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:34:04.143
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:34:04.109
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:34:02.029
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:34:02.003
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:33:59.924
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:33:59.898
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 66%
Installierter physikalischer RAM: 3947.86 MB
Verfügbarer physikalischer RAM: 1307.34 MB
Summe virtueller Speicher: 7893.93 MB
Verfügbarer virtueller Speicher: 3961.91 MB
==================== Laufwerke ================================
Drive c: (Packard Bell) (Fixed) (Total:445.66 GB) (Free:148.56 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 5306F673)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=445.7 GB) - (Type=07 NTFS)
==================== Ende von Ergebnis ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-08-18 22:50:48
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD50 rev.01.0 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Katrin\AppData\Local\Temp\pxriipob.sys
---- Threads - GMER 2.1 ----
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3488:2060] 0000000076817587
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3488:5048] 0000000069e07712
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3488:2964] 0000000077211415
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3488:3760] 0000000077222855
---- Processes - GMER 2.1 ----
Library C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (*** suspicious ***) @ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [1124] 0000000000e50000
---- EOF - GMER 2.1 ----
|
|
18.08.2015, 22:47
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Windows 7: Opera, verlinkte Wörter auf Website und Werbefenster Hi,
__________________Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Gib Bescheid wenn das erledigt ist oder du an einer Stelle nicht weiterkommst.
__________________ |
|
19.08.2015, 09:54
| #3 |
| | Windows 7: Opera, verlinkte Wörter auf Website und Werbefenster Alles erledigt.
__________________Freu mich dass so schnell geantwortet wurde. Ready for the next step. lg yukiona |
|
19.08.2015, 10:13
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Opera, verlinkte Wörter auf Website und Werbefenster Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
19.08.2015, 13:09
| #5 |
| | Windows 7: Opera, verlinkte Wörter auf Website und Werbefenster Hier mal .txt von 1 und 2 Code:
ATTFilter # AdwCleaner v5.002 - Bericht erstellt 19/08/2015 um 13:45:57
# Aktualisiert 18/08/2015 von Xplode
# Datenbank : 2015-08-18.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Katrin - KATRIN-PC
# Gestarted von : C:\Users\Katrin\Downloads\AdwCleaner_5.002.exe
# Option : Löschen
***** [ Dienste ] *****
[-] Dienst Gelöscht : ReimageRealTimeProtector
[-] Dienst Gelöscht : {d749cb38-e48d-4f33-bfd4-0edca43efe21}Gw64
[-] Dienst Gelöscht : tcfd_vt_1_10_0_21
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\rei
[-] Ordner Gelöscht : C:\Program Files\Reimage
[-] Ordner Gelöscht : C:\Program Files (x86)\CoupScanner
[-] Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
[-] Ordner Gelöscht : C:\Program Files (x86)\GrabRez
[-] Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
[-] Ordner Gelöscht : C:\Program Files (x86)\ClicakFoRSale
[-] Ordner Gelöscht : C:\Program Files (x86)\CoolSaleCouPon
[-] Ordner Gelöscht : C:\Program Files (x86)\coupOnpEaK
[-] Ordner Gelöscht : C:\Program Files (x86)\CoUpScANiner
[!] Ordner Nicht Gelöscht : C:\Program Files (x86)\COUpSCanNer
[-] Ordner Gelöscht : C:\Program Files (x86)\deeALSter
[-] Ordner Gelöscht : C:\Program Files (x86)\deoAl2Dealit
[-] Ordner Gelöscht : C:\Program Files (x86)\DIScoueniteLoicuator
[-] Ordner Gelöscht : C:\Program Files (x86)\downloadditKeep
[-] Ordner Gelöscht : C:\Program Files (x86)\FaIneDEaalSofTT
[-] Ordner Gelöscht : C:\Program Files (x86)\FinEDealSoiftt
[-] Ordner Gelöscht : C:\Program Files (x86)\FllexiblEShoPpeR
[-] Ordner Gelöscht : C:\Program Files (x86)\LucakyCoUponn
[-] Ordner Gelöscht : C:\Program Files (x86)\PRoSaHopper
[-] Ordner Gelöscht : C:\Program Files (x86)\saferrwebu
[-] Ordner Gelöscht : C:\Program Files (x86)\SAverPro
[-] Ordner Gelöscht : C:\Program Files (x86)\saviinGtioyoiu
[-] Ordner Gelöscht : C:\Program Files (x86)\savingtoyoui
[-] Ordner Gelöscht : C:\Program Files (x86)\SeoFtCoup
[-] Ordner Gelöscht : C:\Program Files (x86)\ShopPerMaasTTer
[-] Ordner Gelöscht : C:\Program Files (x86)\SSaVEErrPro
[-] Ordner Gelöscht : C:\Program Files (x86)\toopddeal
[-] Ordner Gelöscht : C:\Program Files (x86)\WowwCouppOn
[!] Ordner Nicht Gelöscht : C:\Program Files (x86)\GrabRez
[-] Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
[-] Ordner Gelöscht : C:\ProgramData\Trymedia
[-] Ordner Gelöscht : C:\ProgramData\WorldWideWebCoupon
[-] Ordner Gelöscht : C:\ProgramData\Reimage Protector
[-] Ordner Gelöscht : C:\ProgramData\d986aa9200002752
[-] Ordner Gelöscht : C:\ProgramData\{7f80dd45-f618-ad6c-7f80-0dd45f617517}
[-] Ordner Gelöscht : C:\ProgramData\{b6f24e06-57ab-5155-b6f2-24e0657a3819}
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reimage repair
[-] Ordner Gelöscht : C:\Users\Katrin\AppData\Local\globalUpdate
[-] Ordner Gelöscht : C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
[-] Ordner Gelöscht : C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
[-] Ordner Gelöscht : C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhhnnnpaeobfddmlalhnehgclcmjimi
[-] Ordner Gelöscht : C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnoejnlbkbnckikbkmnpippafneemknp
[-] Ordner Gelöscht : C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhodhemilmjleephoimbfhoajnglghf
[-] Ordner Gelöscht : C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\peibencbagcfjmachldjenlalojmkila
[-] Ordner Gelöscht : C:\Users\Katrin\AppData\Local\Temp\mt_ffx
[-] Ordner Gelöscht : C:\Users\Katrin\AppData\Roaming\Systweak
[-] Ordner Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilfecopjcmjdgfffklfdkhbkpkmcglh
[-] Ordner Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhhnnnpaeobfddmlalhnehgclcmjimi
[-] Ordner Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnoejnlbkbnckikbkmnpippafneemknp
[-] Ordner Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhodhemilmjleephoimbfhoajnglghf
[-] Ordner Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\peibencbagcfjmachldjenlalojmkila
[-] Ordner Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgabimphpgkjochcoogplolgpcagmap
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Program Files (x86)\mozilla firefox\dbghelp.dll
[-] Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\awesomehp.xml
[-] Datei Gelöscht : C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_dhdepfaagokllfmhfbcfmocaeigmoebo_0
[-] Datei Gelöscht : C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pbjikboenpfhbbejgkoklgkhjpfogcam_0.localstorage
[-] Datei Gelöscht : C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dbhhnnnpaeobfddmlalhnehgclcmjimi_0.localstorage
[-] Datei Gelöscht : C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dbhhnnnpaeobfddmlalhnehgclcmjimi_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dbhhnnnpaeobfddmlalhnehgclcmjimi
[-] Datei Gelöscht : C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jnoejnlbkbnckikbkmnpippafneemknp_0.localstorage
[-] Datei Gelöscht : C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jnoejnlbkbnckikbkmnpippafneemknp_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jnoejnlbkbnckikbkmnpippafneemknp
[-] Datei Gelöscht : C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx
[-] Datei Gelöscht : C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
[-] Datei Gelöscht : C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage
[-] Datei Gelöscht : C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage
[-] Datei Gelöscht : C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\1k37nphq.default\searchplugins\trovi-search.xml
[-] Datei Gelöscht : C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\1k37nphq.default\user.js
[-] Datei Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iilfecopjcmjdgfffklfdkhbkpkmcglh_0.localstorage
[-] Datei Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iilfecopjcmjdgfffklfdkhbkpkmcglh_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_iilfecopjcmjdgfffklfdkhbkpkmcglh_0
[-] Datei Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\iilfecopjcmjdgfffklfdkhbkpkmcglh
[-] Datei Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
[-] Datei Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage
[-] Datei Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
[-] Datei Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mmotraffic.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mmotraffic.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage
[-] Datei Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.v9.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.v9.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
[-] Datei Gelöscht : C:\Windows\Reimage.ini
[-] Datei Gelöscht : C:\Windows\Sysnative\roboot64.exe
***** [ Verknüpfungen ] *****
[-] Verknüpfung Desinfiziert : C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
***** [ Geplante Tasks ] *****
[-] Task Gelöscht : Reimage Reminder
[-] Task Gelöscht : ReimageUpdater
[-] Task Gelöscht : Superclean
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P09684052_490a_4266_8a96_21f3600ec809_.P09684052_490a_4266_8a96_21f3600ec809_
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P09684052_490a_4266_8a96_21f3600ec809_.P09684052_490a_4266_8a96_21f3600ec809_.9
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P14f8eaca_039a_4fbf_8ba2_343b8cac6965_.P14f8eaca_039a_4fbf_8ba2_343b8cac6965_
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P14f8eaca_039a_4fbf_8ba2_343b8cac6965_.P14f8eaca_039a_4fbf_8ba2_343b8cac6965_.9
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P1cf36c61_abd4_47da_9d74_0199c728a106_.P1cf36c61_abd4_47da_9d74_0199c728a106_
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P1cf36c61_abd4_47da_9d74_0199c728a106_.P1cf36c61_abd4_47da_9d74_0199c728a106_.9
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P1ed64809_e364_4ad0_9b02_cd10bd33d942_.P1ed64809_e364_4ad0_9b02_cd10bd33d942_
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P1ed64809_e364_4ad0_9b02_cd10bd33d942_.P1ed64809_e364_4ad0_9b02_cd10bd33d942_.9
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P2EDDEAE4_8E36_43DF_A081_C5664C00BDA6_.P2EDDEAE4_8E36_43DF_A081_C5664C00BDA6_
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P2EDDEAE4_8E36_43DF_A081_C5664C00BDA6_.P2EDDEAE4_8E36_43DF_A081_C5664C00BDA6_.9
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P2fcc1f2e_fa6f_46fc_a6f0_3497c9c80ae3_.P2fcc1f2e_fa6f_46fc_a6f0_3497c9c80ae3_
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P2fcc1f2e_fa6f_46fc_a6f0_3497c9c80ae3_.P2fcc1f2e_fa6f_46fc_a6f0_3497c9c80ae3_.9
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P388774B6_E363_4012_B290_8B7B85302AD0_.P388774B6_E363_4012_B290_8B7B85302AD0_
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P388774B6_E363_4012_B290_8B7B85302AD0_.P388774B6_E363_4012_B290_8B7B85302AD0_.9
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P4ef56571_6ee4_4c71_9a39_0b3948d7fdd8_.P4ef56571_6ee4_4c71_9a39_0b3948d7fdd8_
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P4ef56571_6ee4_4c71_9a39_0b3948d7fdd8_.P4ef56571_6ee4_4c71_9a39_0b3948d7fdd8_.9
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P5184C6ED_CECB_4729_A5C9_C0FC0783C760_.P5184C6ED_CECB_4729_A5C9_C0FC0783C760_
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P5184C6ED_CECB_4729_A5C9_C0FC0783C760_.P5184C6ED_CECB_4729_A5C9_C0FC0783C760_.9
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Pb5cf4d3d_af1b_4451_9806_7e0088bbc63c_.Pb5cf4d3d_af1b_4451_9806_7e0088bbc63c_
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Pb5cf4d3d_af1b_4451_9806_7e0088bbc63c_.Pb5cf4d3d_af1b_4451_9806_7e0088bbc63c_.9
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PC4C8DD2C_3163_461D_B2FE_15287B2362C3_.PC4C8DD2C_3163_461D_B2FE_15287B2362C3_
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PC4C8DD2C_3163_461D_B2FE_15287B2362C3_.PC4C8DD2C_3163_461D_B2FE_15287B2362C3_.9
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PD0DAA909_7EC6_466D_9B58_6471773E43AA_.PD0DAA909_7EC6_466D_9B58_6471773E43AA_
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PD0DAA909_7EC6_466D_9B58_6471773E43AA_.PD0DAA909_7EC6_466D_9B58_6471773E43AA_.9
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PD5F6EA57_7CE6_4735_ABF8_1449CE081C61_.PD5F6EA57_7CE6_4735_ABF8_1449CE081C61_
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PD5F6EA57_7CE6_4735_ABF8_1449CE081C61_.PD5F6EA57_7CE6_4735_ABF8_1449CE081C61_.9
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Pec68cdad_73e9_49f0_9c74_64e728125ce5_.Pec68cdad_73e9_49f0_9c74_64e728125ce5_
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Pec68cdad_73e9_49f0_9c74_64e728125ce5_.Pec68cdad_73e9_49f0_9c74_64e728125ce5_.9
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Pf974c23a_32ab_47de_8d03_2f1d60919e55_.Pf974c23a_32ab_47de_8d03_2f1d60919e55_
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Pf974c23a_32ab_47de_8d03_2f1d60919e55_.Pf974c23a_32ab_47de_8d03_2f1d60919e55_.9
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\706701ff-4f05-d933-3d4a-dd78176f0dec
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{09684052-490a-4266-8a96-21f3600ec809}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{14f8eaca-039a-4fbf-8ba2-343b8cac6965}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1cf36c61-abd4-47da-9d74-0199c728a106}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1ed64809-e364-4ad0-9b02-cd10bd33d942}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EDDEAE4-8E36-43DF-A081-C5664C00BDA6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2fcc1f2e-fa6f-46fc-a6f0-3497c9c80ae3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{388774B6-E363-4012-B290-8B7B85302AD0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4ef56571-6ee4-4c71-9a39-0b3948d7fdd8}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5184C6ED-CECB-4729-A5C9-C0FC0783C760}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{b5cf4d3d-af1b-4451-9806-7e0088bbc63c}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C4C8DD2C-3163-461D-B2FE-15287B2362C3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D0DAA909-7EC6-466D-9B58-6471773E43AA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D5F6EA57-7CE6-4735-ABF8-1449CE081C61}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ec68cdad-73e9-49f0-9c74-64e728125ce5}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{f974c23a-32ab-47de-8d03-2f1d60919e55}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{58DACA5D-CFAA-D64E-6F7A-D4DD33D69F3D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{046B74D1-7337-45AC-B266-A6625FBDDA47}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1AA457E0-9068-4C76-A934-9BA6F0F07409}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1F831F60-05FB-474D-93A3-42DA68E7EB8F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{230332DF-D235-47EE-BC42-60860EF144CD}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{33B8CF8E-1B37-40DD-A652-F97EDFCA9565}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3E52324B-66BF-44AE-A8C5-2DB48E90E729}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{41F978F3-431A-4464-A789-5C0692D562FB}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{532ECD0F-E6C9-4ACE-860A-3730B1F6F1DD}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{57B0DCF0-8B40-4449-8AA4-E297D6E779D4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{5ADB067E-40D9-49AD-BDFC-2DBD725D3842}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{995AEC82-0E5F-419A-864E-4E50012D0863}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{BDAF5CA1-4082-4F20-B44D-0238A9183DCA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E0D6077D-7186-48B2-A6C6-2F7C533E8CFF}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EB559340-3A8F-4456-B24D-160098054EF0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{FCE74B5F-13A9-47C3-B69E-5210C1EECBEF}
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{09684052-490a-4266-8a96-21f3600ec809}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14f8eaca-039a-4fbf-8ba2-343b8cac6965}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1cf36c61-abd4-47da-9d74-0199c728a106}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1ed64809-e364-4ad0-9b02-cd10bd33d942}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4ef56571-6ee4-4c71-9a39-0b3948d7fdd8}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{b5cf4d3d-af1b-4451-9806-7e0088bbc63c}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ec68cdad-73e9-49f0-9c74-64e728125ce5}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{f974c23a-32ab-47de-8d03-2f1d60919e55}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{09684052-490a-4266-8a96-21f3600ec809}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{14f8eaca-039a-4fbf-8ba2-343b8cac6965}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1cf36c61-abd4-47da-9d74-0199c728a106}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1ed64809-e364-4ad0-9b02-cd10bd33d942}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4ef56571-6ee4-4c71-9a39-0b3948d7fdd8}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{b5cf4d3d-af1b-4451-9806-7e0088bbc63c}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ec68cdad-73e9-49f0-9c74-64e728125ce5}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{f974c23a-32ab-47de-8d03-2f1d60919e55}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{09684052-490a-4266-8a96-21f3600ec809}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{14f8eaca-039a-4fbf-8ba2-343b8cac6965}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1cf36c61-abd4-47da-9d74-0199c728a106}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1ed64809-e364-4ad0-9b02-cd10bd33d942}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2EDDEAE4-8E36-43DF-A081-C5664C00BDA6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2fcc1f2e-fa6f-46fc-a6f0-3497c9c80ae3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{388774B6-E363-4012-B290-8B7B85302AD0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4ef56571-6ee4-4c71-9a39-0b3948d7fdd8}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5184C6ED-CECB-4729-A5C9-C0FC0783C760}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{b5cf4d3d-af1b-4451-9806-7e0088bbc63c}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4C8DD2C-3163-461D-B2FE-15287B2362C3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D0DAA909-7EC6-466D-9B58-6471773E43AA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D5F6EA57-7CE6-4735-ABF8-1449CE081C61}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ec68cdad-73e9-49f0-9c74-64e728125ce5}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{f974c23a-32ab-47de-8d03-2f1d60919e55}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{09684052-490a-4266-8a96-21f3600ec809}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{14f8eaca-039a-4fbf-8ba2-343b8cac6965}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{1cf36c61-abd4-47da-9d74-0199c728a106}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{1ed64809-e364-4ad0-9b02-cd10bd33d942}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{2EDDEAE4-8E36-43DF-A081-C5664C00BDA6}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{2fcc1f2e-fa6f-46fc-a6f0-3497c9c80ae3}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{388774B6-E363-4012-B290-8B7B85302AD0}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{4ef56571-6ee4-4c71-9a39-0b3948d7fdd8}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{5184C6ED-CECB-4729-A5C9-C0FC0783C760}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{b5cf4d3d-af1b-4451-9806-7e0088bbc63c}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{C4C8DD2C-3163-461D-B2FE-15287B2362C3}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{D0DAA909-7EC6-466D-9B58-6471773E43AA}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{D5F6EA57-7CE6-4735-ABF8-1449CE081C61}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{ec68cdad-73e9-49f0-9c74-64e728125ce5}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{f974c23a-32ab-47de-8d03-2f1d60919e55}]
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{09684052-490a-4266-8a96-21f3600ec809}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{14f8eaca-039a-4fbf-8ba2-343b8cac6965}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{1cf36c61-abd4-47da-9d74-0199c728a106}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{1ed64809-e364-4ad0-9b02-cd10bd33d942}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{2EDDEAE4-8E36-43DF-A081-C5664C00BDA6}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{2fcc1f2e-fa6f-46fc-a6f0-3497c9c80ae3}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{388774B6-E363-4012-B290-8B7B85302AD0}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4ef56571-6ee4-4c71-9a39-0b3948d7fdd8}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{5184C6ED-CECB-4729-A5C9-C0FC0783C760}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{b5cf4d3d-af1b-4451-9806-7e0088bbc63c}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{C4C8DD2C-3163-461D-B2FE-15287B2362C3}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{D0DAA909-7EC6-466D-9B58-6471773E43AA}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{D5F6EA57-7CE6-4735-ABF8-1449CE081C61}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{ec68cdad-73e9-49f0-9c74-64e728125ce5}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{f974c23a-32ab-47de-8d03-2f1d60919e55}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
[-] Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Schlüssel Gelöscht : HKCU\Software\1ClickDownload
[-] Schlüssel Gelöscht : HKCU\Software\Alexa Internet
[-] Schlüssel Gelöscht : HKCU\Software\Conduit
[-] Schlüssel Gelöscht : HKCU\Software\distromatic
[-] Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
[-] Schlüssel Gelöscht : HKCU\Software\ilivid
[-] Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
[-] Schlüssel Gelöscht : HKCU\Software\Trymedia Systems
[-] Schlüssel Gelöscht : HKCU\Software\Reimage
[-] Schlüssel Gelöscht : HKCU\Software\Super Optimizer
[-] Schlüssel Gelöscht : HKCU\Software\PRODUCTSETUP
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\awesomehpSoftware
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Trymedia Systems
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{614925F9-841A-53FE-A28F-DC30FA07239B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B114619-78B7-1CFF-55EF-74266954F883}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{70BD2558-27DA-8B02-02D0-D8704ECD2EDF}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA8C94BE-9F47-1B2E-90F8-D8C07119BD96}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{35E0D123-1F22-9AE6-F973-B7ECA46E8BFE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FE139F4C-CE5B-121A-8A2D-191FA2226094}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7E7FAE3D-3358-D280-8DBF-E8E2D94326D1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2FA77785-00C3-A920-6452-D4FE5C9C129F}
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\1ClickDownload
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Alexa Internet
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Conduit
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\distromatic
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\GlobalUpdate
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\ilivid
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Optimizer Pro
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Trymedia Systems
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Reimage
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Super Optimizer
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\PRODUCTSETUP
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Reimage
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [First Home Page]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-2455217175-4274658696-198378322-1000\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-2455217175-4274658696-198378322-1000\Software\Microsoft\Internet Explorer\Main [First Home Page]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command []
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
***** [ Internetbrowser ] *****
[-] [C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\1k37nphq.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.hiddenOneOffs", "Yahoo,Amazon.de,Bing,eBay,awesomehp,DuckDuckGo,Trovi search");
[-] [C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\1k37nphq.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.BlmtkqV2ZMxYLCRQ.scode", "(function(){try{if(window.location.href.indexOf(\"rjgFrdg4qTr9qTaHrjrFqHsGqdk\")>-1){return;}}catch(e){}try{var d=[[\"search.asistents.com\",\"cryptogma[...]
[-] [C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\1k37nphq.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Dao8X3QEejKQ49uh.scode", "(function(){try{if(window.location.href.indexOf(\"rjgFrdg4qTr9qTaHrjrFqHsGqdk\")>-1){return;}}catch(e){}try{var d=[[\"cryptogmail.com\",\"bancdebinary.c[...]
[-] [C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\1k37nphq.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.DcAWB6k0ppcTmXSc.scode", "(function(){try{if(window.location.href.indexOf(\"rjgFrdg4qTr9qTaHrjrFqHsGqdk\")>-1){return;}}catch(e){}try{var d=[[\"investkingdom.com\",\"www.viracure[...]
[-] [C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\1k37nphq.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Jyd8boAz9ntw2pTm.scode", "(function(){try{if(window.location.href.indexOf(\"rjgFrdg4qTr9qTaHrjrFqHsGqdk\")>-1){return;}}catch(e){}try{var d=[[\"backin.net\",\"trianglecash.com\",[...]
[-] [C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\1k37nphq.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.UXhK1Vpf0ZYpS8Hs.scode", "(function(){try{if(window.location.href.indexOf(\"rjgFrdg4qTr9qTaHrjrFqHsGqdk\")>-1){return;}}catch(e){}try{var d=[[\"investkingdom.com\",\"www.viracure[...]
[-] [C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\1k37nphq.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.crossrider.bic", "13b508f8dc63370705db7a49b10747b6");
[-] [C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\1k37nphq.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.gT5TumICSagz0jRy.scode", "(function(){try{if(window.location.href.indexOf(\"rjgFrdg4qTr9qTaHrjrFqHsGqdk\")>-1){return;}}catch(e){}try{var d=[[\"www.viracure.com\",\"onesystemcare[...]
[-] [C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : iilfecopjcmjdgfffklfdkhbkpkmcglh
[-] [C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : dbhhnnnpaeobfddmlalhnehgclcmjimi
[-] [C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : jnoejnlbkbnckikbkmnpippafneemknp
[-] [C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : ojhodhemilmjleephoimbfhoajnglghf
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner[R1].txt - [23393 Bytes] - [23/04/2013 20:39:13]
C:\AdwCleaner[S1].txt - [23355 Bytes] - [23/04/2013 20:40:02]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [36299 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.6 (08.10.2015:1)
OS: Windows 7 Home Premium x64
Ran by Katrin on 19.08.2015 at 13:53:07,77
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7EF2ADDD-4F3E-4C7E-B1B9-5A8FD2243087}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011501160}
~~~ Files
Successfully deleted: [File] C:\Users\Katrin\AppData\Roaming\PJXXML.exe
Successfully deleted: [File] C:\Windows\system32\drivers\{d749cb38-e48d-4f33-bfd4-0edca43efe21}Gw64.sys
Successfully deleted: [File] C:\Windows\SysWOW64\sho1C33.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho1C38.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho257E.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho2F53.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho3270.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho357F.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho39D9.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho3A15.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho538F.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho5586.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho57E2.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho64E1.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho7B0.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho84C1.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho937D.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho9A49.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho9B55.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoA6EB.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoB01C.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoB569.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoC15B.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoD86A.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoD9ED.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoDAD3.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoEA20.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoFD15.tmp
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{00708E4C-33A3-40F3-A244-04F2FC6AE779}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{01443608-842E-45B6-9C7C-6B5B4542091B}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{0253CF28-9BDF-4C1F-8F56-B7F4C30F594C}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{029056C6-20F0-4B3F-8939-269CA2390D49}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{02F07F89-B249-4974-95B2-00EFBF6FB469}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{03E2B6FF-2093-4FFB-BC72-8DF0E8CEB8E1}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{04DF6A2D-1A1F-4F08-951F-D9315FF563D1}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{052A74B7-F5DA-4A36-84D5-C8195ED88093}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{0532E4B3-1D94-427F-9D66-1EDF3C245A0B}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{0552F3F8-3562-479F-BC14-73A5A2C4AC39}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{058B18E9-F458-41D9-A3C9-F1F48D93BF47}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{05E490D5-ADAB-4FC4-83FF-D04001AB00AD}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{085D3078-9E7B-462D-838D-56A03CDAE73E}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{09342B77-8AF8-4CC5-BC40-2465F89A650D}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{0936A8E1-9E17-4B4F-8255-ED49E5357D01}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{09F77D8B-3898-47A3-898D-40545AA5C5E8}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{0A310F6B-43E0-4B52-9425-FABB383C9A1B}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{0A344B24-8AED-494A-A0E1-C3C7CAAC2490}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{0A882F14-E0EA-45F4-97AE-41D5BAE75F7B}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{0AACC932-1B36-476F-8880-301E73895386}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{0ABDCA6A-188A-4384-9837-1B9AD8A148FE}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{0B450EA7-23D0-40DA-84DA-F2F3E92ED33A}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{0B9A5C60-551B-4C5C-875B-BEB6BEE1CF74}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{0BD88178-8097-4567-B309-CCFCCDF5F004}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{0C6AC3B7-BCE9-46E3-BAA4-D89E45268692}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{0D8E9376-31AA-4C1A-980D-0C941D42B6AE}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{0D961347-B96C-4DEF-9B16-19D224598655}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{0D986E0D-1238-4A59-BC5E-A13D2E3ADEE2}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{0DD70757-E50B-4ACD-A584-E7EB1B56190A}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{0E1E922C-99DE-4F97-8A61-4046E8B13C44}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{0EBD6E13-CD91-40A6-A223-D726A0B2C43C}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{109D70A1-B8FB-41BD-9ACD-53EA2B782239}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{11253986-0795-4B96-BC80-C27362AF0B77}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{112B738E-E690-4989-A52F-AC1227A285C0}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{118F6A16-BCD4-43C3-B02C-DA68FCE910C0}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{1288BCA0-5DA5-4BF9-AA71-3539BF94B257}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{1381FA0B-40C6-44AE-BCC6-09073439D4CC}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{13BAE0B6-7419-437B-A4D9-F1E34E54195B}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{140D8739-2461-41F6-A9CC-4076173449F4}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{172D3C9C-E0E8-4153-B0CC-5B691BB49B80}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{176EB479-3A10-44CB-B1EB-315907B31499}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{18159921-9437-43E0-B9F6-A3734602D2F8}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{18820EE2-8B5C-4FD9-BA2A-5B64FA14C490}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{18F37A73-7BBD-4CA5-8093-E25464E330AD}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{195B4E1F-E881-4DD7-926A-F1E776954D6D}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{1B6AE4F9-BBBD-404D-B5A2-0738989E2B8E}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{1CA61D84-EE91-412F-B950-32C3D096D3AD}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{1D05883F-ADDC-4402-8523-E3ED13BC018E}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{1D777707-EE9C-4D02-AA69-41063487A3ED}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{1DA2456B-3571-4618-954E-B53C8B0A217F}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{20580B6B-B118-4D54-B008-E97732E25FFF}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{20CD8CF9-F484-4701-BA81-BD204B7092E2}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{212EF015-A46C-4BF5-AEAF-BCC3B16A2589}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{221FCF80-C518-43D5-B213-6FFFFCDE52FD}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{22311359-DF66-4AA7-836E-45F4B98AD411}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{2258F2AB-E032-462F-BE6E-D96E3F345AF7}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{2332790D-1A6A-4BD8-96AF-56EB44C79EE9}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{23A9695D-173E-4C28-929D-BA1EFDB7B874}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{23E5CE8A-0655-48CB-8DD4-ED12C0FB79C5}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{2401E09B-6B3F-4624-A50F-6D36B7D16C19}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{242C76EE-7BD3-456A-BA28-538CAC35D8F3}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{24944AE1-C726-4BD3-93A6-C07252D33934}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{2576997B-4DEB-4E96-B3C7-0D5C2A9E3BBC}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{262B9456-B43C-419C-85EF-26A9FEDE094F}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{26FB9153-82EF-4928-9418-55F0D7498EDA}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{2732BBA7-DF91-43C7-8F91-3CA192078A34}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{27FD0909-3DBE-4756-9228-0DBCBAC3FB2F}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{290FC45F-AF18-4C5C-8057-6968501AA1C2}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{2989E853-E923-412E-83BB-5A7765A0BFB0}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{2B193C22-F3DC-4725-A8D0-34C9401D11E6}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{2B29E406-BF4D-4BB2-B8CB-836198E3560E}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{2D46A3BA-9F62-4AC7-BD44-D9A8C94A1A5F}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{2D472FBF-3F74-41B3-AF90-94D0C2519710}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{2D628964-7EAE-4DD8-82AE-3DA9631B7A75}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{2DF737DE-5EE3-463B-9637-424052B10802}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{2E370ED6-B0AB-496C-8AAF-100B94236E45}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{2E9FF2A5-45C6-447E-B934-76A9C74EA561}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{2F4DCE0A-593F-4B51-B1D9-C07CA2D48E96}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{3026A626-FE44-472D-8F6D-F29889D1E8E4}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{310CD63F-14AA-4982-BACA-C6C3655EB2D2}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{3264A9CB-0917-4CC6-A59C-75FCAE48F7C7}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{32874439-4FBC-412E-AF68-56335E89C767}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{32F12BAF-78FE-448D-A9E4-19BE764C9892}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{3305A301-F931-4CB6-BA4A-1F5075851AFE}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{3308BC44-B281-47F2-8F39-B200D5F05E7B}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{3497F6A7-8578-48F8-9244-4191013048FD}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{34A55A19-1FAC-402C-9306-EE952E3A3F62}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{3520D1BF-28E2-418E-BA9D-DD8B3B6D2DCA}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{35F2497F-AB6E-4B83-8BEE-5921A1D53BE9}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{38A9F116-8735-494C-AC32-38EA50516E16}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{38B1CE10-5990-47AA-8A5B-6FF4A971DE7D}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{3947E028-4EA7-4F52-BB6D-59B41853FBE3}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{399E2E5A-EA95-46B9-A19C-7F8A1D19350A}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{3A0BE309-000A-43DD-9B25-D66E48FC4203}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{3A3B40F6-D4CE-4DEF-B43F-68C46E4E4FA8}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{3A5399C2-427F-4B2D-8FA1-FD29B1BC1227}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{3B1458B0-49B8-4A3F-BF1A-3AD569EB09A3}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{3B325390-726B-47E2-AB73-B7FA2CCD7C97}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{3B5D65AB-1E7A-48EA-A0F3-22BF46E62757}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{3C6D7094-0DD2-41CA-8BD3-046282F72F11}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{3C95B9D2-0B4A-4145-90CC-89828895553B}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{3EFB06D3-B63D-4789-9D3C-E6540943597A}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{4311ED7F-8EB3-4E0C-B60B-A9474E5361A1}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{432AFAB0-65E9-4C55-9547-2D5E45BDE4B2}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{437A39B5-6F18-40E8-9F0F-1FB8BADF3E29}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{44391588-BC1D-4C64-8C7C-3BD0AE1C8788}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{445BA812-2CDC-4553-9563-FE943A4A4046}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{445FEF1A-6C7D-4AA1-8F86-613E832444F9}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{4492A60E-D4DD-4FFC-BB70-71B1D314BA6D}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{44D4ADA0-4798-4CEA-A3B4-17B8C7B2441F}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{4547B272-6E2E-4ABE-8A9C-5E65F36BE7F3}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{458BA809-9E96-4719-9414-0CCBA6D1F68E}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{45E55A08-F2E9-4845-830E-A8ED822A1DC6}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{468EA347-8594-4949-AB8B-381803B7CD0C}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{47FEBF71-B845-4F0F-AA62-9D59BF7F5B58}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{4815FD68-3EAA-4C50-8682-C31438E095D4}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{48DE5A94-F422-4ACB-8160-95FED5EDAB60}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{490F260F-49D8-4D57-B803-BA6B23AA0F2B}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{49449E23-F92C-43D1-9F31-C09780C05030}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{49E8FF2B-6059-4A02-B706-91FFDA20D0CD}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{4A1CB959-631C-458D-BCC8-7CC010E69284}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{4A6B0B88-2069-4FB7-AB21-AEA210BDF8CA}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{4B8EA803-AA45-4373-BEF3-AC3FEEBC2F1C}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{4C7D0A4A-9ECB-4A32-BA24-4CA0270BCF28}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{4D1B3F6E-A9D8-4C9E-84D8-22968D58078D}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{4DA17682-0F8A-42A3-AA20-55C51CB179CF}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{4DA4C8C0-8C4C-4C87-AEFD-7E2F25D859EB}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{4E9B6FD9-261F-43AD-9ED0-CB537366862C}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{4FD9070E-4134-445B-93D8-E98A0D13FEF5}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{4FE49039-6C28-4C6C-8D70-E62D1DC6C197}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{50039779-D036-4BE0-AD08-ADB977744ED6}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{500C8639-8C1E-4106-AB42-CE4B9943C355}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{513A72F9-54F6-436C-82CB-457959227799}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{5168D94C-F764-4BF6-9B79-AA1B8D9C65F7}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{52705AB8-8BCC-43A4-9E18-66D801F7C2ED}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{529C66FD-67B8-47B8-92B0-710787D26D3E}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{53F14657-F2BD-4252-9F40-74C468AA7F48}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{54654183-3827-4C04-A9A9-1A9864061825}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{5486C872-D5B2-428D-AE92-9A09606CEFD7}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{54F41DA6-D249-431F-8860-79185C765C6C}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{5546F10B-4A81-41F0-B3F9-407F6BE2475F}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{561604DE-6742-4CD5-AFE8-3D39266FD4BA}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{565B02D8-B2BA-4B01-97B5-EA1C05FE2DCB}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{56C6B901-2E7F-4B40-97BA-42D4EF06699C}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{57718E01-E5B9-4A8E-9393-29D949594AD8}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{57AD65AB-8267-45E0-AD50-60EC2EDD409B}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{57B86E70-176D-4DE5-AE6C-B4C7FFAACE51}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{58AB105D-01D2-449E-8A9F-D9D9A90A5C5C}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{58C87229-7A7A-43FA-A783-86FF720A1125}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{5918DC24-52D0-4354-9725-3D79931FD691}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{59804E25-0317-4FD0-A83E-3D4619DA7D31}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{5A0A8CB9-A820-4069-899A-30C2C997ABCD}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{5B160102-DA9F-4A31-9CB5-9AF157768AA2}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{5B5B441A-D8F9-4430-ADF2-31E7FC7B366B}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{5C1C6F46-9673-44CD-AC50-AAA2011E31D2}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{5C84011C-5416-4F6A-836F-0A0BB576D9FD}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{5CEACFC4-C9E3-4452-9FE5-3B7B50A4A7B6}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{5D520A66-9231-433F-AFD7-CDEC7D5F98FC}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{5DE756CB-33FB-4BBC-ACFF-11D821930D92}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{5EE7781F-93CB-4CF8-BC51-114F32354263}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{5F0A1D55-8ED4-4330-BA86-3C9C25B06321}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{60411A5B-4DCC-45A7-B818-8CAC00811A01}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{60522978-1756-40D9-B01B-98F9A2E3934C}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{606BCC69-056A-47BE-8E8E-962504759761}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{60C36D83-AA84-4487-BB31-BA8FCE3768E3}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{6178D9C6-60AE-4C15-BC89-96CE590C66EC}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{619679C4-ADF2-43FA-8A17-50ED22B43A22}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{6353D8F8-1C61-4472-B5E0-E38DACB31EBB}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{65706443-9E59-4998-9CAD-59963318F576}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{668C6978-5D97-4346-B1A6-7543B07789B8}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{673A089D-102A-48D8-918A-96196F94285A}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{675F879E-2D11-4E4A-8E27-28E9ACD9ED3A}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{67F1612C-5F6D-47CA-8C78-F4BDAA070503}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{684C18D0-96B2-47BC-B64C-1EA199F841C8}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{689724FF-925C-407D-AE5E-2245F72BE6E2}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{6938D360-6C61-4336-BF94-797E45E129BD}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{6974201D-772D-4F5A-8B79-76A530CBD73C}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{6AF237D6-A928-4177-9335-65FD716491BE}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{6B5E8CFE-0349-4BF7-9550-190FB17E7C41}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{6BE75044-6A10-47B9-BC97-B425CF0C7C80}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{6D0A1558-D1EC-40A3-B980-21552E2FD9CA}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{6DD3F9FA-615B-4243-A475-6741CF9D3B90}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{6DE2D6C4-0920-4998-9C7C-B6FDC58FEB94}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{6E31FDDE-3D69-4037-8A39-2570760E9881}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{6E3A1308-6662-41B6-B62B-B95D4820B560}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{6EBFD19B-A0D5-42E3-8AA0-16BD8C021003}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{6ED04F35-FEED-4A5D-8923-B1EBFDC62ED4}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{6F4A0FDE-7D04-4266-A4FF-27EA2FF570FA}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{6F4EE489-5DFE-4B23-BB16-4CEE5F342F1B}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{715A4CB3-2493-4857-A0E3-2AACC83EABA5}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{7234D6E3-920C-4CD7-8A69-C83AFF50892E}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{72B78676-25D0-46F0-8193-5C5DD318019D}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{7344F3E8-942C-47D9-9D59-93201662D5B9}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{7456F2E1-E0A0-496B-B6AD-B75EAE0FD897}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{7479CAD6-B1EE-4ADC-A97B-968FAC3C8526}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{75440EFD-E967-465E-9BFA-70A34E2FDD28}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{778ECAC7-2F4C-47E3-BE53-95605629621E}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{78114CA5-BDF8-4C4C-A82E-0E14F140A1FB}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{7845AB1A-26DB-482C-9508-B65DFBE95801}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{795819CB-943F-4346-BB3B-916B4711DE1A}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{7982330D-E45A-4D5E-8FA9-8FCCA003C216}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{7B93FDC7-CA5E-4E1C-A838-0E662068B958}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{7C57A3F2-BE3E-4B5F-9A00-ABEE08FF6ED7}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{7C7B34E0-4FAA-49C9-BF98-12F93294B0D9}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{7C7EAEA6-F524-4D72-B44B-56725130D47A}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{7CA842EE-8D5C-4984-ACF2-1EF46AD2F856}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{7F256A9E-8504-44E0-ADF6-6C4458909F9E}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{7F8127CB-8013-498B-8EA0-D305AE3EE690}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{80232FC3-CBA4-4662-AD16-1AB513EE4941}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{81532233-202E-4EE0-8272-8426C4910248}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{816EB145-5704-49DE-AD82-53432BF6680F}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{81B31D3A-C85C-4369-A219-35B70D92F3FE}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{8202822E-CEE2-45C0-8FE6-F685C4A1E320}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{8339B9E6-6722-40CA-A2C9-0FFE0E068EBC}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{83946904-2B23-4C2A-B6C9-A17A7F2A30CA}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{841E4325-7734-4926-8695-DAFF2B25A89A}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{84AFAE69-5B34-4575-9149-D6AAB9597F2E}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{8517CD9F-A82E-4202-AEB5-26CB249A6539}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{87326C26-D3FE-4763-AD71-CA58F67FE541}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{873F37CE-4900-4C8B-ADA3-0FC38C4AF6BA}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{876C8803-8494-4B30-9F05-FC6D9DC27A98}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{87E84D36-9A20-4115-BF7C-30181C1919F9}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{89382CAE-9166-40E0-AD2A-A588A1A3A370}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{89924A6F-9587-4843-9B8A-83A79EBE6613}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{89BD8C96-2B06-4E10-BD31-DC1435390E79}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{89E82832-FEA3-4E92-9C9A-2E1A6B9EDCD8}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{8A361BE8-C0F5-4B3E-A329-EA3245D9862A}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{8A80B5F1-A6F7-4995-8ECD-214E16E58508}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{8C097963-1DFA-4B30-9E7F-2350CDB983A1}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{8C42815F-C0D9-401D-AE60-414F3D7A713F}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{8C88D843-B71F-4E4F-8CD1-8892380A0CB7}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{8E432A9F-BF39-413F-8C1A-D1CC3F70CBB7}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{8F4F02E6-D814-4AE0-967B-0A6E7092BBCE}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{8FC8EC4B-01C9-491F-BFE0-68278A7AFB4F}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{90BF6A27-2BC4-4279-B997-1E572FA692F9}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{92AA60F8-D1B1-4E25-A419-E0EC5E410838}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{92EFEE53-6DDD-465F-900C-5D130B41A1B2}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{934C85C2-C68B-40C5-9933-2EF5203E9FFE}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{937E79F3-13F8-46EC-A8BD-C18D2ADCE7D2}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{93838C16-6248-4CB4-8D8D-472110739C10}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{94B2F4DB-A789-4DC5-BC56-8CFA0DD08C2B}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{94F2100C-E8BC-4B2A-B33D-0DC61C25F9C0}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{94F26585-1510-46FC-B1BA-4B6B03F12869}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{951235F9-0D52-4DF6-AEA8-69303F45AE42}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{955514E0-E6CE-4070-84E8-8671CCAA2527}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{9573E860-D9D3-4337-AA53-C5399D57A1FE}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{95CADB65-128D-45AE-85EE-31C50AF0EB0D}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{9616B9CE-51CA-461C-B4BE-A2F8EA8279C7}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{9634BAAF-3438-4AA5-A8F0-F8D47CCD957D}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{971F8F8D-DB58-43D3-A890-564364F0A666}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{9753D05A-0352-47DA-BE72-B6E18B50DB0B}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{979325C1-81BC-4849-9177-0D57D7941522}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{97EED1A9-19D7-46B8-90F5-3654CAA3BEDC}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{98777E4B-A544-4804-A16F-5A03A348C7E5}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{98BE1689-78F0-4546-B91B-C5E656219930}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{9AD16A69-AA9E-4B38-ADE9-642FE490BB8F}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{9AE93149-2C54-4AA4-A239-2128780A4042}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{9C2ED02D-0B59-4722-BEA7-828BBF464EB3}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{9C8BFCF2-D174-4983-BF59-5B47BD85A729}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{9E5ABD8A-A85A-4EDB-B7B3-F6C593146351}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{9E60DF66-93F2-4B7C-89C9-BDE486CECA1A}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{A0B6AEBF-A687-4B93-A236-55ACC45A2C2F}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{A170EE18-EE8F-4388-ABB7-1B1AF891AE04}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{A1F2F1C3-BB86-4867-B7B0-5DE0C599AF9E}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{A4116C0C-9CAD-4F55-8B06-0DB8A020D0AB}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{A5DDB5EC-FBEA-4F55-B18A-695F8DF20640}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{A64108E7-EA78-44F9-AC95-BFB7F38EB4E2}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{A7F71B20-EFB1-455F-B8FD-6DED8854A215}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{A87AA320-7685-4A11-8B58-886766233C57}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{A88A734A-D361-4E38-9465-FB28D33ECEDC}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{A8A87D66-C863-47E2-93EC-AB133889D75A}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{A9A1454C-18B0-4950-8133-4FBC4E37AAFD}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{AAE8298D-AF63-418D-9F7B-92EA50F43E71}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{AAF093BB-2C24-46F6-AE18-552F5E2388E6}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{AB19EF83-CC58-453A-AC8A-767932E46DE0}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{AB90C3D9-962E-41A4-AFD6-8359BF02A219}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{AC6A7154-A08D-4C3F-A8E4-B17AD4C5AAF3}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{AD2DFE27-BD4D-4572-8381-E2EBA25E37DA}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{ADACA5D6-A6F8-4C17-99CC-FDF31364FE52}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{AEF49D8F-2465-4383-8DC4-A16B8295F170}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{AF063A1F-AFE2-4F6E-A5CA-91DB3E5313F8}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{B0488436-5539-4FE8-927F-355273B2CF4B}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{B0B337BA-6E6A-4524-9CB1-A1AD45076492}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{B1566CBE-F1F6-4EE8-B4DE-D8586F89D8ED}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{B2CFB581-7B41-4A8F-B7B1-843C071DE8D3}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{B3135E4D-A84C-4D75-B9D0-1775278E4765}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{B377631B-72FE-470A-941C-71C33F8FEF40}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{B5D18A41-5642-4711-9D7C-3B63C90CA7F3}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{B68E05B4-43BE-472A-B4EB-37435AD8186B}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{B6BBD5FC-B1A8-44A7-942F-7ED926A404DF}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{B76CD329-8947-4C95-94AE-CB4F40422B86}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{B7A32D2F-FE7D-43B8-94BB-130956D1A8D3}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{BC7B88D5-2AA6-4B2D-AD84-816B4AE80A99}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{BD245C41-65D1-4C05-AADB-1C1238120F22}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{BD7C544F-50A3-4D8A-B781-477C09787453}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{BE27EE16-9272-4BB3-86E0-8ECA59B98032}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{BEA8A3A8-3E34-4D45-82EC-03C97FC75A64}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{BEEF689E-BEDA-48C9-A0E0-32B79217BF52}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{BEF6B451-72E9-470A-B078-7E999A3127CC}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{BF1837B1-130A-4FC6-AF0B-76074156AE0A}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{BF232685-C1FA-4DAE-A5AE-6E2716E8B566}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{BFFB5504-C972-46E8-98E9-83D9FB529466}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{C0539CC5-4584-425F-AB7B-0A8E43E12EC4}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{C0883BD1-2558-40CD-AE3D-18313B96E3FE}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{C11EF34D-C2B8-44F9-AEA1-9842CD7D7D21}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{C21FA381-3723-49CB-8DC0-B7AFF8C14D74}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{C252F35F-466F-498E-8C43-643243A4C646}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{C26CE276-6036-43B4-9D05-24E6418DB234}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{C293AA5C-E483-4B6D-A031-741B0147E890}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{C3657B48-0EAA-45DF-9A02-E312C7386A6F}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{C4BF19AE-A325-4B0C-8A7F-1C928714A370}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{C4E6DE2D-A910-4076-8ED7-644162F0AEA8}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{C4EE33B9-9A53-478A-9A2A-19B83ACF3EA8}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{C53F1832-7EE0-40BF-B9A5-9F71D08C7E50}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{C589EF49-8A4E-4E60-AF66-407A0D8B98C5}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{C5EC8686-AC8B-4E78-A71A-E1020E0032E2}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{C6B7A4F4-E407-40F7-9B87-377D95786B65}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{C7B4B41F-89B8-4967-9634-2423DFFA246D}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{C7FE9F02-1F6D-427B-BA86-5A139DBD7F26}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{C86B97E1-E95C-4668-BD93-418323D9C1B5}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{C96BA6FA-A5F3-4434-B322-B22B3F475A55}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{CA8AB480-B2C3-44A5-A55D-B07DDC57CFAE}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{CAB35433-A635-4C55-BEB7-B8E3BD29ACA1}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{CB2477C8-F252-413A-A087-1F7E39B2C5DA}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{CC86B4D8-755D-4B70-A52F-818F13C682DE}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{CCE885FE-D8FF-4CE3-8329-BE009C5F9830}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{CD388F95-57AB-4FAC-A2C6-3A33D7B298BA}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{CDABD539-14E5-4704-AAFD-50D4786E4CC9}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{CF3016F7-CAC0-4D5C-B873-A766A6162D17}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{CF45D4E2-A10D-48C9-8C28-6EA1F853F09D}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{D0E58B79-30AF-45E0-8177-D3FC1BB35302}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{D15E60F8-40EC-4D43-9458-EDB42CE616F3}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{D2920151-BB7A-42D8-BB5D-1CC94EF5E327}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{D300C9B2-D793-4B04-A171-E3850C455D2B}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{D4C4A8F9-D22C-43CE-A729-049B195179D5}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{D4C7C37F-BAD2-49AA-A7AC-9736940BF9CA}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{D4F65183-2F34-44C5-B0DB-7EFAAD12F9FC}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{D634E686-E289-4F43-AA54-CEBBBF959879}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{D6B80020-B1E1-4EA1-9E6C-36A9A65FAA27}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{D70A9916-114B-4413-A7F6-168B3AF52BA7}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{D75F4F9F-9CE0-448D-9C1F-070EEE339427}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{D7F911E6-4D8D-4136-8A3A-54A4F1AEF261}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{D8AF387C-341D-4A7D-83D1-8C755EC5E21E}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{D9553E62-2303-47CE-A667-F54A1DB47A80}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{DC51C23A-7F87-4987-8AEC-5E5EE91BD2E6}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{DD403790-4929-4453-B9F7-912EF39A6B18}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{DD893BF0-7C9C-4868-B2C2-2B3C23464644}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{DE98A538-9F08-44BE-9F76-5AD66BEDF216}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{DEB7F1A4-53FA-4AFF-871D-801344AC41D9}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{E08AB50C-1402-4672-88D3-6D3A7845AE09}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{E0BA207E-69B2-48A1-AFA1-E63CF3570635}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{E1F7728C-F4EC-4D99-AC5A-C3CA311AC6E0}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{E22DADA9-6CE4-476F-A436-48C6A98665BB}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{E39E5180-6E00-43C5-BC1E-91A757CACA2C}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{E3CD8B62-7ABD-4110-8184-35CDAAD6FC99}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{E4B7E54E-0C21-4B50-8DA0-197A6C567544}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{E527C077-06AF-4118-8336-BDB7FC2C5BB5}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{E54273AA-4E2E-44EA-AD61-6C3D68E1509C}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{E80BE936-68E6-43F3-BF69-32F5DFB15FE8}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{E8E1FB80-565B-42C4-A056-1EEE50CFEBE7}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{E97A8228-77CB-4404-B2D3-63EB65D331E0}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{EA088DD6-2D48-4E22-BA37-B70D09275C52}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{EBF02595-71AE-42FE-B871-971BC30321B4}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{EC443743-0577-4B90-BF35-FD3854D7FDCB}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{EC623659-89B4-437E-80BA-FA8B1083F17C}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{ECC0454B-815E-472F-8291-7C1DA7CF680B}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{EE4F9074-61DE-484E-BA12-F136E1ED5BA0}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{EE95122B-5E02-4566-B26C-9A0E3162746A}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{F1491520-FDC2-4550-9F5A-F614D2EF8B98}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{F2AE304E-73A7-4741-A05C-F7CB9E7F0845}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{F2EDFEEC-37A8-4461-9123-96833EA93CB4}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{F4A64252-2BE7-47AC-9207-577F21F7F63E}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{F4FF7492-A025-4B11-A866-91332712B228}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{F6D89A70-6B2B-4C53-924E-C1ECFCAE9E7C}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{F8710306-3F76-411C-9248-6228AB9771E0}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{F8B639F7-2B66-4FDF-8915-A192FC2D6011}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{F951CF4B-623A-4711-AD38-96062C0422A9}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{FA173809-3452-43AC-B57D-01C14B5A6D41}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{FA5428DE-7EBA-4B8B-8BBE-E106CDD93F61}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{FBC9D555-80AE-475F-A298-F6967FD70DDD}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{FC10B148-B89F-4CD7-8D1E-62B13FE78F01}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{FCB042A2-E427-4E19-AD33-888E516E80A4}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{FD6AC455-C06A-41B0-88E8-E90CF9F87203}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{FD811E51-F1A7-4966-8CFE-0D2985081BDB}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{FDE41D67-41D0-4488-93A5-92BC6AE92853}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{FEBC5B77-C184-4012-97E0-3E03DC5AE758}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{FF0E58D9-6020-422D-B670-E2E2B2F92D5F}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{FF2A8D71-A0A4-4A02-BEEC-79913A3AE6D7}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{FFC95760-43E2-4117-98CC-2822E45BDA0B}
Successfully deleted: [Empty Folder] C:\Users\Katrin\Appdata\Local\{FFFDF52D-6549-491C-9206-F7B3C8882CB5}
Successfully deleted: [Folder] C:\Program Files (x86)\innoapp
Successfully deleted: [Folder] C:\Program Files (x86)\myfree codec
Successfully deleted: [Folder] C:\Users\Katrin\AppData\Roaming\getrighttogo
Successfully deleted: [Folder] C:\Users\Katrin\Documents\optimizer pro
Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin
Successfully deleted: [Folder] C:\ProgramData\417994988090366824
Successfully deleted: [Folder] C:\ProgramData\Deaol2iDealit
Successfully deleted: [Folder] C:\ProgramData\ssaveroon
~~~ FireFox
Successfully deleted: [Folder] C:\Users\Katrin\AppData\Roaming\mozilla\firefox\profiles\1k37nphq.default\extensions\staged
Successfully deleted the following from C:\Users\Katrin\AppData\Roaming\mozilla\firefox\profiles\1k37nphq.default\prefs.js
user_pref(extensions.4FFrREGy0Nx2xQaM.scode, (function(){try{if(window.location.href.indexOf(\rjgFrdg4qTr9qTaHrjrFqHsGqdk\)>-1){return;}}catch(e){}try{var d=[[\backin.ne
user_pref(extensions.AMAZONNEW_NS_PH.toolbarXMLText, <?xml version=\1.0\ encoding=\utf-8\?>\n<toolbar>\n <replacements>\n <replacement>\n <key><![CDATA[__REGIO
user_pref(extensions.Gd2uSEu2Hrkvg85V.scode, (function(){try{if(window.location.href.indexOf(\rjgFrdg4qTr9qTaHrjrFqHsGqdk\)>-1){return;}}catch(e){}try{var d=[[\backin.ne
user_pref(extensions.GtX5Hpey9XyttZA3.scode, (function(){try{if(window.location.href.indexOf(\rjgFrdg4qTr9qTaHrjrFqHsGqdk\)>-1){return;}}catch(e){}try{var d=[[\backin.ne
user_pref(extensions.bj3ONeCQnohGtjX7.scode, (function(){try{if(window.location.href.indexOf(\rjgFrdg4qTr9qTaHrjrFqHsGqdk\)>-1){return;}}catch(e){}try{var d=[[\backin.ne
user_pref(extensions.eLM3UpM5tx5GsbYz.scode, (function(){try{if(window.location.href.indexOf(\rjgFrdg4qTr9qTaHrjrFqHsGqdk\)>-1){return;}}catch(e){}try{var d=[[\backin.ne
user_pref(extensions.mK6auFwRuAXxg0r3.scode, (function(){try{if(window.location.href.indexOf(\rjgFrdg4qTr9qTaHrjrFqHsGqdk\)>-1){return;}}catch(e){}try{var d=[[\backin.ne
user_pref(extensions.mK6auFwRuAXxg0r3.url, hxxp://sweetdiaryset.info/sync2/?q=hfZ9oeqHgeqLtNbPhd9FtMqLDe49CNU0nlnMCMlNhd9FqjaHrjrGrdn5rjgMBzqUojw8rdrFqdwEqjw8qch7hfs0pihPBM
user_pref(extensions.udS3Q4G18370P4xV.scode, (function(){try{if(window.location.href.indexOf(\rjgFrdg4qTr9qTaHrjrFqHsGqdk\)>-1){return;}}catch(e){}try{var d=[[\backin.ne
Emptied folder: C:\Users\Katrin\AppData\Roaming\mozilla\firefox\profiles\1k37nphq.default\minidumps [287 files]
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
[C:\Users\Katrin\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Katrin\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Katrin\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Katrin\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.08.2015 at 14:06:44,29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Schritt 3 kommt sofort |
|
19.08.2015, 13:16
| #6 |
| | Windows 7: Opera, verlinkte Wörter auf Website und WerbefensterCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-08-2015
durchgeführt von Katrin (Administrator) auf KATRIN-PC (19-08-2015 14:11:03)
Gestartet von C:\Users\Katrin\Downloads
Geladene Profile: Katrin (Verfügbare Profile: Katrin & Martin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Opera)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-14] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-07] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Katrin\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-07] (Samsung)
HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ACHTUNG
GroupPolicyUsers\S-1-5-21-2455217175-4274658696-198378322-1006\User: Beschränkung erkannt <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2455217175-4274658696-198378322-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-21-2455217175-4274658696-198378322-1000 -> DefaultScope {0633ee93-d776-472f-a0ff-e1416b8b2e3a} URL =
SearchScopes: HKU\S-1-5-21-2455217175-4274658696-198378322-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2455217175-4274658696-198378322-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{16487531-B73D-4A61-A0A1-D5C275028BCB}: [DhcpNameServer] 213.94.78.16 213.94.78.17
Tcpip\..\Interfaces\{24D56DD0-2FBE-42FA-BC05-1300280A189D}: [NameServer] 82.163.143.172,82.163.142.174
Tcpip\..\Interfaces\{24D56DD0-2FBE-42FA-BC05-1300280A189D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{77187876-313D-4CB3-8052-1566C9D9D308}: [NameServer] 82.163.143.172,82.163.142.174
Tcpip\..\Interfaces\{77187876-313D-4CB3-8052-1566C9D9D308}: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\1k37nphq.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.at/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-20] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-20] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Keine Datei]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2011-07-29] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-02-18] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll [2015-07-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll [2015-07-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-07-19] (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2009-09-25] (Wacom, Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2455217175-4274658696-198378322-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Katrin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2455217175-4274658696-198378322-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Katrin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-23] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011-09-25]
Chrome:
=======
CHR dev: Chrome dev build erkannt! <======= ACHTUNG
CHR Profile: C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default
Opera:
=======
OPR Extension: (adblockforopera) - C:\Users\Katrin\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2015-07-20]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
S2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [39528 2011-01-18] (Acer Incorporated)
S2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [255376 2012-04-05] (Acer Incorporated)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [Datei ist nicht signiert]
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-14] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [Datei ist nicht signiert]
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 WTouchService; C:\Program Files\WTouch\WTouchService.exe [127784 2009-11-24] (Wacom Technology, Corp.)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-03-20] () [Datei ist nicht signiert]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 synusb64; C:\Windows\System32\DRIVERS\synusb64.sys [30352 2010-09-17] (Steinberg Media Technologies GmbH)
S3 cpuz134; \??\C:\Users\Katrin\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-19 14:10 - 2015-08-19 14:10 - 00000000 ____D C:\Users\Katrin\Downloads\FRST-OlderVersion
2015-08-19 14:06 - 2015-08-19 14:06 - 00047839 _____ C:\Users\Katrin\Desktop\JRT.txt
2015-08-19 13:51 - 2015-08-19 13:51 - 01791580 _____ (Malwarebytes Corporation) C:\Users\Katrin\Downloads\JRT.exe
2015-08-19 13:44 - 2015-08-19 13:45 - 00000000 ____D C:\AdwCleaner
2015-08-19 13:41 - 2015-08-19 13:42 - 01585664 _____ C:\Users\Katrin\Downloads\AdwCleaner_5.002.exe
2015-08-19 09:25 - 2015-08-19 09:25 - 00001276 _____ C:\Users\Katrin\Desktop\Revo Uninstaller.lnk
2015-08-19 09:25 - 2015-08-19 09:25 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-08-19 09:24 - 2015-08-19 09:25 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Katrin\Downloads\revosetup95.exe
2015-08-19 01:01 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-19 01:01 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-19 00:51 - 2015-08-19 00:56 - 00000000 ____D C:\7955ba6a45aa08e7fd67
2015-08-19 00:47 - 2015-08-19 00:51 - 00000000 ____D C:\f6831a79596ed8c5551d795b6c2cbf
2015-08-19 00:37 - 2015-08-19 00:42 - 00000000 ____D C:\43404232833376286d6c3dcc
2015-08-18 22:50 - 2015-08-18 22:50 - 00001202 _____ C:\Users\Katrin\Desktop\gmer.log
2015-08-18 22:26 - 2015-08-18 22:26 - 00380416 _____ C:\Users\Katrin\Downloads\Gmer-19357.exe
2015-08-18 22:20 - 2015-08-18 22:21 - 00056121 _____ C:\Users\Katrin\Downloads\Addition.txt
2015-08-18 22:19 - 2015-08-19 14:11 - 00016034 _____ C:\Users\Katrin\Downloads\FRST.txt
2015-08-18 22:15 - 2015-08-18 22:16 - 00000474 _____ C:\Users\Katrin\Desktop\defogger_disable.log
2015-08-18 22:15 - 2015-08-18 22:15 - 00000000 _____ C:\Users\Katrin\defogger_reenable
2015-08-18 22:13 - 2015-08-18 22:13 - 00050477 _____ C:\Users\Katrin\Desktop\Defogger.exe
2015-08-18 21:55 - 2015-08-18 21:56 - 00772016 _____ (Reimage®) C:\Users\Katrin\Downloads\ReimageRepair (1).exe
2015-08-17 22:16 - 2015-08-18 23:19 - 00010712 _____ C:\Users\Katrin\Desktop\Howrse Futter.ods
2015-08-12 22:33 - 2015-08-12 22:33 - 00000000 ____D C:\Program Files (x86)\jQuery Debugger
2015-08-11 21:00 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-11 21:00 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-11 21:00 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-11 21:00 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-11 21:00 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-11 21:00 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-11 21:00 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-11 21:00 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-11 21:00 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-11 21:00 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-11 21:00 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-11 21:00 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-11 21:00 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-11 21:00 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-11 21:00 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-11 21:00 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-11 21:00 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-11 21:00 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-11 21:00 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-11 21:00 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-11 21:00 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-11 21:00 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-11 21:00 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-11 21:00 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-11 21:00 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-11 21:00 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-11 21:00 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-11 21:00 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-11 21:00 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-11 21:00 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-11 21:00 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-11 21:00 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-11 21:00 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-11 21:00 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-11 20:59 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-11 20:59 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-11 20:59 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-11 20:59 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-11 20:59 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-11 20:59 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-11 20:59 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-11 20:59 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-11 20:59 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-11 20:59 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-11 20:59 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-11 20:59 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-11 20:59 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-11 20:59 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-11 20:59 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-11 20:59 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-11 20:59 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-11 20:59 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-11 20:59 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-11 20:59 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-11 20:59 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-11 20:59 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-11 20:59 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-11 20:59 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-11 20:59 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-11 20:59 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-11 20:59 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-11 20:59 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-11 20:59 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-11 20:59 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-11 20:59 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-11 20:59 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-11 20:59 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-11 20:59 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-11 20:59 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-11 20:59 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-11 20:59 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-11 20:59 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-11 20:59 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-11 20:59 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-11 20:59 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-11 20:59 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-11 20:59 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-11 20:59 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-11 20:58 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-11 20:57 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-11 20:57 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-11 20:57 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-11 20:57 - 2015-07-16 22:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-11 20:57 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-11 20:57 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-11 20:57 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-11 20:57 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-11 20:57 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-11 20:57 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-11 20:57 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-11 20:57 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-11 20:57 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-11 20:57 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-11 20:57 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-11 20:57 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-11 20:57 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-11 20:57 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-11 20:57 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-11 20:57 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-11 20:57 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-11 20:57 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-11 20:57 - 2015-07-16 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-11 20:57 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-11 20:57 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-11 20:57 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-11 20:57 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-11 20:57 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-11 20:57 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-11 20:57 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-11 20:57 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-11 20:57 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-11 20:57 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-11 20:57 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-11 20:57 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-11 20:57 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-11 20:57 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-11 20:57 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-11 20:57 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-11 20:57 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-11 20:57 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-11 20:57 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-11 20:57 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-11 20:57 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-11 20:57 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-11 20:57 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-11 20:57 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-11 20:57 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-11 20:57 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-11 20:57 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-11 20:57 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-11 20:57 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-11 20:57 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-11 20:57 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-11 20:57 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-11 20:57 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-11 20:57 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-11 20:57 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-11 20:57 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-11 20:57 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-11 20:54 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-11 20:54 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-11 20:54 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-11 20:54 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-11 20:54 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-11 20:54 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-11 20:54 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-11 20:54 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-11 20:54 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-11 20:54 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-11 20:54 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-11 20:54 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-11 20:54 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-11 20:54 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-11 20:54 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-11 20:54 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-11 20:54 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-11 20:54 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-11 20:54 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-11 20:54 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-11 20:54 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-11 20:54 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-11 20:54 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-11 20:54 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-11 20:54 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-11 20:54 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-11 20:54 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-11 20:54 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-11 20:54 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-11 20:54 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-11 20:54 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-11 20:54 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-11 20:54 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-11 20:54 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-11 20:54 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-11 20:54 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-11 20:54 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-11 20:54 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-11 20:54 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-11 20:54 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-11 20:54 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-11 20:54 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-11 20:54 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-11 20:54 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-11 20:54 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-11 20:54 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-11 20:54 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-11 20:54 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-11 20:54 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-07 20:55 - 2015-08-07 20:56 - 04847032 _____ (Opera Software ASA ) C:\Users\Katrin\Downloads\Opera 9 Eng Setup.exe
2015-08-07 20:45 - 2015-08-07 20:45 - 08969716 _____ C:\Users\Katrin\Downloads\Opera_964_int_Setup [1].exe
2015-08-07 20:43 - 2015-08-07 20:44 - 00894960 _____ (Internet Web ) C:\Users\Katrin\Downloads\Opera_964_int_Setup.exe
2015-07-31 23:40 - 2015-07-31 23:44 - 00000000 ____D C:\0a5fdeaa37df6b20cfe6f0
2015-07-31 23:35 - 2015-07-31 23:40 - 00000000 ____D C:\380cc8c85f97f435a6
2015-07-31 23:30 - 2015-07-31 23:35 - 00000000 ____D C:\ee65a3c4cdf5270d95fcfdb99859a5
2015-07-31 10:03 - 2015-07-31 10:03 - 00000000 ____D C:\Users\Katrin\AppData\Local\GWX
2015-07-29 00:08 - 2015-07-29 00:12 - 00000000 ____D C:\037733898ee144e0bf926940
2015-07-29 00:03 - 2015-07-29 00:08 - 00000000 ____D C:\68800b228f25db4b33
2015-07-28 23:59 - 2015-07-29 00:03 - 00000000 ____D C:\b6063ca14a055dc780c00c8aa3ea22
2015-07-20 22:31 - 2015-07-20 22:31 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-20 22:31 - 2015-07-20 22:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-20 22:29 - 2015-08-16 11:19 - 00000946 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-07-20 22:29 - 2015-07-20 22:29 - 00003944 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-07-20 22:20 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-20 22:20 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-20 22:20 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-20 22:20 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-20 22:20 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-20 22:20 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-20 22:20 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-20 22:20 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-20 22:20 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-20 22:20 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-20 22:20 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-20 22:20 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-20 22:18 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-20 22:18 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-20 22:17 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-20 22:17 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-20 22:15 - 2015-07-20 22:15 - 00000000 ____D C:\Users\Katrin\AppData\Local\Opera Software
2015-07-20 22:13 - 2015-08-19 09:06 - 00003854 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1437423186
2015-07-20 22:13 - 2015-07-20 22:13 - 00001147 _____ C:\Users\Public\Desktop\Opera.lnk
2015-07-20 22:13 - 2015-07-20 22:13 - 00001147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-07-20 22:13 - 2015-07-20 22:13 - 00000000 ____D C:\Users\Katrin\AppData\Roaming\Opera Software
2015-07-20 22:10 - 2015-08-19 09:06 - 00000000 ____D C:\Program Files (x86)\Opera
2015-07-20 22:10 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-20 22:10 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-20 22:10 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-20 22:10 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-20 22:10 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-20 22:10 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-20 22:10 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-20 22:10 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-20 22:10 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-20 22:10 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-20 22:09 - 2015-07-20 22:10 - 00687528 _____ (Opera Software) C:\Users\Katrin\Downloads\Opera_NI_stable.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-19 14:11 - 2014-03-27 22:42 - 00000000 ____D C:\FRST
2015-08-19 14:10 - 2014-03-27 22:41 - 02173440 _____ (Farbar) C:\Users\Katrin\Downloads\FRST64.exe
2015-08-19 14:04 - 2011-09-25 13:13 - 00000000 ____D C:\Users\Katrin
2015-08-19 13:57 - 2009-07-14 06:45 - 00023440 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-19 13:57 - 2009-07-14 06:45 - 00023440 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-19 13:48 - 2015-04-29 10:16 - 00000000 ____D C:\Users\Katrin\AppData\Roaming\WTablet
2015-08-19 13:47 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-19 13:47 - 2009-07-14 06:51 - 00249478 _____ C:\Windows\setupact.log
2015-08-19 13:46 - 2014-10-15 16:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-19 13:46 - 2011-08-16 19:15 - 01518081 _____ C:\Windows\WindowsUpdate.log
2015-08-19 11:57 - 2012-03-02 12:47 - 00001142 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2455217175-4274658696-198378322-1000UA.job
2015-08-19 11:15 - 2014-11-30 16:07 - 00000000 ____D C:\Users\Katrin\AppData\Roaming\PlayCatanClient
2015-08-19 11:08 - 2011-12-12 18:50 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{77177907-A101-456D-BC6D-99E3A6237DE9}
2015-08-19 09:01 - 2009-07-14 06:45 - 18823360 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-19 08:57 - 2014-12-16 12:33 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-19 08:57 - 2014-05-08 00:09 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-19 01:01 - 2012-05-21 17:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-19 00:59 - 2012-05-21 17:43 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-19 00:59 - 2012-05-21 17:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-19 00:22 - 2013-08-11 09:12 - 00000000 ____D C:\Windows\system32\MRT
2015-08-19 00:22 - 2011-09-25 20:06 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-18 22:07 - 2015-06-17 20:21 - 00001232 _____ C:\Users\Katrin\Desktop\Spielplan.txt
2015-08-18 20:54 - 2012-03-02 12:47 - 00001120 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2455217175-4274658696-198378322-1000Core.job
2015-08-16 11:37 - 2011-07-25 11:56 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support
2015-08-15 10:08 - 2011-08-17 05:07 - 00766186 _____ C:\Windows\system32\perfh007.dat
2015-08-15 10:08 - 2011-08-17 05:07 - 00175126 _____ C:\Windows\system32\perfc007.dat
2015-08-15 10:08 - 2009-07-14 07:13 - 01808470 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-12 22:35 - 2015-06-09 10:22 - 00000079 _____ C:\Program Files (x86)\prefs.js
2015-08-10 23:16 - 2013-05-01 22:51 - 00000000 ____D C:\Users\Katrin\AppData\Local\Akamai
2015-08-09 21:57 - 2010-11-21 05:47 - 00818418 _____ C:\Windows\PFRO.log
2015-07-31 23:44 - 2011-09-25 13:32 - 01836088 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-07-31 20:53 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT
2015-07-31 20:29 - 2007-07-12 03:49 - 00000000 ____D C:\Windows\Panther
2015-07-25 18:36 - 2015-04-07 23:42 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-21 12:16 - 2015-04-07 23:42 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-21 12:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-20 22:40 - 2011-09-25 13:15 - 00000000 ____D C:\Users\Katrin\AppData\Local\Adobe
2015-07-20 22:31 - 2012-03-05 17:16 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-20 22:29 - 2015-06-05 21:25 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-20 22:29 - 2015-06-05 21:25 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-20 22:24 - 2014-12-24 16:08 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-01-22 14:23 - 2013-01-22 14:22 - 0021494 _____ () C:\Program Files (x86)\0x0409.ini
2013-01-22 14:23 - 2013-01-22 14:22 - 0003584 _____ () C:\Program Files (x86)\1033.MST
2015-06-09 10:22 - 2015-08-12 22:35 - 0000079 _____ () C:\Program Files (x86)\prefs.js
2013-01-22 14:23 - 2013-01-22 14:22 - 67047424 _____ () C:\Program Files (x86)\Samsung Kies.msi
2012-04-19 16:52 - 2014-11-11 13:19 - 0000132 _____ () C:\Users\Katrin\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-12-08 21:18 - 2014-12-08 21:18 - 1520608 _____ (home) C:\Users\Katrin\AppData\Roaming\TZ.exe
2015-04-22 19:55 - 2015-04-22 19:56 - 0011708 _____ () C:\Users\Katrin\AppData\Local\Temp-log.txt
2015-05-11 23:13 - 2015-05-11 23:13 - 0000000 _____ () C:\Users\Katrin\AppData\Local\Temp.dat
2012-04-01 21:28 - 2012-04-01 21:33 - 0000356 _____ () C:\ProgramData\hpzinstall.log
2014-03-24 20:12 - 2014-03-24 20:12 - 0000032 _____ () C:\ProgramData\Temp.log
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Public\AlexaNSISPlugin.2168.dll
Einige Dateien in TEMP:
====================
C:\Users\Katrin\AppData\Local\Temp\AcDeltree.exe
C:\Users\Katrin\AppData\Local\Temp\BackupSetup.exe
C:\Users\Katrin\AppData\Local\Temp\bstrapInstall.exe
C:\Users\Katrin\AppData\Local\Temp\DivXSetup.exe
C:\Users\Katrin\AppData\Local\Temp\divx_cd_autostart.exe
C:\Users\Katrin\AppData\Local\Temp\dlLogic.exe
C:\Users\Katrin\AppData\Local\Temp\dltr.exe
C:\Users\Katrin\AppData\Local\Temp\DWPUpgradeInstaller.exe
C:\Users\Katrin\AppData\Local\Temp\EAD7409.exe
C:\Users\Katrin\AppData\Local\Temp\EAD9932.exe
C:\Users\Katrin\AppData\Local\Temp\EADAB.exe
C:\Users\Katrin\AppData\Local\Temp\Execute2App.exe
C:\Users\Katrin\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Katrin\AppData\Local\Temp\GCVerifier.dll
C:\Users\Katrin\AppData\Local\Temp\i4jdel0.exe
C:\Users\Katrin\AppData\Local\Temp\ICReinstall_Opera_964_int_Setup.exe
C:\Users\Katrin\AppData\Local\Temp\InstallAX.exe
C:\Users\Katrin\AppData\Local\Temp\installerdll11255565.dll
C:\Users\Katrin\AppData\Local\Temp\installerdll12362096.dll
C:\Users\Katrin\AppData\Local\Temp\installerdll12375106.dll
C:\Users\Katrin\AppData\Local\Temp\installerdll12774344.dll
C:\Users\Katrin\AppData\Local\Temp\installerdll142304.dll
C:\Users\Katrin\AppData\Local\Temp\installerdll67033.dll
C:\Users\Katrin\AppData\Local\Temp\installerdll839285.dll
C:\Users\Katrin\AppData\Local\Temp\installerdll900078.dll
C:\Users\Katrin\AppData\Local\Temp\InstallPlugin.exe
C:\Users\Katrin\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Katrin\AppData\Local\Temp\Kies2RemoveAll.exe
C:\Users\Katrin\AppData\Local\Temp\msvcp90.dll
C:\Users\Katrin\AppData\Local\Temp\msvcr90.dll
C:\Users\Katrin\AppData\Local\Temp\optprosetup.exe
C:\Users\Katrin\AppData\Local\Temp\Quarantine.exe
C:\Users\Katrin\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Katrin\AppData\Local\Temp\rootsupd.exe
C:\Users\Katrin\AppData\Local\Temp\sdan.exe
C:\Users\Katrin\AppData\Local\Temp\sdapk.exe
C:\Users\Katrin\AppData\Local\Temp\sdaspwn.exe
C:\Users\Katrin\AppData\Local\Temp\Setup-Giga1.exe
C:\Users\Katrin\AppData\Local\Temp\Setup.exe
C:\Users\Katrin\AppData\Local\Temp\sqlite3.dll
C:\Users\Katrin\AppData\Local\Temp\supoptsetup.exe
C:\Users\Katrin\AppData\Local\Temp\TuneUpUtilities2013_de-AT.exe
C:\Users\Katrin\AppData\Local\Temp\uninst1.exe
C:\Users\Katrin\AppData\Local\Temp\UninstallEADM.dll
C:\Users\Katrin\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Katrin\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Katrin\AppData\Local\Temp\verifier.exe
C:\Users\Katrin\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
C:\Users\Katrin\AppData\Local\Temp\_is9607.exe
C:\Users\Katrin\AppData\Local\Temp\_isD327.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2014-02-19 20:06
==================== Ende von Ergebnis ============================
Nur die vom ersten Scan hab ich Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-08-2015
durchgeführt von Katrin (2015-08-18 22:20:37)
Gestartet von C:\Users\Katrin\Downloads
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2455217175-4274658696-198378322-500 - Administrator - Disabled)
Gast (S-1-5-21-2455217175-4274658696-198378322-501 - Limited - Disabled)
Katrin (S-1-5-21-2455217175-4274658696-198378322-1000 - Administrator - Enabled) => C:\Users\Katrin
Martin (S-1-5-21-2455217175-4274658696-198378322-1006 - Limited - Enabled) => C:\Users\Martin
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
.avi-CD Autostart 1.2.0 (HKLM-x32\...\.avi-CD Autostart_is1) (Version: - Aaron Spettl)
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{439760BC-7737-4386-9B1D-A90A3E8A22EA}) (Version: 3.4.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{E7F13A64-2E17-6800-06A9-D898C728A755}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Autodesk Backburner 2012.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2012.0.0 - Autodesk, Inc.)
Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit (HKLM\...\Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit) (Version: - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2012 (HKLM-x32\...\{B5751715-EC10-43D9-8C95-62E1368433EF}) (Version: 2.5.0.8 - Autodesk)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CaoupScanner (HKLM-x32\...\{80E8B0A0-117D-1402-7CDE-688156237115}) (Version: - CoupScanner) <==== ACHTUNG
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Composite 2012 64-bit (HKLM\...\{EA234BC3-39FE-4734-B72F-076086889F6D}) (Version: 7.0.0 - Autodesk)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1720_38230 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.54.95 - Electronic Arts)
Die*Sims*Mittelalter (HKLM-x32\...\{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}) (Version: 2.0.113 - Electronic Arts)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
DJ_AIO_06_F4500_SW_MIN (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
EA Download Manager (HKLM-x32\...\EADM) (Version: 5.0.0.255 - Electronic Arts, Inc.)
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: - Steinberg Media Technologies GmbH)
ETDWare PS/2-X64 8.0.6.0_WHQL (HKLM\...\Elantech) (Version: 8.0.6.0 - ELAN Microelectronic Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free YouTube Download version 3.0.20.1228 (HKLM-x32\...\Free YouTube Download_is1) (Version: - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.10.14.1206 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GetTheDiscount (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version: - GetTheDiscount) <==== ACHTUNG
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
HomeMedia (HKLM-x32\...\{AA4BF92B-2AAF-11DA-9D78-000129760D75}) (Version: 2.0.8920 - CyberLink Corporation)
HP Deskjet F4500 All-in-One Driver 14.0 Rel. 6 (HKLM\...\{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}) (Version: 14.0 - HP)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Packard Bell)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
iTunes (HKLM\...\{997C9EC4-B53D-479D-81B7-0AEC8D174BA1}) (Version: 10.4.1.10 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.710 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
jQuery Debugger (HKLM-x32\...\{5C28578D-D0F1-699F-01B0-CC0653A28C11}) (Version: - "")
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kurso de Esperanto 4 (HKLM-x32\...\{021F206C-3243-420E-9F0B-82639583E425}_is1) (Version: 4.1.1 - Esperanto)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Packard Bell)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.8.11000.8.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{68AFA3A7-9265-4ABD-994A-ACA413E3715C}) (Version: 10.6.10300 - Nero AG)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
NewsHub (HKLM-x32\...\{F6423EE4-93D8-FA04-D09D-A8598F6EFDFD}) (Version: - "") <==== ACHTUNG
NexusFont 2.5 (ver 2.5.4.1400) (HKLM-x32\...\{EFEDD205-43FE-4208-B682-0937E803E19E}_is1) (Version: - xiles)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Opera Stable 31.0.1889.99 (HKLM-x32\...\Opera 31.0.1889.99) (Version: 31.0.1889.99 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.04.3502 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.1025.2010 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.)
Packard Bell Social Networks (x32 Version: 3.0.3106 - CyberLink Corp.) Hidden
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Packard Bell)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayCatan Zugangssoftware (HKLM-x32\...\PlayCatan Client) (Version: 3.1148 - Catan GmbH)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30123 - Realtek Semiconductor Corp.)
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.2.0 - Reimage) <==== ACHTUNG
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
saviingttoyou (HKLM-x32\...\{A2616871-3463-BCEE-5AFA-73773317A381}) (Version: - "") <==== ACHTUNG
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Spotify (HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\Spotify) (Version: 0.9.4.178.g259772ba - Spotify AB)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Steinberg Cubase 6 64bit (HKLM\...\{C6651CD0-4892-4465-96AC-C9864A695FF9}) (Version: 6.0.5 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.5.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content (HKLM-x32\...\{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82}) (Version: 1.5.2.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 2.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content 2 (HKLM-x32\...\{88C337F0-4CF2-4098-BDC0-D94859ECA2B4}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Stifttablett (HKLM-x32\...\Pen Tablet Driver) (Version: - Wacom Technology Corp.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SystemPreserve (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{ce0aaa3b}) (Version: - Software Publisher) <==== ACHTUNG
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Unity Web Player (HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2455217175-4274658696-198378322-1006\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Web Camera (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2904.00 - CyberLink Corp.)
Video Web Camera (x32 Version: 1.5.2904.00 - CyberLink Corp.) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.4 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.3 - Wacom Technology Corp.)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3503 - Packard Bell)
WildTangent Games App (x32 Version: 4.0.11.9 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Wizard101(DE) (HKU\S-1-5-21-2455217175-4274658696-198378322-1006\...\Wizard101(DE)_is1) (Version: - Gameforge 4D GmbH)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2455217175-4274658696-198378322-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Katrin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2455217175-4274658696-198378322-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2455217175-4274658696-198378322-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2455217175-4274658696-198378322-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2455217175-4274658696-198378322-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0320B9DC-1004-423C-B96C-A22A55467142} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-05-20] (CyberLink)
Task: {1F5552FA-0FF4-4A9A-8F9B-ACCC3D7C266A} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2455217175-4274658696-198378322-1000
Task: {24FB42EA-E1E8-4CA1-A974-2CD3C61983E0} - System32\Tasks\{2F30E417-2728-4869-BFE4-6C694D744743} => pcalua.exe -a C:\Users\Katrin\Downloads\gamesplayerinstall(2).exe -d C:\Users\Katrin\Downloads
Task: {3114661F-7A9C-4F98-BA74-43CFD5A3071E} - System32\Tasks\{DEB83D54-97BD-45F7-97B4-2C2BDBC21567} => pcalua.exe -a D:\Sims3Setup.exe -d D:\
Task: {33A7B15E-256D-43C8-B3DF-30D5E60304B5} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe [2015-07-20] (Adobe Systems Incorporated)
Task: {46D49838-A182-4F18-9BFF-27E0F435766B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2455217175-4274658696-198378322-1000UA => C:\Users\Katrin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-04] (Facebook Inc.)
Task: {4BF1FE6A-31A6-47F5-AA3A-FD7AAC5C24D7} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-05-19] (Reimage®) <==== ACHTUNG
Task: {4CBCFB91-1206-4F84-B46E-DE391327D07E} - System32\Tasks\NBAgent => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-07-06] (Nero AG)
Task: {595D1A15-CABD-4F08-971D-00B7100FB283} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {9200AD5C-28C4-4821-BD8E-BD9DBC666AC4} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe [2015-07-27] (Reimage ltd.) <==== ACHTUNG
Task: {92C0DD9D-F828-42AF-8BFF-0F3F03C330E9} - System32\Tasks\{66D16A3C-0A42-4EBC-8132-29344CFF9849} => pcalua.exe -a "C:\Users\Katrin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q381I1E6\fxsetup.exe" -d C:\Users\Katrin\Desktop
Task: {9DE64921-E8F3-424A-9FEB-3ABBF33FB8F8} - System32\Tasks\AdobeAAMUpdater-1.0-Katrin-PC-Katrin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {A8C947F3-6654-4E67-87E8-E6059A991CB7} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2014-09-04] (Adobe Systems Incorporated)
Task: {B56E4A4E-D982-49C8-ADCB-232AC5B9EAED} - System32\Tasks\{8FCD024C-B72B-4A00-8EF0-4E700F96E162} => pcalua.exe -a C:\ProgramData\ssaveroon\RYTK2pJg3TOEtG.exe -c /s /n /i:"ExecuteCommands;UninstallCommands" ""
Task: {C0B63EBA-BB74-4053-AECD-5F436FED351B} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {D3DAB2C6-BBCE-49A6-BAFE-0C2ACFCD0C89} - System32\Tasks\{B4C1923A-BA5F-4901-8191-0EFF52C8A422} => pcalua.exe -a C:\ProgramData\Deaol2iDealit\nf5DFool9mFdcN.exe -c /s /n /i:"ExecuteCommands;UninstallCommands" ""
Task: {D7D9C284-0B70-4225-BC7D-565942499A44} - System32\Tasks\{ACB5E49B-B32A-45B7-A2C5-CCEA8FDC18A3} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}\SimsMedievalSetup.exe" -c -runfromtemp -l0x0007 -removeonly
Task: {E79C6358-E883-420D-AEDD-304F89290A8B} - System32\Tasks\{C5237E6C-897C-421F-89EA-A86B1AA287A9} => C:\Program Files (x86)\Buena Vista Games\Desperate Housewives\DesperateHousewives.exe
Task: {F2AE96B2-4231-4327-8B57-33AEA2D9D3EC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2455217175-4274658696-198378322-1000Core => C:\Users\Katrin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-04] (Facebook Inc.)
Task: {F7D5FC09-1766-492D-9AF9-91389631D511} - System32\Tasks\Superclean => c:\programdata\{b6f24e06-57ab-5155-b6f2-24e0657a3819}\hqghumeaylnlf.exe [2014-08-18] (Super PC Tools Ltd) <==== ACHTUNG
Task: {F959A88A-5044-4C8C-BB8A-3965AB2C96D0} - System32\Tasks\Opera scheduled Autoupdate 1437423186 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-30] (Opera Software)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2455217175-4274658696-198378322-1000Core.job => C:\Users\Katrin\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2455217175-4274658696-198378322-1000UA.job => C:\Users\Katrin\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\Superclean.job => c:\programdata\{b6f24e06-57ab-5155-b6f2-24e0657a3819}\hqghumeaylnlf.exe <==== ACHTUNG
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2015-05-19 12:46 - 2015-05-19 12:46 - 06759912 _____ () C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
2015-01-12 14:44 - 2015-01-12 14:44 - 02133504 _____ () c:\Program Files (x86)\SystemPreserve\SystemPreserve.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2011-07-25 11:18 - 2011-01-13 02:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-07-20 22:31 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2015-07-20 22:31 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2015-08-06 22:14 - 2015-08-06 22:14 - 58599032 _____ () C:\Program Files (x86)\Opera\31.0.1889.99\opera.dll
2015-08-06 22:14 - 2015-08-06 22:14 - 01781368 _____ () C:\Program Files (x86)\Opera\31.0.1889.99\libglesv2.dll
2015-08-06 22:14 - 2015-08-06 22:14 - 00081528 _____ () C:\Program Files (x86)\Opera\31.0.1889.99\libegl.dll
2015-07-20 22:29 - 2015-07-20 22:29 - 16307888 _____ () C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Katrin\Lokale Einstellungen:a43Cjom7bb6rfDhpFlKPxhiu
AlternateDataStreams: C:\Users\Katrin\Lokale Einstellungen:O1pr20QndOfWjqkxGTpv5
AlternateDataStreams: C:\Users\Katrin\AppData\Local:a43Cjom7bb6rfDhpFlKPxhiu
AlternateDataStreams: C:\Users\Katrin\AppData\Local:O1pr20QndOfWjqkxGTpv5
AlternateDataStreams: C:\Users\Katrin\AppData\Local\Anwendungsdaten:a43Cjom7bb6rfDhpFlKPxhiu
AlternateDataStreams: C:\Users\Katrin\AppData\Local\Anwendungsdaten:O1pr20QndOfWjqkxGTpv5
AlternateDataStreams: C:\Users\Katrin\AppData\Local\Temporary Internet Files:TY5E7Mafb9WPC77oY2rKN
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\aeriagames.com -> hxxp://aeriagames.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2455217175-4274658696-198378322-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
HKU\S-1-5-21-2455217175-4274658696-198378322-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 82.163.143.172 - 82.163.142.174
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^Users^Katrin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Katrin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EA Core => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
MSCONFIG\startupreg: ETDCtrl => %ProgramFiles%\Elantech\ETDCtrl.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\Katrin\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: Power Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RESTART_STICKY_NOTES => C:\Windows\System32\StikyNot.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Katrin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{2E2145BE-A74B-44B1-8B16-9BDEA941B951}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{9CAB31BE-7A75-4657-BD3F-169E8D4A5A89}] => (Allow) LPort=2869
FirewallRules: [{596BD085-D099-4072-8924-3534BB0BD10E}] => (Allow) LPort=1900
FirewallRules: [{118DAC96-3027-42FC-A8AD-0E53FDA4C67F}] => (Allow) C:\Program Files (x86)\CyberLink\HomeMedia\HomeMedia.exe
FirewallRules: [{1DB02CF5-E5FD-44C3-8E00-220D87329432}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{AD79A16E-0CBD-4FBC-9330-7356FD7C95ED}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BEB3A0FF-ECA1-4E20-A4A7-10995D11F7EE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4AEAB6D4-EA70-4BFF-B6F5-1D2522786CC7}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{890652D6-5B65-48CC-BDF7-A4ADE3105F0F}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{3D9EC7C3-7679-48EE-B59A-1591D88B586C}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{B66DB85C-D4A0-411C-92BD-A45D692A7394}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{76EE452D-259C-4556-8AB8-0DA6B7313D85}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{ED5EEDF3-DA59-42FB-8BA8-99C1EED7F1F7}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{80FF1608-B557-4AAF-9E1B-173270B339B1}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{A887EAA1-6532-484C-939B-F24F34C91B5D}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{3B752B93-C345-425E-842E-C760130496C2}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{854BFFD7-6677-46AD-8BF8-9CA312EB9BB7}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\3dsmax.exe
FirewallRules: [{68831568-F536-45B6-A9BE-BEC1BBE0C09C}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\3dsmax.exe
FirewallRules: [{E28F3B4E-5A50-4656-9DAF-BBE9F9B1EE92}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
FirewallRules: [{21ACBB0E-D793-4ED8-9D38-6FAE31C992D7}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
FirewallRules: [{D5EACDF4-7876-4366-B055-26E9DDF753C6}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64.exe
FirewallRules: [{3C638B32-1A49-4F8B-BF9A-2DDBD075B268}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64.exe
FirewallRules: [TCP Query User{5767AA50-5B52-4457-875D-D9029DBCE5C3}C:\program files\steinberg\cubase 6\cubase6.exe] => (Allow) C:\program files\steinberg\cubase 6\cubase6.exe
FirewallRules: [UDP Query User{1C6F2059-E555-4F20-A74B-012D9BB0F81F}C:\program files\steinberg\cubase 6\cubase6.exe] => (Allow) C:\program files\steinberg\cubase 6\cubase6.exe
FirewallRules: [TCP Query User{6BC4D746-D771-4BFE-BE86-6B3B22949E1D}C:\program files\steinberg\cubase 6\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 6\components\vstbridgeapp.exe
FirewallRules: [UDP Query User{401D6E87-44A7-448B-AED3-3EBE1DFA0F08}C:\program files\steinberg\cubase 6\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 6\components\vstbridgeapp.exe
FirewallRules: [{FC8D8E40-CD3F-4A20-B7C5-83A9EF738236}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{AB5A1335-5C1F-4EF6-9C44-63EE42A12745}] => (Allow) C:\Users\Katrin\AppData\Local\Temp\7zS4EB5\setup\hpznui40.exe
FirewallRules: [{9E8054C1-BB4B-4715-933F-29523F65BDF2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{1BC91A5B-2D66-40C2-A653-57AE7FDFE606}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{15859FA2-F01E-4A3D-B41F-4366EDCEB583}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [TCP Query User{FF67B927-EC08-4793-A235-098E6B54D3F8}C:\users\katrin\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\katrin\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{8C4FF2E9-A4C1-44D2-9137-79D5153898FF}C:\users\katrin\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\katrin\appdata\local\akamai\netsession_win.exe
FirewallRules: [{747E323F-DAC8-4F8B-8F2B-C0414E4CA39F}] => (Allow) C:\AeriaGames\EdenEternal-DE\_Launcher.exe
FirewallRules: [{2B1D03E7-C261-4BE4-AF00-1631FF0F92F9}] => (Allow) C:\AeriaGames\EdenEternal-DE\_Launcher.exe
FirewallRules: [{FC432E7B-2DD7-41D4-BDF7-B7E128EB15CD}] => (Allow) C:\AeriaGames\EdenEternal-DE\_Launcher.exe
FirewallRules: [{8A80D549-EA1E-4FA3-A42B-C05E0B69A5CF}] => (Allow) C:\AeriaGames\EdenEternal-DE\_Launcher.exe
FirewallRules: [TCP Query User{81D69A74-DE64-478F-8544-4620756C48CB}C:\users\katrin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\katrin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5DB9527E-78CB-4357-99D2-E3D1D8282CDB}C:\users\katrin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\katrin\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{94024430-A30A-4511-8E28-757DB8AD2240}C:\users\katrin\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\katrin\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{2E58B01A-EDC0-465C-9712-E138FD0C7C2D}C:\users\katrin\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\katrin\appdata\local\akamai\netsession_win.exe
FirewallRules: [{D66DCD1D-9F99-4497-BB75-7DB0CBCF8951}] => (Allow) C:\Users\Katrin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{25ED5E4A-8D12-4F5A-BCC9-FE6730598B2C}] => (Allow) C:\Users\Katrin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{C6544234-7719-47A2-9369-178245B6E831}C:\users\katrin\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\katrin\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{6460434E-B11F-4728-99E3-EF9E88F68C1C}C:\users\katrin\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\katrin\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{5C60F32B-8704-4CAA-940B-DC77FCF4608A}] => (Allow) C:\Users\Katrin\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{0B963D84-A336-4503-9A7E-CE9662FC3191}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{A9F33512-2C1E-4EC8-9729-B2459A7B3A29}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{E5C2EE14-41E4-4DAE-B671-F2FE44949C39}] => (Allow) LPort=49170
FirewallRules: [{8ADC90EC-8E0A-46EF-8B1E-22FFEDA17041}] => (Allow) LPort=5000
FirewallRules: [{E417D833-194F-4A81-B5AC-1C528C6CD20F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F546CECA-C8F7-492D-87B1-9F5A2EFAA6CF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Konnte Geräte nicht auflisten. Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/18/2015 09:50:55 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{e9afa979-c82a-11e0-8df3-806e6f6e6963} - 0000000000000154,0x0053c008,00000000002CE7C0,0,0000000000309FD0,4096,[0])". hr = 0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (08/18/2015 09:40:01 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x81000101).
Error: (08/18/2015 09:18:00 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (08/17/2015 09:01:44 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{e9afa979-c82a-11e0-8df3-806e6f6e6963} - 0000000000000150,0x0053c008,00000000003CE7C0,0,0000000000409FD0,4096,[0])". hr = 0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (08/17/2015 08:51:34 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x81000101).
Error: (08/17/2015 07:19:53 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (08/17/2015 07:01:35 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{e9afa979-c82a-11e0-8df3-806e6f6e6963} - 0000000000000150,0x0053c008,000000000044E7C0,0,00000000002C9FD0,4096,[0])". hr = 0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (08/17/2015 06:50:22 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x81000101).
Error: (08/16/2015 11:48:42 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (08/15/2015 03:31:54 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{e9afa979-c82a-11e0-8df3-806e6f6e6963} - 0000000000000150,0x0053c008,00000000002FE7C0,0,00000000001F9FD0,4096,[0])". hr = 0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Systemfehler:
=============
Error: (08/18/2015 09:50:54 PM) (Source: volsnap) (EventID: 67) (User: )
Description: Die Schattenkopie des erstellten Volumes "C:" konnte nicht installiert werden.
Error: (08/17/2015 09:01:44 PM) (Source: volsnap) (EventID: 67) (User: )
Description: Die Schattenkopie des erstellten Volumes "C:" konnte nicht installiert werden.
Error: (08/17/2015 07:01:35 PM) (Source: volsnap) (EventID: 67) (User: )
Description: Die Schattenkopie des erstellten Volumes "C:" konnte nicht installiert werden.
Error: (08/15/2015 03:31:54 PM) (Source: volsnap) (EventID: 67) (User: )
Description: Die Schattenkopie des erstellten Volumes "C:" konnte nicht installiert werden.
Error: (08/15/2015 01:31:51 PM) (Source: volsnap) (EventID: 67) (User: )
Description: Die Schattenkopie des erstellten Volumes "C:" konnte nicht installiert werden.
Error: (08/15/2015 11:36:15 AM) (Source: volsnap) (EventID: 67) (User: )
Description: Die Schattenkopie des erstellten Volumes "C:" konnte nicht installiert werden.
Error: (08/15/2015 01:32:57 AM) (Source: volsnap) (EventID: 67) (User: )
Description: Die Schattenkopie des erstellten Volumes "C:" konnte nicht installiert werden.
Error: (08/13/2015 09:44:17 PM) (Source: volsnap) (EventID: 67) (User: )
Description: Die Schattenkopie des erstellten Volumes "C:" konnte nicht installiert werden.
Error: (08/13/2015 12:21:02 AM) (Source: volsnap) (EventID: 67) (User: )
Description: Die Schattenkopie des erstellten Volumes "C:" konnte nicht installiert werden.
Error: (08/11/2015 09:21:19 PM) (Source: volsnap) (EventID: 67) (User: )
Description: Die Schattenkopie des erstellten Volumes "C:" konnte nicht installiert werden.
Microsoft Office:
=========================
Error: (08/18/2015 09:50:55 PM) (Source: VSS) (EventID: 12289) (User: )
Description: DeviceIoControl(\\?\Volume{e9afa979-c82a-11e0-8df3-806e6f6e6963} - 0000000000000154,0x0053c008,00000000002CE7C0,0,0000000000309FD0,4096,[0])0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (08/18/2015 09:40:01 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101
Error: (08/18/2015 09:18:00 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (08/17/2015 09:01:44 PM) (Source: VSS) (EventID: 12289) (User: )
Description: DeviceIoControl(\\?\Volume{e9afa979-c82a-11e0-8df3-806e6f6e6963} - 0000000000000150,0x0053c008,00000000003CE7C0,0,0000000000409FD0,4096,[0])0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (08/17/2015 08:51:34 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101
Error: (08/17/2015 07:19:53 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (08/17/2015 07:01:35 PM) (Source: VSS) (EventID: 12289) (User: )
Description: DeviceIoControl(\\?\Volume{e9afa979-c82a-11e0-8df3-806e6f6e6963} - 0000000000000150,0x0053c008,000000000044E7C0,0,00000000002C9FD0,4096,[0])0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (08/17/2015 06:50:22 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101
Error: (08/16/2015 11:48:42 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (08/15/2015 03:31:54 PM) (Source: VSS) (EventID: 12289) (User: )
Description: DeviceIoControl(\\?\Volume{e9afa979-c82a-11e0-8df3-806e6f6e6963} - 0000000000000150,0x0053c008,00000000002FE7C0,0,00000000001F9FD0,4096,[0])0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
CodeIntegrity:
===================================
Date: 2013-04-08 14:34:08.289
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:34:08.264
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:34:06.213
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:34:06.187
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:34:04.143
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:34:04.109
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:34:02.029
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:34:02.003
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:33:59.924
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:33:59.898
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 66%
Installierter physikalischer RAM: 3947.86 MB
Verfügbarer physikalischer RAM: 1307.34 MB
Summe virtueller Speicher: 7893.93 MB
Verfügbarer virtueller Speicher: 3961.91 MB
==================== Laufwerke ================================
Drive c: (Packard Bell) (Fixed) (Total:445.66 GB) (Free:148.56 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 5306F673)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=445.7 GB) - (Type=07 NTFS)
==================== Ende von Ergebnis ============================
|
|
19.08.2015, 14:04
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Opera, verlinkte Wörter auf Website und Werbefenster Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Untersuchen klicken.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.08.2015, 14:33
| #8 |
| | Windows 7: Opera, verlinkte Wörter auf Website und Werbefenster Nochmals neu gescannt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-08-2015
durchgeführt von Katrin (Administrator) auf KATRIN-PC (19-08-2015 15:31:08)
Gestartet von C:\Users\Katrin\Downloads\FRST-OlderVersion
Geladene Profile: Katrin (Verfügbare Profile: Katrin & Martin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Opera)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-14] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-07] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Katrin\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-07] (Samsung)
HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ACHTUNG
GroupPolicyUsers\S-1-5-21-2455217175-4274658696-198378322-1006\User: Beschränkung erkannt <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2455217175-4274658696-198378322-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-21-2455217175-4274658696-198378322-1000 -> DefaultScope {0633ee93-d776-472f-a0ff-e1416b8b2e3a} URL =
SearchScopes: HKU\S-1-5-21-2455217175-4274658696-198378322-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2455217175-4274658696-198378322-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{16487531-B73D-4A61-A0A1-D5C275028BCB}: [DhcpNameServer] 213.94.78.16 213.94.78.17
Tcpip\..\Interfaces\{24D56DD0-2FBE-42FA-BC05-1300280A189D}: [NameServer] 82.163.143.172,82.163.142.174
Tcpip\..\Interfaces\{24D56DD0-2FBE-42FA-BC05-1300280A189D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{77187876-313D-4CB3-8052-1566C9D9D308}: [NameServer] 82.163.143.172,82.163.142.174
Tcpip\..\Interfaces\{77187876-313D-4CB3-8052-1566C9D9D308}: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\1k37nphq.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.at/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-20] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-20] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Keine Datei]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2011-07-29] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-02-18] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll [2015-07-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll [2015-07-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-07-19] (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2009-09-25] (Wacom, Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2455217175-4274658696-198378322-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Katrin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2455217175-4274658696-198378322-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Katrin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-23] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011-09-25]
Chrome:
=======
CHR dev: Chrome dev build erkannt! <======= ACHTUNG
CHR Profile: C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default
Opera:
=======
OPR Extension: (adblockforopera) - C:\Users\Katrin\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2015-07-20]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
S2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [39528 2011-01-18] (Acer Incorporated)
S2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [255376 2012-04-05] (Acer Incorporated)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [Datei ist nicht signiert]
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-14] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [Datei ist nicht signiert]
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 WTouchService; C:\Program Files\WTouch\WTouchService.exe [127784 2009-11-24] (Wacom Technology, Corp.)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-03-20] () [Datei ist nicht signiert]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 synusb64; C:\Windows\System32\DRIVERS\synusb64.sys [30352 2010-09-17] (Steinberg Media Technologies GmbH)
S3 cpuz134; \??\C:\Users\Katrin\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-19 14:10 - 2015-08-19 15:31 - 00000000 ____D C:\Users\Katrin\Downloads\FRST-OlderVersion
2015-08-19 14:06 - 2015-08-19 14:06 - 00047839 _____ C:\Users\Katrin\Desktop\JRT.txt
2015-08-19 13:51 - 2015-08-19 13:51 - 01791580 _____ (Malwarebytes Corporation) C:\Users\Katrin\Downloads\JRT.exe
2015-08-19 13:44 - 2015-08-19 13:45 - 00000000 ____D C:\AdwCleaner
2015-08-19 13:41 - 2015-08-19 13:42 - 01585664 _____ C:\Users\Katrin\Downloads\AdwCleaner_5.002.exe
2015-08-19 09:25 - 2015-08-19 09:25 - 00001276 _____ C:\Users\Katrin\Desktop\Revo Uninstaller.lnk
2015-08-19 09:25 - 2015-08-19 09:25 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-08-19 09:24 - 2015-08-19 09:25 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Katrin\Downloads\revosetup95.exe
2015-08-19 01:01 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-19 01:01 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-19 00:51 - 2015-08-19 00:56 - 00000000 ____D C:\7955ba6a45aa08e7fd67
2015-08-19 00:47 - 2015-08-19 00:51 - 00000000 ____D C:\f6831a79596ed8c5551d795b6c2cbf
2015-08-19 00:37 - 2015-08-19 00:42 - 00000000 ____D C:\43404232833376286d6c3dcc
2015-08-18 22:50 - 2015-08-18 22:50 - 00001202 _____ C:\Users\Katrin\Desktop\gmer.log
2015-08-18 22:27 - 2015-08-18 22:27 - 00056121 _____ C:\Users\Katrin\Desktop\Addition.txt
2015-08-18 22:26 - 2015-08-18 22:26 - 00380416 _____ C:\Users\Katrin\Downloads\Gmer-19357.exe
2015-08-18 22:26 - 2015-08-18 22:26 - 00060577 _____ C:\Users\Katrin\Desktop\FRST.txt
2015-08-18 22:20 - 2015-08-18 22:21 - 00056121 _____ C:\Users\Katrin\Downloads\Addition.txt
2015-08-18 22:19 - 2015-08-19 14:14 - 00061601 _____ C:\Users\Katrin\Downloads\FRST.txt
2015-08-18 22:15 - 2015-08-18 22:16 - 00000474 _____ C:\Users\Katrin\Desktop\defogger_disable.log
2015-08-18 22:15 - 2015-08-18 22:15 - 00000000 _____ C:\Users\Katrin\defogger_reenable
2015-08-18 22:13 - 2015-08-18 22:13 - 00050477 _____ C:\Users\Katrin\Desktop\Defogger.exe
2015-08-18 21:55 - 2015-08-18 21:56 - 00772016 _____ (Reimage®) C:\Users\Katrin\Downloads\ReimageRepair (1).exe
2015-08-17 22:16 - 2015-08-18 23:19 - 00010712 _____ C:\Users\Katrin\Desktop\Howrse Futter.ods
2015-08-12 22:33 - 2015-08-12 22:33 - 00000000 ____D C:\Program Files (x86)\jQuery Debugger
2015-08-11 21:00 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-11 21:00 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-11 21:00 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-11 21:00 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-11 21:00 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-11 21:00 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-11 21:00 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-11 21:00 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-11 21:00 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-11 21:00 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-11 21:00 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-11 21:00 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-11 21:00 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-11 21:00 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-11 21:00 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-11 21:00 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-11 21:00 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-11 21:00 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-11 21:00 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-11 21:00 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-11 21:00 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-11 21:00 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-11 21:00 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-11 21:00 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-11 21:00 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-11 21:00 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-11 21:00 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-11 21:00 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-11 21:00 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-11 21:00 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-11 21:00 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-11 21:00 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-11 21:00 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-11 21:00 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-11 20:59 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-11 20:59 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-11 20:59 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-11 20:59 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-11 20:59 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-11 20:59 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-11 20:59 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-11 20:59 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-11 20:59 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-11 20:59 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-11 20:59 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-11 20:59 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-11 20:59 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-11 20:59 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-11 20:59 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-11 20:59 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-11 20:59 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-11 20:59 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-11 20:59 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-11 20:59 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-11 20:59 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-11 20:59 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-11 20:59 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-11 20:59 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-11 20:59 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-11 20:59 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-11 20:59 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-11 20:59 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-11 20:59 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-11 20:59 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-11 20:59 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-11 20:59 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-11 20:59 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-11 20:59 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-11 20:59 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-11 20:59 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-11 20:59 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-11 20:59 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-11 20:59 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-11 20:59 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-11 20:59 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-11 20:59 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-11 20:59 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-11 20:59 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-11 20:59 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-11 20:58 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-11 20:57 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-11 20:57 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-11 20:57 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-11 20:57 - 2015-07-16 22:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-11 20:57 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-11 20:57 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-11 20:57 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-11 20:57 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-11 20:57 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-11 20:57 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-11 20:57 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-11 20:57 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-11 20:57 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-11 20:57 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-11 20:57 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-11 20:57 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-11 20:57 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-11 20:57 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-11 20:57 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-11 20:57 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-11 20:57 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-11 20:57 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-11 20:57 - 2015-07-16 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-11 20:57 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-11 20:57 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-11 20:57 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-11 20:57 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-11 20:57 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-11 20:57 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-11 20:57 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-11 20:57 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-11 20:57 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-11 20:57 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-11 20:57 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-11 20:57 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-11 20:57 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-11 20:57 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-11 20:57 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-11 20:57 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-11 20:57 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-11 20:57 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-11 20:57 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-11 20:57 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-11 20:57 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-11 20:57 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-11 20:57 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-11 20:57 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-11 20:57 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-11 20:57 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-11 20:57 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-11 20:57 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-11 20:57 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-11 20:57 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-11 20:57 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-11 20:57 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-11 20:57 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-11 20:57 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-11 20:57 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-11 20:57 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-11 20:57 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-11 20:54 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-11 20:54 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-11 20:54 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-11 20:54 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-11 20:54 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-11 20:54 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-11 20:54 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-11 20:54 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-11 20:54 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-11 20:54 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-11 20:54 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-11 20:54 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-11 20:54 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-11 20:54 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-11 20:54 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-11 20:54 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-11 20:54 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-11 20:54 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-11 20:54 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-11 20:54 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-11 20:54 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-11 20:54 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-11 20:54 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-11 20:54 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-11 20:54 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-11 20:54 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-11 20:54 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-11 20:54 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-11 20:54 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-11 20:54 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-11 20:54 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-11 20:54 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-11 20:54 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-11 20:54 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-11 20:54 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-11 20:54 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-11 20:54 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-11 20:54 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-11 20:54 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-11 20:54 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-11 20:54 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-11 20:54 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-11 20:54 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-11 20:54 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-11 20:54 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-11 20:54 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-11 20:54 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-11 20:54 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-11 20:54 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-07 20:55 - 2015-08-07 20:56 - 04847032 _____ (Opera Software ASA ) C:\Users\Katrin\Downloads\Opera 9 Eng Setup.exe
2015-08-07 20:45 - 2015-08-07 20:45 - 08969716 _____ C:\Users\Katrin\Downloads\Opera_964_int_Setup [1].exe
2015-08-07 20:43 - 2015-08-07 20:44 - 00894960 _____ (Internet Web ) C:\Users\Katrin\Downloads\Opera_964_int_Setup.exe
2015-07-31 23:40 - 2015-07-31 23:44 - 00000000 ____D C:\0a5fdeaa37df6b20cfe6f0
2015-07-31 23:35 - 2015-07-31 23:40 - 00000000 ____D C:\380cc8c85f97f435a6
2015-07-31 23:30 - 2015-07-31 23:35 - 00000000 ____D C:\ee65a3c4cdf5270d95fcfdb99859a5
2015-07-31 10:03 - 2015-07-31 10:03 - 00000000 ____D C:\Users\Katrin\AppData\Local\GWX
2015-07-29 00:08 - 2015-07-29 00:12 - 00000000 ____D C:\037733898ee144e0bf926940
2015-07-29 00:03 - 2015-07-29 00:08 - 00000000 ____D C:\68800b228f25db4b33
2015-07-28 23:59 - 2015-07-29 00:03 - 00000000 ____D C:\b6063ca14a055dc780c00c8aa3ea22
2015-07-20 22:31 - 2015-07-20 22:31 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-20 22:31 - 2015-07-20 22:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-20 22:29 - 2015-08-16 11:19 - 00000946 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-07-20 22:29 - 2015-07-20 22:29 - 00003944 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-07-20 22:20 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-20 22:20 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-20 22:20 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-20 22:20 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-20 22:20 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-20 22:20 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-20 22:20 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-20 22:20 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-20 22:20 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-20 22:20 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-20 22:20 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-20 22:20 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-20 22:18 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-20 22:18 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-20 22:17 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-20 22:17 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-20 22:15 - 2015-07-20 22:15 - 00000000 ____D C:\Users\Katrin\AppData\Local\Opera Software
2015-07-20 22:13 - 2015-08-19 09:06 - 00003854 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1437423186
2015-07-20 22:13 - 2015-07-20 22:13 - 00001147 _____ C:\Users\Public\Desktop\Opera.lnk
2015-07-20 22:13 - 2015-07-20 22:13 - 00001147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-07-20 22:13 - 2015-07-20 22:13 - 00000000 ____D C:\Users\Katrin\AppData\Roaming\Opera Software
2015-07-20 22:10 - 2015-08-19 09:06 - 00000000 ____D C:\Program Files (x86)\Opera
2015-07-20 22:10 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-20 22:10 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-20 22:10 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-20 22:10 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-20 22:10 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-20 22:10 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-20 22:10 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-20 22:10 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-20 22:10 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-20 22:10 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-20 22:09 - 2015-07-20 22:10 - 00687528 _____ (Opera Software) C:\Users\Katrin\Downloads\Opera_NI_stable.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-19 15:31 - 2014-03-27 22:42 - 00000000 ____D C:\FRST
2015-08-19 14:57 - 2012-03-02 12:47 - 00001142 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2455217175-4274658696-198378322-1000UA.job
2015-08-19 14:10 - 2014-03-27 22:41 - 02173440 _____ (Farbar) C:\Users\Katrin\Downloads\FRST64.exe
2015-08-19 14:04 - 2011-09-25 13:13 - 00000000 ____D C:\Users\Katrin
2015-08-19 13:57 - 2009-07-14 06:45 - 00023440 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-19 13:57 - 2009-07-14 06:45 - 00023440 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-19 13:52 - 2011-08-16 19:15 - 01518081 _____ C:\Windows\WindowsUpdate.log
2015-08-19 13:48 - 2015-04-29 10:16 - 00000000 ____D C:\Users\Katrin\AppData\Roaming\WTablet
2015-08-19 13:47 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-19 13:47 - 2009-07-14 06:51 - 00249478 _____ C:\Windows\setupact.log
2015-08-19 13:46 - 2014-10-15 16:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-19 11:15 - 2014-11-30 16:07 - 00000000 ____D C:\Users\Katrin\AppData\Roaming\PlayCatanClient
2015-08-19 11:08 - 2011-12-12 18:50 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{77177907-A101-456D-BC6D-99E3A6237DE9}
2015-08-19 09:01 - 2009-07-14 06:45 - 18823360 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-19 08:57 - 2014-12-16 12:33 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-19 08:57 - 2014-05-08 00:09 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-19 01:01 - 2012-05-21 17:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-19 00:59 - 2012-05-21 17:43 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-19 00:59 - 2012-05-21 17:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-19 00:35 - 2013-08-11 09:12 - 00000000 ____D C:\Windows\system32\MRT
2015-08-19 00:22 - 2011-09-25 20:06 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-18 22:07 - 2015-06-17 20:21 - 00001232 _____ C:\Users\Katrin\Desktop\Spielplan.txt
2015-08-18 20:54 - 2012-03-02 12:47 - 00001120 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2455217175-4274658696-198378322-1000Core.job
2015-08-16 11:37 - 2011-07-25 11:56 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support
2015-08-15 10:08 - 2011-08-17 05:07 - 00766186 _____ C:\Windows\system32\perfh007.dat
2015-08-15 10:08 - 2011-08-17 05:07 - 00175126 _____ C:\Windows\system32\perfc007.dat
2015-08-15 10:08 - 2009-07-14 07:13 - 01808470 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-12 22:35 - 2015-06-09 10:22 - 00000079 _____ C:\Program Files (x86)\prefs.js
2015-08-10 23:16 - 2013-05-01 22:51 - 00000000 ____D C:\Users\Katrin\AppData\Local\Akamai
2015-08-09 21:57 - 2010-11-21 05:47 - 00818418 _____ C:\Windows\PFRO.log
2015-07-31 23:44 - 2011-09-25 13:32 - 01836088 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-07-31 20:53 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT
2015-07-31 20:29 - 2007-07-12 03:49 - 00000000 ____D C:\Windows\Panther
2015-07-25 18:36 - 2015-04-07 23:42 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-21 12:16 - 2015-04-07 23:42 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-21 12:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-20 22:40 - 2011-09-25 13:15 - 00000000 ____D C:\Users\Katrin\AppData\Local\Adobe
2015-07-20 22:31 - 2012-03-05 17:16 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-20 22:29 - 2015-06-05 21:25 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-20 22:29 - 2015-06-05 21:25 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-20 22:24 - 2014-12-24 16:08 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-01-22 14:23 - 2013-01-22 14:22 - 0021494 _____ () C:\Program Files (x86)\0x0409.ini
2013-01-22 14:23 - 2013-01-22 14:22 - 0003584 _____ () C:\Program Files (x86)\1033.MST
2015-06-09 10:22 - 2015-08-12 22:35 - 0000079 _____ () C:\Program Files (x86)\prefs.js
2013-01-22 14:23 - 2013-01-22 14:22 - 67047424 _____ () C:\Program Files (x86)\Samsung Kies.msi
2012-04-19 16:52 - 2014-11-11 13:19 - 0000132 _____ () C:\Users\Katrin\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-12-08 21:18 - 2014-12-08 21:18 - 1520608 _____ (home) C:\Users\Katrin\AppData\Roaming\TZ.exe
2015-04-22 19:55 - 2015-04-22 19:56 - 0011708 _____ () C:\Users\Katrin\AppData\Local\Temp-log.txt
2015-05-11 23:13 - 2015-05-11 23:13 - 0000000 _____ () C:\Users\Katrin\AppData\Local\Temp.dat
2012-04-01 21:28 - 2012-04-01 21:33 - 0000356 _____ () C:\ProgramData\hpzinstall.log
2014-03-24 20:12 - 2014-03-24 20:12 - 0000032 _____ () C:\ProgramData\Temp.log
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Public\AlexaNSISPlugin.2168.dll
Einige Dateien in TEMP:
====================
C:\Users\Katrin\AppData\Local\Temp\AcDeltree.exe
C:\Users\Katrin\AppData\Local\Temp\BackupSetup.exe
C:\Users\Katrin\AppData\Local\Temp\bstrapInstall.exe
C:\Users\Katrin\AppData\Local\Temp\DivXSetup.exe
C:\Users\Katrin\AppData\Local\Temp\divx_cd_autostart.exe
C:\Users\Katrin\AppData\Local\Temp\dlLogic.exe
C:\Users\Katrin\AppData\Local\Temp\dltr.exe
C:\Users\Katrin\AppData\Local\Temp\DWPUpgradeInstaller.exe
C:\Users\Katrin\AppData\Local\Temp\EAD7409.exe
C:\Users\Katrin\AppData\Local\Temp\EAD9932.exe
C:\Users\Katrin\AppData\Local\Temp\EADAB.exe
C:\Users\Katrin\AppData\Local\Temp\Execute2App.exe
C:\Users\Katrin\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Katrin\AppData\Local\Temp\GCVerifier.dll
C:\Users\Katrin\AppData\Local\Temp\i4jdel0.exe
C:\Users\Katrin\AppData\Local\Temp\ICReinstall_Opera_964_int_Setup.exe
C:\Users\Katrin\AppData\Local\Temp\InstallAX.exe
C:\Users\Katrin\AppData\Local\Temp\installerdll11255565.dll
C:\Users\Katrin\AppData\Local\Temp\installerdll12362096.dll
C:\Users\Katrin\AppData\Local\Temp\installerdll12375106.dll
C:\Users\Katrin\AppData\Local\Temp\installerdll12774344.dll
C:\Users\Katrin\AppData\Local\Temp\installerdll142304.dll
C:\Users\Katrin\AppData\Local\Temp\installerdll67033.dll
C:\Users\Katrin\AppData\Local\Temp\installerdll839285.dll
C:\Users\Katrin\AppData\Local\Temp\installerdll900078.dll
C:\Users\Katrin\AppData\Local\Temp\InstallPlugin.exe
C:\Users\Katrin\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Katrin\AppData\Local\Temp\Kies2RemoveAll.exe
C:\Users\Katrin\AppData\Local\Temp\msvcp90.dll
C:\Users\Katrin\AppData\Local\Temp\msvcr90.dll
C:\Users\Katrin\AppData\Local\Temp\optprosetup.exe
C:\Users\Katrin\AppData\Local\Temp\Quarantine.exe
C:\Users\Katrin\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Katrin\AppData\Local\Temp\rootsupd.exe
C:\Users\Katrin\AppData\Local\Temp\sdan.exe
C:\Users\Katrin\AppData\Local\Temp\sdapk.exe
C:\Users\Katrin\AppData\Local\Temp\sdaspwn.exe
C:\Users\Katrin\AppData\Local\Temp\Setup-Giga1.exe
C:\Users\Katrin\AppData\Local\Temp\Setup.exe
C:\Users\Katrin\AppData\Local\Temp\sqlite3.dll
C:\Users\Katrin\AppData\Local\Temp\supoptsetup.exe
C:\Users\Katrin\AppData\Local\Temp\TuneUpUtilities2013_de-AT.exe
C:\Users\Katrin\AppData\Local\Temp\uninst1.exe
C:\Users\Katrin\AppData\Local\Temp\UninstallEADM.dll
C:\Users\Katrin\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Katrin\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Katrin\AppData\Local\Temp\verifier.exe
C:\Users\Katrin\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
C:\Users\Katrin\AppData\Local\Temp\_is9607.exe
C:\Users\Katrin\AppData\Local\Temp\_isD327.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2014-02-19 20:06
==================== Ende von Ergebnis ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-08-2015
durchgeführt von Katrin (2015-08-19 15:32:01)
Gestartet von C:\Users\Katrin\Downloads\FRST-OlderVersion
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2455217175-4274658696-198378322-500 - Administrator - Disabled)
Gast (S-1-5-21-2455217175-4274658696-198378322-501 - Limited - Disabled)
Katrin (S-1-5-21-2455217175-4274658696-198378322-1000 - Administrator - Enabled) => C:\Users\Katrin
Martin (S-1-5-21-2455217175-4274658696-198378322-1006 - Limited - Enabled) => C:\Users\Martin
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
.avi-CD Autostart 1.2.0 (HKLM-x32\...\.avi-CD Autostart_is1) (Version: - Aaron Spettl)
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{439760BC-7737-4386-9B1D-A90A3E8A22EA}) (Version: 3.4.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{E7F13A64-2E17-6800-06A9-D898C728A755}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Autodesk Backburner 2012.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2012.0.0 - Autodesk, Inc.)
Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit (HKLM\...\Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit) (Version: - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2012 (HKLM-x32\...\{B5751715-EC10-43D9-8C95-62E1368433EF}) (Version: 2.5.0.8 - Autodesk)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Composite 2012 64-bit (HKLM\...\{EA234BC3-39FE-4734-B72F-076086889F6D}) (Version: 7.0.0 - Autodesk)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1720_38230 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.54.95 - Electronic Arts)
Die*Sims*Mittelalter (HKLM-x32\...\{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}) (Version: 2.0.113 - Electronic Arts)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
DJ_AIO_06_F4500_SW_MIN (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
EA Download Manager (HKLM-x32\...\EADM) (Version: 5.0.0.255 - Electronic Arts, Inc.)
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: - Steinberg Media Technologies GmbH)
ETDWare PS/2-X64 8.0.6.0_WHQL (HKLM\...\Elantech) (Version: 8.0.6.0 - ELAN Microelectronic Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free YouTube Download version 3.0.20.1228 (HKLM-x32\...\Free YouTube Download_is1) (Version: - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.10.14.1206 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
HomeMedia (HKLM-x32\...\{AA4BF92B-2AAF-11DA-9D78-000129760D75}) (Version: 2.0.8920 - CyberLink Corporation)
HP Deskjet F4500 All-in-One Driver 14.0 Rel. 6 (HKLM\...\{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}) (Version: 14.0 - HP)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Packard Bell)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
iTunes (HKLM\...\{997C9EC4-B53D-479D-81B7-0AEC8D174BA1}) (Version: 10.4.1.10 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.710 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
jQuery Debugger (HKLM-x32\...\{5C28578D-D0F1-699F-01B0-CC0653A28C11}) (Version: - "")
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kurso de Esperanto 4 (HKLM-x32\...\{021F206C-3243-420E-9F0B-82639583E425}_is1) (Version: 4.1.1 - Esperanto)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Packard Bell)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.8.11000.8.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{68AFA3A7-9265-4ABD-994A-ACA413E3715C}) (Version: 10.6.10300 - Nero AG)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
NexusFont 2.5 (ver 2.5.4.1400) (HKLM-x32\...\{EFEDD205-43FE-4208-B682-0937E803E19E}_is1) (Version: - xiles)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Opera Stable 31.0.1889.174 (HKLM-x32\...\Opera 31.0.1889.174) (Version: 31.0.1889.174 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.04.3502 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.1025.2010 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.)
Packard Bell Social Networks (x32 Version: 3.0.3106 - CyberLink Corp.) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayCatan Zugangssoftware (HKLM-x32\...\PlayCatan Client) (Version: 3.1148 - Catan GmbH)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30123 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Spotify (HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\Spotify) (Version: 0.9.4.178.g259772ba - Spotify AB)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Steinberg Cubase 6 64bit (HKLM\...\{C6651CD0-4892-4465-96AC-C9864A695FF9}) (Version: 6.0.5 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.5.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content (HKLM-x32\...\{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82}) (Version: 1.5.2.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 2.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content 2 (HKLM-x32\...\{88C337F0-4CF2-4098-BDC0-D94859ECA2B4}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Stifttablett (HKLM-x32\...\Pen Tablet Driver) (Version: - Wacom Technology Corp.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Unity Web Player (HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Web Camera (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2904.00 - CyberLink Corp.)
Video Web Camera (x32 Version: 1.5.2904.00 - CyberLink Corp.) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.4 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.3 - Wacom Technology Corp.)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3503 - Packard Bell)
WildTangent Games App (x32 Version: 4.0.11.9 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2455217175-4274658696-198378322-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Katrin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2455217175-4274658696-198378322-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2455217175-4274658696-198378322-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2455217175-4274658696-198378322-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2455217175-4274658696-198378322-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katrin\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0320B9DC-1004-423C-B96C-A22A55467142} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-05-20] (CyberLink)
Task: {1F5552FA-0FF4-4A9A-8F9B-ACCC3D7C266A} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2455217175-4274658696-198378322-1000
Task: {24FB42EA-E1E8-4CA1-A974-2CD3C61983E0} - System32\Tasks\{2F30E417-2728-4869-BFE4-6C694D744743} => pcalua.exe -a C:\Users\Katrin\Downloads\gamesplayerinstall(2).exe -d C:\Users\Katrin\Downloads
Task: {3114661F-7A9C-4F98-BA74-43CFD5A3071E} - System32\Tasks\{DEB83D54-97BD-45F7-97B4-2C2BDBC21567} => pcalua.exe -a D:\Sims3Setup.exe -d D:\
Task: {33A7B15E-256D-43C8-B3DF-30D5E60304B5} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe [2015-07-20] (Adobe Systems Incorporated)
Task: {46D49838-A182-4F18-9BFF-27E0F435766B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2455217175-4274658696-198378322-1000UA => C:\Users\Katrin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-04] (Facebook Inc.)
Task: {4AB56A5F-0DE4-4479-9EF8-509ADE90491C} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {4CBCFB91-1206-4F84-B46E-DE391327D07E} - System32\Tasks\NBAgent => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-07-06] (Nero AG)
Task: {595D1A15-CABD-4F08-971D-00B7100FB283} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {7DA3F6B5-DD8D-4BA4-9BFB-FC83FA4F4992} - System32\Tasks\Opera scheduled Autoupdate 1437423186 => C:\Program Files (x86)\Opera\launcher.exe [2015-08-17] (Opera Software)
Task: {92C0DD9D-F828-42AF-8BFF-0F3F03C330E9} - System32\Tasks\{66D16A3C-0A42-4EBC-8132-29344CFF9849} => pcalua.exe -a "C:\Users\Katrin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q381I1E6\fxsetup.exe" -d C:\Users\Katrin\Desktop
Task: {9DE64921-E8F3-424A-9FEB-3ABBF33FB8F8} - System32\Tasks\AdobeAAMUpdater-1.0-Katrin-PC-Katrin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {A8C947F3-6654-4E67-87E8-E6059A991CB7} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2014-09-04] (Adobe Systems Incorporated)
Task: {B56E4A4E-D982-49C8-ADCB-232AC5B9EAED} - System32\Tasks\{8FCD024C-B72B-4A00-8EF0-4E700F96E162} => pcalua.exe -a C:\ProgramData\ssaveroon\RYTK2pJg3TOEtG.exe -c /s /n /i:"ExecuteCommands;UninstallCommands" ""
Task: {C0B63EBA-BB74-4053-AECD-5F436FED351B} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {D3DAB2C6-BBCE-49A6-BAFE-0C2ACFCD0C89} - System32\Tasks\{B4C1923A-BA5F-4901-8191-0EFF52C8A422} => pcalua.exe -a C:\ProgramData\Deaol2iDealit\nf5DFool9mFdcN.exe -c /s /n /i:"ExecuteCommands;UninstallCommands" ""
Task: {D7D9C284-0B70-4225-BC7D-565942499A44} - System32\Tasks\{ACB5E49B-B32A-45B7-A2C5-CCEA8FDC18A3} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}\SimsMedievalSetup.exe" -c -runfromtemp -l0x0007 -removeonly
Task: {E79C6358-E883-420D-AEDD-304F89290A8B} - System32\Tasks\{C5237E6C-897C-421F-89EA-A86B1AA287A9} => C:\Program Files (x86)\Buena Vista Games\Desperate Housewives\DesperateHousewives.exe
Task: {F2AE96B2-4231-4327-8B57-33AEA2D9D3EC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2455217175-4274658696-198378322-1000Core => C:\Users\Katrin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-04] (Facebook Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2455217175-4274658696-198378322-1000Core.job => C:\Users\Katrin\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2455217175-4274658696-198378322-1000UA.job => C:\Users\Katrin\AppData\Local\Facebook\Update\FacebookUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Katrin\Lokale Einstellungen:a43Cjom7bb6rfDhpFlKPxhiu
AlternateDataStreams: C:\Users\Katrin\Lokale Einstellungen:O1pr20QndOfWjqkxGTpv5
AlternateDataStreams: C:\Users\Katrin\AppData\Local:a43Cjom7bb6rfDhpFlKPxhiu
AlternateDataStreams: C:\Users\Katrin\AppData\Local:O1pr20QndOfWjqkxGTpv5
AlternateDataStreams: C:\Users\Katrin\AppData\Local\Anwendungsdaten:a43Cjom7bb6rfDhpFlKPxhiu
AlternateDataStreams: C:\Users\Katrin\AppData\Local\Anwendungsdaten:O1pr20QndOfWjqkxGTpv5
AlternateDataStreams: C:\Users\Katrin\AppData\Local\Temporary Internet Files:TY5E7Mafb9WPC77oY2rKN
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-2455217175-4274658696-198378322-1000\...\aeriagames.com -> hxxp://aeriagames.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2455217175-4274658696-198378322-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 82.163.143.172 - 82.163.142.174
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^Users^Katrin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Katrin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EA Core => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
MSCONFIG\startupreg: ETDCtrl => %ProgramFiles%\Elantech\ETDCtrl.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\Katrin\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: Power Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RESTART_STICKY_NOTES => C:\Windows\System32\StikyNot.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Katrin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{2E2145BE-A74B-44B1-8B16-9BDEA941B951}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{9CAB31BE-7A75-4657-BD3F-169E8D4A5A89}] => (Allow) LPort=2869
FirewallRules: [{596BD085-D099-4072-8924-3534BB0BD10E}] => (Allow) LPort=1900
FirewallRules: [{118DAC96-3027-42FC-A8AD-0E53FDA4C67F}] => (Allow) C:\Program Files (x86)\CyberLink\HomeMedia\HomeMedia.exe
FirewallRules: [{1DB02CF5-E5FD-44C3-8E00-220D87329432}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{AD79A16E-0CBD-4FBC-9330-7356FD7C95ED}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BEB3A0FF-ECA1-4E20-A4A7-10995D11F7EE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4AEAB6D4-EA70-4BFF-B6F5-1D2522786CC7}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{890652D6-5B65-48CC-BDF7-A4ADE3105F0F}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{3D9EC7C3-7679-48EE-B59A-1591D88B586C}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{B66DB85C-D4A0-411C-92BD-A45D692A7394}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{76EE452D-259C-4556-8AB8-0DA6B7313D85}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{ED5EEDF3-DA59-42FB-8BA8-99C1EED7F1F7}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{80FF1608-B557-4AAF-9E1B-173270B339B1}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{A887EAA1-6532-484C-939B-F24F34C91B5D}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{3B752B93-C345-425E-842E-C760130496C2}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{854BFFD7-6677-46AD-8BF8-9CA312EB9BB7}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\3dsmax.exe
FirewallRules: [{68831568-F536-45B6-A9BE-BEC1BBE0C09C}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\3dsmax.exe
FirewallRules: [{E28F3B4E-5A50-4656-9DAF-BBE9F9B1EE92}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
FirewallRules: [{21ACBB0E-D793-4ED8-9D38-6FAE31C992D7}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
FirewallRules: [{D5EACDF4-7876-4366-B055-26E9DDF753C6}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64.exe
FirewallRules: [{3C638B32-1A49-4F8B-BF9A-2DDBD075B268}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64.exe
FirewallRules: [TCP Query User{5767AA50-5B52-4457-875D-D9029DBCE5C3}C:\program files\steinberg\cubase 6\cubase6.exe] => (Allow) C:\program files\steinberg\cubase 6\cubase6.exe
FirewallRules: [UDP Query User{1C6F2059-E555-4F20-A74B-012D9BB0F81F}C:\program files\steinberg\cubase 6\cubase6.exe] => (Allow) C:\program files\steinberg\cubase 6\cubase6.exe
FirewallRules: [TCP Query User{6BC4D746-D771-4BFE-BE86-6B3B22949E1D}C:\program files\steinberg\cubase 6\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 6\components\vstbridgeapp.exe
FirewallRules: [UDP Query User{401D6E87-44A7-448B-AED3-3EBE1DFA0F08}C:\program files\steinberg\cubase 6\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 6\components\vstbridgeapp.exe
FirewallRules: [{FC8D8E40-CD3F-4A20-B7C5-83A9EF738236}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{AB5A1335-5C1F-4EF6-9C44-63EE42A12745}] => (Allow) C:\Users\Katrin\AppData\Local\Temp\7zS4EB5\setup\hpznui40.exe
FirewallRules: [{9E8054C1-BB4B-4715-933F-29523F65BDF2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{1BC91A5B-2D66-40C2-A653-57AE7FDFE606}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{15859FA2-F01E-4A3D-B41F-4366EDCEB583}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [TCP Query User{FF67B927-EC08-4793-A235-098E6B54D3F8}C:\users\katrin\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\katrin\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{8C4FF2E9-A4C1-44D2-9137-79D5153898FF}C:\users\katrin\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\katrin\appdata\local\akamai\netsession_win.exe
FirewallRules: [{747E323F-DAC8-4F8B-8F2B-C0414E4CA39F}] => (Allow) C:\AeriaGames\EdenEternal-DE\_Launcher.exe
FirewallRules: [{2B1D03E7-C261-4BE4-AF00-1631FF0F92F9}] => (Allow) C:\AeriaGames\EdenEternal-DE\_Launcher.exe
FirewallRules: [{FC432E7B-2DD7-41D4-BDF7-B7E128EB15CD}] => (Allow) C:\AeriaGames\EdenEternal-DE\_Launcher.exe
FirewallRules: [{8A80D549-EA1E-4FA3-A42B-C05E0B69A5CF}] => (Allow) C:\AeriaGames\EdenEternal-DE\_Launcher.exe
FirewallRules: [TCP Query User{81D69A74-DE64-478F-8544-4620756C48CB}C:\users\katrin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\katrin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5DB9527E-78CB-4357-99D2-E3D1D8282CDB}C:\users\katrin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\katrin\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{94024430-A30A-4511-8E28-757DB8AD2240}C:\users\katrin\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\katrin\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{2E58B01A-EDC0-465C-9712-E138FD0C7C2D}C:\users\katrin\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\katrin\appdata\local\akamai\netsession_win.exe
FirewallRules: [{D66DCD1D-9F99-4497-BB75-7DB0CBCF8951}] => (Allow) C:\Users\Katrin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{25ED5E4A-8D12-4F5A-BCC9-FE6730598B2C}] => (Allow) C:\Users\Katrin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{C6544234-7719-47A2-9369-178245B6E831}C:\users\katrin\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\katrin\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{6460434E-B11F-4728-99E3-EF9E88F68C1C}C:\users\katrin\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\katrin\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{5C60F32B-8704-4CAA-940B-DC77FCF4608A}] => (Allow) C:\Users\Katrin\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{0B963D84-A336-4503-9A7E-CE9662FC3191}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{A9F33512-2C1E-4EC8-9729-B2459A7B3A29}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{E5C2EE14-41E4-4DAE-B671-F2FE44949C39}] => (Allow) LPort=49170
FirewallRules: [{8ADC90EC-8E0A-46EF-8B1E-22FFEDA17041}] => (Allow) LPort=5000
FirewallRules: [{E417D833-194F-4A81-B5AC-1C528C6CD20F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F546CECA-C8F7-492D-87B1-9F5A2EFAA6CF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Konnte Geräte nicht auflisten. Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/19/2015 02:14:31 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{e9afa979-c82a-11e0-8df3-806e6f6e6963} - 0000000000000150,0x0053c008,000000000025E7C0,0,0000000000399FD0,4096,[0])". hr = 0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (08/19/2015 02:03:08 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Users\Katrin\AppData\Local\Temp\jrt\CreateRestorePoint.exe "JRT Pre-Junkware Removal"; Beschreibung = JRT Pre-Junkware Removal; Fehler = 0x81000101).
Error: (08/19/2015 01:49:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/19/2015 01:32:31 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{e9afa979-c82a-11e0-8df3-806e6f6e6963} - 0000000000000150,0x0053c008,000000000044E7C0,0,0000000000359FD0,4096,[0])". hr = 0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (08/19/2015 01:22:20 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x81000101).
Error: (08/19/2015 11:01:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/19/2015 10:50:16 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\revouninstaller.exe Files (x86)\VS Revo Group\Revo Uninstaller\revouninstaller.exe"; Beschreibung = Revo Uninstaller's restore point - SystemPreserve; Fehler = 0x81000101).
Error: (08/19/2015 10:35:00 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\revouninstaller.exe Files (x86)\VS Revo Group\Revo Uninstaller\revouninstaller.exe"; Beschreibung = Revo Uninstaller's restore point - saviingttoyou; Fehler = 0x81000101).
Error: (08/19/2015 10:34:59 AM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{e9afa979-c82a-11e0-8df3-806e6f6e6963} - 0000000000000108,0x0053c008,000000000048E7C0,0,00000000004C9FD0,4096,[0])". hr = 0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (08/19/2015 10:20:29 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\revouninstaller.exe Files (x86)\VS Revo Group\Revo Uninstaller\revouninstaller.exe"; Beschreibung = Revo Uninstaller's restore point - NewsHub; Fehler = 0x81000101).
Systemfehler:
=============
Error: (08/19/2015 02:14:31 PM) (Source: volsnap) (EventID: 67) (User: )
Description: Die Schattenkopie des erstellten Volumes "C:" konnte nicht installiert werden.
Error: (08/19/2015 02:04:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Application Virtualization Client" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/19/2015 02:04:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/19/2015 02:04:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/19/2015 02:04:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft .NET Framework NGEN v4.0.30319_X86" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/19/2015 02:04:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft .NET Framework NGEN v4.0.30319_X64" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/19/2015 02:04:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/19/2015 02:04:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Client Virtualization Handler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/19/2015 02:04:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TabletServicePen" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/19/2015 02:04:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SQL Server VSS Writer" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office:
=========================
Error: (08/19/2015 02:14:31 PM) (Source: VSS) (EventID: 12289) (User: )
Description: DeviceIoControl(\\?\Volume{e9afa979-c82a-11e0-8df3-806e6f6e6963} - 0000000000000150,0x0053c008,000000000025E7C0,0,0000000000399FD0,4096,[0])0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (08/19/2015 02:03:08 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Users\Katrin\AppData\Local\Temp\jrt\CreateRestorePoint.exe "JRT Pre-Junkware Removal"JRT Pre-Junkware Removal0x81000101
Error: (08/19/2015 01:49:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/19/2015 01:32:31 PM) (Source: VSS) (EventID: 12289) (User: )
Description: DeviceIoControl(\\?\Volume{e9afa979-c82a-11e0-8df3-806e6f6e6963} - 0000000000000150,0x0053c008,000000000044E7C0,0,0000000000359FD0,4096,[0])0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (08/19/2015 01:22:20 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101
Error: (08/19/2015 11:01:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/19/2015 10:50:16 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\revouninstaller.exe Files (x86)\VS Revo Group\Revo Uninstaller\revouninstaller.exe"Revo Uninstaller's restore point - SystemPreserve0x81000101
Error: (08/19/2015 10:35:00 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\revouninstaller.exe Files (x86)\VS Revo Group\Revo Uninstaller\revouninstaller.exe"Revo Uninstaller's restore point - saviingttoyou0x81000101
Error: (08/19/2015 10:34:59 AM) (Source: VSS) (EventID: 12289) (User: )
Description: DeviceIoControl(\\?\Volume{e9afa979-c82a-11e0-8df3-806e6f6e6963} - 0000000000000108,0x0053c008,000000000048E7C0,0,00000000004C9FD0,4096,[0])0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
Vorgang:
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (08/19/2015 10:20:29 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\revouninstaller.exe Files (x86)\VS Revo Group\Revo Uninstaller\revouninstaller.exe"Revo Uninstaller's restore point - NewsHub0x81000101
CodeIntegrity:
===================================
Date: 2013-04-08 14:34:08.289
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:34:08.264
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:34:06.213
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:34:06.187
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:34:04.143
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:34:04.109
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:34:02.029
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:34:02.003
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:33:59.924
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 14:33:59.898
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 3947.86 MB
Verfügbarer physikalischer RAM: 2527.91 MB
Summe virtueller Speicher: 7893.92 MB
Verfügbarer virtueller Speicher: 6462.8 MB
==================== Laufwerke ================================
Drive c: (Packard Bell) (Fixed) (Total:445.66 GB) (Free:148.64 GB) NTFS
Drive d: (TSimsM) (CDROM) (Total:5.11 GB) (Free:0 GB) UDF
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 5306F673)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=445.7 GB) - (Type=07 NTFS)
==================== Ende von Ergebnis ============================
|
|
21.08.2015, 16:42
| #9 |
| | Windows 7: Opera, verlinkte Wörter auf Website und Werbefenster Hallo, hab ich etwas vergessen? |
|
21.08.2015, 19:48
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Opera, verlinkte Wörter auf Website und Werbefenster Hab dein Beitrag nur übersehen... FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ACHTUNG
GroupPolicyUsers\S-1-5-21-2455217175-4274658696-198378322-1006\User: Beschränkung erkannt <======= ACHTUNG
Tcpip\..\Interfaces\{24D56DD0-2FBE-42FA-BC05-1300280A189D}: [NameServer] 82.163.143.172,82.163.142.174
Tcpip\..\Interfaces\{77187876-313D-4CB3-8052-1566C9D9D308}: [NameServer] 82.163.143.172,82.163.142.174
C:\Users\Public\AlexaNSISPlugin.2168.dll
AlternateDataStreams: C:\Users\Katrin\Lokale Einstellungen:a43Cjom7bb6rfDhpFlKPxhiu
AlternateDataStreams: C:\Users\Katrin\Lokale Einstellungen:O1pr20QndOfWjqkxGTpv5
AlternateDataStreams: C:\Users\Katrin\AppData\Local:a43Cjom7bb6rfDhpFlKPxhiu
AlternateDataStreams: C:\Users\Katrin\AppData\Local:O1pr20QndOfWjqkxGTpv5
AlternateDataStreams: C:\Users\Katrin\AppData\Local\Anwendungsdaten:a43Cjom7bb6rfDhpFlKPxhiu
AlternateDataStreams: C:\Users\Katrin\AppData\Local\Anwendungsdaten:O1pr20QndOfWjqkxGTpv5
AlternateDataStreams: C:\Users\Katrin\AppData\Local\Temporary Internet Files:TY5E7Mafb9WPC77oY2rKN
EmptyTemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.08.2015, 22:14
| #11 |
| | Windows 7: Opera, verlinkte Wörter auf Website und Werbefenster Hallo, Alles ausgeführt. Hat auch eine fixlog.txt erstellt. Musste neustarten und jetzt ist sie nicht mehr da. Soll ich es nochmal machen. PS: Das Problem wäre zurzeit weg. lg |
|
23.08.2015, 18:23
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Opera, verlinkte Wörter auf Website und Werbefenster Das Fixlog ist nicht weg. Das liegt in dem Ordner, in dem auch FRST.exe liegt.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.08.2015, 21:14
| #13 |
| | Windows 7: Opera, verlinkte Wörter auf Website und Werbefenster Tatsächlich, hier ist es: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:21-08-2015 02
durchgeführt von Katrin (2015-08-21 23:03:40) Run:1
Gestartet von C:\Users\Katrin\Downloads\FRST-OlderVersion
Geladene Profile: Katrin (Verfügbare Profile: Katrin & Martin)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ACHTUNG
GroupPolicyUsers\S-1-5-21-2455217175-4274658696-198378322-1006\User: Beschränkung erkannt <======= ACHTUNG
Tcpip\..\Interfaces\{24D56DD0-2FBE-42FA-BC05-1300280A189D}: [NameServer] 82.163.143.172,82.163.142.174
Tcpip\..\Interfaces\{77187876-313D-4CB3-8052-1566C9D9D308}: [NameServer] 82.163.143.172,82.163.142.174
C:\Users\Public\AlexaNSISPlugin.2168.dll
AlternateDataStreams: C:\Users\Katrin\Lokale Einstellungen:a43Cjom7bb6rfDhpFlKPxhiu
AlternateDataStreams: C:\Users\Katrin\Lokale Einstellungen:O1pr20QndOfWjqkxGTpv5
AlternateDataStreams: C:\Users\Katrin\AppData\Local:a43Cjom7bb6rfDhpFlKPxhiu
AlternateDataStreams: C:\Users\Katrin\AppData\Local:O1pr20QndOfWjqkxGTpv5
AlternateDataStreams: C:\Users\Katrin\AppData\Local\Anwendungsdaten:a43Cjom7bb6rfDhpFlKPxhiu
AlternateDataStreams: C:\Users\Katrin\AppData\Local\Anwendungsdaten:O1pr20QndOfWjqkxGTpv5
AlternateDataStreams: C:\Users\Katrin\AppData\Local\Temporary Internet Files:TY5E7Mafb9WPC77oY2rKN
EmptyTemp:
*****************
C:\Windows\system32\GroupPolicy\Machine => erfolgreich verschoben
C:\Windows\system32\GroupPolicy\GPT.ini => erfolgreich verschoben
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-2455217175-4274658696-198378322-1006\User => erfolgreich verschoben
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{24D56DD0-2FBE-42FA-BC05-1300280A189D}\\NameServer => Wert erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{77187876-313D-4CB3-8052-1566C9D9D308}\\NameServer => Wert erfolgreich entfernt
C:\Users\Public\AlexaNSISPlugin.2168.dll => erfolgreich verschoben
"C:\Users\Katrin\Lokale Einstellungen" => ":a43Cjom7bb6rfDhpFlKPxhiu" ADS nicht gefunden.
"C:\Users\Katrin\Lokale Einstellungen" => ":O1pr20QndOfWjqkxGTpv5" ADS nicht gefunden.
C:\Users\Katrin\AppData\Local => ":a43Cjom7bb6rfDhpFlKPxhiu" ADS erfolgreich entfernt.
C:\Users\Katrin\AppData\Local => ":O1pr20QndOfWjqkxGTpv5" ADS erfolgreich entfernt.
"C:\Users\Katrin\AppData\Local\Anwendungsdaten" => ":a43Cjom7bb6rfDhpFlKPxhiu" ADS nicht gefunden.
"C:\Users\Katrin\AppData\Local\Anwendungsdaten" => ":O1pr20QndOfWjqkxGTpv5" ADS nicht gefunden.
"C:\Users\Katrin\AppData\Local\Temporary Internet Files" => ":TY5E7Mafb9WPC77oY2rKN" ADS nicht gefunden.
EmptyTemp: => 15.5 GB temporäre Dateien entfernt.
Das System musste neu gestartet werden..
==== Ende von Fixlog 23:07:43 ====
|
|
23.08.2015, 21:34
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Opera, verlinkte Wörter auf Website und Werbefenster Okay, dann Kontrollscans mit MBAM und ESET bitte: Downloade Dir bitte  Malwarebytes Anti-Malware
ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.08.2015, 05:29
| #15 |
| | Windows 7: Opera, verlinkte Wörter auf Website und WerbefensterCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 24.08.2015 Suchlaufzeit: 17:40 Protokolldatei: mbam.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.08.24.04 Rootkit-Datenbank: v2015.08.16.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Katrin Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 439794 Abgelaufene Zeit: 1 Std., 0 Min., 1 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 2 PUP.Optional.MultiPlug.PLY, C:\Program Files (x86)\LibrarySystem\LibrarySystem.dll, Löschen bei Neustart, [d9cb53b9d6b55adcd312626d679a60a0], PUP.Optional.MultiPlug.PLY, C:\Program Files (x86)\SeekerGeneration\SeekerGeneration.dll, Löschen bei Neustart, [1193d23a8803d6608d58c10eac558c74], Registrierungsschlüssel: 146 PUP.Optional.Babylon.A, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [baea65a790fbd95d28e9603c5fa3867a], PUP.Optional.Multiplug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E957849A-94AC-6F46-4623-C31474E3C170}, In Quarantäne, [e0c439d3becd4ceaa10bdb9ef50c33cd], PUP.Optional.Multiplug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5C28578D-D0F1-699F-01B0-CC0653A28C11}, In Quarantäne, [f1b3e22a7a1175c1cddf186115ecd22e], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{898EB8D9-254D-48AC-B33F-387FDD93AD26}, In Quarantäne, [376d3dcf414a90a65f80099af80c867a], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\CLASSES\P898EB8D9_254D_48AC_B33F_387FDD93AD26_.P898EB8D9_254D_48AC_B33F_387FDD93AD26_, In Quarantäne, [376d3dcf414a90a65f80099af80c867a], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\CLASSES\P898EB8D9_254D_48AC_B33F_387FDD93AD26_.P898EB8D9_254D_48AC_B33F_387FDD93AD26_.9, In Quarantäne, [376d3dcf414a90a65f80099af80c867a], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P898EB8D9_254D_48AC_B33F_387FDD93AD26_.P898EB8D9_254D_48AC_B33F_387FDD93AD26_, In Quarantäne, [376d3dcf414a90a65f80099af80c867a], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P898EB8D9_254D_48AC_B33F_387FDD93AD26_.P898EB8D9_254D_48AC_B33F_387FDD93AD26_.9, In Quarantäne, [376d3dcf414a90a65f80099af80c867a], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P898EB8D9_254D_48AC_B33F_387FDD93AD26_.P898EB8D9_254D_48AC_B33F_387FDD93AD26_, In Quarantäne, [376d3dcf414a90a65f80099af80c867a], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P898EB8D9_254D_48AC_B33F_387FDD93AD26_.P898EB8D9_254D_48AC_B33F_387FDD93AD26_.9, In Quarantäne, [376d3dcf414a90a65f80099af80c867a], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\CLASSES\CLSID\{898EB8D9-254D-48AC-B33F-387FDD93AD26}, In Quarantäne, [376d3dcf414a90a65f80099af80c867a], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{898EB8D9-254D-48AC-B33F-387FDD93AD26}, In Quarantäne, [376d3dcf414a90a65f80099af80c867a], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{898EB8D9-254D-48AC-B33F-387FDD93AD26}, In Quarantäne, [376d3dcf414a90a65f80099af80c867a], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{898EB8D9-254D-48AC-B33F-387FDD93AD26}, In Quarantäne, [376d3dcf414a90a65f80099af80c867a], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{5ADB067E-40D9-49AD-BDFC-2DBD725D3842}, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{8772EB82-7261-4CD9-8A86-DE155B461D9E}, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{8E76BEF1-650D-4C37-92CA-301FE1715505}, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{AE293C34-0380-4BEB-B499-003F0A34605C}, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EC137CF8-6A75-47AE-958A-6127DE633658}, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{8772EB82-7261-4CD9-8A86-DE155B461D9E}, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{8E76BEF1-650D-4C37-92CA-301FE1715505}, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AE293C34-0380-4BEB-B499-003F0A34605C}, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EC137CF8-6A75-47AE-958A-6127DE633658}, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{8772EB82-7261-4CD9-8A86-DE155B461D9E}, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{8E76BEF1-650D-4C37-92CA-301FE1715505}, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{AE293C34-0380-4BEB-B499-003F0A34605C}, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EC137CF8-6A75-47AE-958A-6127DE633658}, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{5ADB067E-40D9-49AD-BDFC-2DBD725D3842}, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{5ADB067E-40D9-49AD-BDFC-2DBD725D3842}, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D45B8571-DEF2-481F-91AE-2AEA36DF619E}, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D45B8571-DEF2-481F-91AE-2AEA36DF619E}, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D45B8571-DEF2-481F-91AE-2AEA36DF619E}, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\CLASSES\PD45B8571_DEF2_481F_91AE_2AEA36DF619E_.PD45B8571_DEF2_481F_91AE_2AEA36DF619E_, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\CLASSES\PD45B8571_DEF2_481F_91AE_2AEA36DF619E_.PD45B8571_DEF2_481F_91AE_2AEA36DF619E_.9, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PD45B8571_DEF2_481F_91AE_2AEA36DF619E_.PD45B8571_DEF2_481F_91AE_2AEA36DF619E_, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PD45B8571_DEF2_481F_91AE_2AEA36DF619E_.PD45B8571_DEF2_481F_91AE_2AEA36DF619E_.9, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\PD45B8571_DEF2_481F_91AE_2AEA36DF619E_.PD45B8571_DEF2_481F_91AE_2AEA36DF619E_, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\PD45B8571_DEF2_481F_91AE_2AEA36DF619E_.PD45B8571_DEF2_481F_91AE_2AEA36DF619E_.9, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\CLASSES\CLSID\{D45B8571-DEF2-481F-91AE-2AEA36DF619E}, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\CLASSES\CLSID\{D45B8571-DEF2-481F-91AE-2AEA36DF619E}\INPROCSERVER32, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D45B8571-DEF2-481F-91AE-2AEA36DF619E}, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D45B8571-DEF2-481F-91AE-2AEA36DF619E}, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D45B8571-DEF2-481F-91AE-2AEA36DF619E}, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, In Quarantäne, [bee68e7ebbd0e155de808625ba4a09f7], PUP.Optional.TermCoach.A, HKLM\SOFTWARE\WOW6432NODE\TermCoach_1.10.0.21, In Quarantäne, [8f15828a2c5f1b1b58bd843194706d93], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fcaeae8a}, In Quarantäne, [a301dd2fa3e854e23cbc60499d67d42c], PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, In Quarantäne, [891b020a2566f93d5b03d9d2fa0aa759], PUP.Optional.LibrarySystem.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\088c3b28, In Quarantäne, [376d35d784078bab92662a02a55e6898], PUP.Optional.HDvidCodec.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\HDvid-Codec V9.0, In Quarantäne, [6f359676f29910268de898cc699a35cb], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{112EE2F3-C09C-42CF-8281-A17ABB3526B7}, In Quarantäne, [2282c24a3a51211532938028d43036ca], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{151956B0-3D85-482F-AFF7-418E18EBD5F6}, In Quarantäne, [069e86864d3e9c9a1fa510986c98629e], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{17AF7189-D17B-49C6-93BE-E64E358FBFCF}, In Quarantäne, [c4e0d3392764a2942b9a63451ce8bf41], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1A6EDC5A-2B61-4018-94E5-9B88AB68EE22}, In Quarantäne, [f8aca3691f6c7fb7398c6f390ff5ec14], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1BB48D43-B1C3-4FE1-B3B7-1A48AC952E46}, In Quarantäne, [4a5a49c3701b1a1c5372faaeac5847b9], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1C387AE1-D663-452B-92A8-215DC65A4A42}, In Quarantäne, [287ce725f893d75fbd08d6d259ab946c], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2070FE74-42C0-4096-961C-3DF14ABC4CA4}, In Quarantäne, [3d677a92187395a14e7646620cf80ff1], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{221FCF24-F430-4F2F-8475-DB3771EF56F9}, In Quarantäne, [b7edc9431f6c9f97cef66b3d41c3ee12], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{22BB3443-ECA0-4DD7-A68E-BF8A74AC6439}, In Quarantäne, [82227b914c3f6ec8269e7533996bbf41], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{26DB25DA-FF14-437F-A91D-85F899BA258C}, In Quarantäne, [b5ef25e773187eb8467e4f598b798c74], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{29CB0887-BB8D-4F07-95E8-FCBD9A75E849}, In Quarantäne, [1d87ef1d94f7be78f6cfb6f21aea4cb4], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3224B02F-EC8C-4B5D-877B-4EED7CE6A1C7}, In Quarantäne, [772db557b6d51620b0151f890afac040], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3AEF8936-9F9C-4B11-906C-222882E45A30}, In Quarantäne, [6e366e9ec9c2e155e9db7a2e49bbac54], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4020D351-5766-466E-80FA-39478BDCE8A3}, In Quarantäne, [d3d1b85442499a9c1ea7adfb36ce7987], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{41C26DE4-A374-488E-BE36-9A185EAF83C7}, In Quarantäne, [2e76a3692863ac8a0eb7b4f4df252ad6], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{47007127-1461-4F2F-B766-CF4ED85D825B}, In Quarantäne, [10945fad6229ad89b70eb1f7f90b36ca], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{48822029-6E67-4AE4-A6BA-3026F2FEA099}, In Quarantäne, [3470709ce3a89b9b695cd4d437cd6799], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{48B592C7-A2EF-4891-A84E-2BFCDDE7ED71}, In Quarantäne, [2b796aa217745dd9b11305a32fd5c43c], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4A8E7DD4-55F4-4046-9D37-D56FB176F174}, In Quarantäne, [8a1a0dffb5d6d462764f3870d2322ad6], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{554435EF-75D0-4533-AD18-CD58E395A660}, In Quarantäne, [6143ae5ecbc0241203c25a4eaf55669a], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{59B045EF-E05E-4B0E-848C-2DA47D96C8BB}, In Quarantäne, [03a1f319d9b2b185e0e52c7caa5af709], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5A3F9D31-4854-4083-AE3E-BD83B45B8BAC}, In Quarantäne, [8d173cd01b70e4520aba71379470d62a], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5C357FFC-9FCB-421D-8E7D-263AA1D986E5}, In Quarantäne, [347049c325662313695b7d2b8a7a8779], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{63162DBD-8474-4806-936A-53295BF1A68F}, In Quarantäne, [366e7a92602b79bda124189034d0629e], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{69D92B8F-E012-4BAC-BEC9-21BDCB3988F6}, In Quarantäne, [3f6584882c5f93a3e0e5bfe9d62e59a7], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6A3ABE5B-DCE1-48F9-B7B8-E79E871E9CFE}, In Quarantäne, [e0c433d92f5caa8c15b0dbcd689cab55], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6AAC34D7-9280-4AA6-B3C4-3DA0CC12E687}, In Quarantäne, [158f9874b8d3f244dde8beea5ea6fd03], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6B0BA050-5F17-40DE-97FA-90823E7A81F2}, In Quarantäne, [c9db89832d5e5bdb5d682c7c659f926e], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6E302A7D-C829-4F6B-8CFD-AD2D5B8C48FB}, In Quarantäne, [aafa0efe3a5168ce764fbceca16326da], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{727ED0AC-D30A-4FC7-9C1E-36F7E521B647}, In Quarantäne, [386c22ead1bac76fd9eb2484d92b27d9], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{72EF51CF-BE86-432B-82EA-30B8D1E9E621}, In Quarantäne, [a8fc51bb3c4f06302a9ad4d401031be5], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{73CBEF5C-FEEF-4EDB-B3A1-C5AB567CD1FA}, In Quarantäne, [c3e1b35956356acc6e565850ba4a1de3], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{76099390-C128-4FFB-A8C5-D11EAAF3B12C}, In Quarantäne, [84204fbd0e7d1b1b1fa5555314f05aa6], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7A82A726-A9C8-4DC8-9EE2-FEED3670B4E6}, In Quarantäne, [762e0903018a989eb31208a0f1135da3], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7DE1B2A1-D2DE-4409-82E6-51A3178FCDDD}, In Quarantäne, [455fa6661f6c54e271539414699b956b], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{80F269A0-C834-44CB-954D-579649DF31B2}, In Quarantäne, [822214f8612a2f07f8cd4167937115eb], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8193D33F-3340-428A-BDBB-A85B938DFBDE}, In Quarantäne, [b3f13dcf8b00e4527450b1f731d39f61], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8279782A-C76A-4B90-8324-6121B74CA214}, In Quarantäne, [6341907c4f3ce4520db701a7ad57966a], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{841195B7-6BA8-4EF0-9151-273EC360D140}, In Quarantäne, [3c685fad513a94a23d874c5c05ff7c84], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{84E4785C-4699-414A-82C8-6B639B448821}, In Quarantäne, [e6bedc30751659dd368efdab94702dd3], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{865D28BC-CBA4-4643-A1A5-374577173D88}, In Quarantäne, [822229e35c2fe650cdf88820659ff30d], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{89B81B39-B1A9-489B-9FEA-F59C1D9544DB}, In Quarantäne, [287c7b9155361c1a2a9a50586b9914ec], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8B6E1C80-41DE-4A38-901F-BB1864E6AC2A}, In Quarantäne, [5054a4685536d95d14b0ccdc877d9868], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8BD12D30-594C-44D9-BC1F-BD43332C4BB8}, In Quarantäne, [00a4a16b6724989ea71d684012f259a7], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8E0C3B5E-7894-4C24-8F48-BF86307DA345}, In Quarantäne, [8b191cf0414aa88e754ff6b2ba4aa957], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{930116DB-2460-4097-A3B8-C0B36265CFDD}, In Quarantäne, [525268a496f5979f00c53672a46048b8], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{97123013-E63E-4C94-9253-198E698B3EFA}, In Quarantäne, [099b23e9513af83e665f0b9d0aface32], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9A9BD4A0-A692-4A70-B32D-3F3DEC8A80C0}, In Quarantäne, [0c9820ec5c2f83b36f55ccdc2ada15eb], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9F05A775-993C-4628-9255-B6217E2C13BC}, In Quarantäne, [04a055b7ef9cc76f02c22187719340c0], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A1A6C171-6EA4-4366-8E53-E933C1DC8989}, In Quarantäne, [772dc844117ac472d0f41d8b42c22dd3], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A4F4B514-A148-43C7-A7C7-552445C7A9DB}, In Quarantäne, [772dd03c3f4c4beb7153b5f3c242fa06], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A562C3F8-2088-4593-B44C-B0F992693075}, In Quarantäne, [188c4bc1c8c3c472992c07a1ce369868], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AB5E9757-F44C-42F9-A027-F78CB05BAF8C}, In Quarantäne, [e6be61ab167532043a8a3474d82c31cf], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ACFDC687-7430-4188-BB90-5E801684279F}, In Quarantäne, [3074e22a3c4f8ea83b8aaff9be46ae52], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B31834BF-1E0C-4BBF-8449-40E5D3D21E11}, In Quarantäne, [c6de41cb2f5c6dc9962ee4c439cb3ac6], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B59B928C-DD7C-454D-AF7E-5D4CD934141D}, In Quarantäne, [881c6f9d4744092ddce9c5e34bb907f9], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B62357CB-E928-48F3-8D24-DCE912DC10E7}, In Quarantäne, [a9fb10fc6e1d15217f45c9df2cd89967], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B9FF8BAA-CE77-4D34-A044-6C24CB756AC6}, In Quarantäne, [dec6010b3e4d67cfb60f1c8c5ea69c64], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BBD5BB01-6AD1-4858-9B55-486466B98388}, In Quarantäne, [80240efe97f46bcb07bdcade0df79f61], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BEC8870B-5478-4DE1-A2FF-5788EDDD668F}, In Quarantäne, [2d77cf3d5a3181b58c389612de263fc1], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C15BEBA6-62A5-4C25-86D8-1AE0E6101D78}, In Quarantäne, [960e21ebdcafc571606418904eb6659b], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C3550E88-3AB0-4BC8-814A-D53B4BDA7F96}, In Quarantäne, [02a2f11b04870531477d7632e51f6a96], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C4DC5E70-1D5E-4A9D-A3E0-6318CDCDF916}, In Quarantäne, [9e060507ddaec67054714068956f7987], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C6646C10-6B1C-4350-B690-7D3226EE4187}, In Quarantäne, [30749a723b508aacf7cdbfe947bd39c7], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C70D36E5-F2DA-45A7-8D35-3C3377CF50C2}, In Quarantäne, [c0e41defc1ca69cd90357f2952b2a25e], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CB0020CF-F4CD-4F76-9686-319BA581F440}, In Quarantäne, [9a0a55b7eba0e452fec76d3b1aea669a], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D03329F9-3862-472A-A688-83AA978895DA}, In Quarantäne, [e1c32ce08a010e28eadb5058877d0ff1], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D3F9B2BF-6B58-422D-B978-414523F31811}, In Quarantäne, [8222fe0eaae17bbb3f86c6e22fd5f709], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D5235F3B-CA17-4DA7-8F4C-77CC6DA94BE6}, In Quarantäne, [0d9750bc3c4fef47c6fff9afd92b38c8], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DD4381CA-A065-4F07-A15F-2AA996A3F8F3}, In Quarantäne, [e4c0e527b2d93ef8576e2583e91be719], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E1D0BC65-7EBB-4BF9-A0AA-2EDE5DC15262}, In Quarantäne, [e4c0ce3edfac2511f5cfcbdd986c6a96], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6DA224A-AF11-454B-BFBF-BA5B29A1363D}, In Quarantäne, [6f353ad24a414bebe3e1e6c271937f81], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E8498DF2-2DBC-4442-859F-DEFAE77EE344}, In Quarantäne, [3f65789453389c9a477e97117c88ea16], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EB0255DE-2749-47A7-8724-7B9E8893A763}, In Quarantäne, [ced629e37a118ea821a3a008f50f649c], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EBA0063A-BFA3-4565-87E3-568F6C874BF4}, In Quarantäne, [acf87597b4d742f44b791c8cce3651af], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EBEB2251-22E0-4ED8-A5AB-C187CE81C673}, In Quarantäne, [198b34d85932cd69b113b7f151b303fd], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EF0503FA-3ABB-4B3B-9E5B-86DD8AA6E044}, In Quarantäne, [9e068d7f19721f178540acfcae563dc3], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EF29BA03-DA24-4A2C-8DFB-C0B216A7CFA7}, In Quarantäne, [772ded1f5536bf77c4018b1dd82cc937], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F3513E12-69A0-4BAA-9DC2-44B039C97F9E}, In Quarantäne, [00a442cad6b542f41aabe8c0cc3849b7], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F46D5860-99AC-4C3B-BB1D-FE4DF4E28C71}, In Quarantäne, [079d0ffd8dfe2610982d5850ba4aa25e], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F492C841-4F4F-4E2F-8179-4A308086EF80}, In Quarantäne, [515304080685a98db113bdeba36140c0], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F65FC7F4-706A-4340-A370-8444A97656E3}, In Quarantäne, [9f050ffd434895a124a1fdab61a32dd3], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F66E35F3-FF47-455F-A986-1060FF8181AC}, In Quarantäne, [fea652ba7d0e67cf18ac9810da2aea16], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F7124ECF-5769-49EA-88F5-7579E0DC2848}, In Quarantäne, [b5efdf2d810a8da9982c48605fa59c64], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F89CCBDD-8CE9-414E-882A-6775EA17C5DA}, In Quarantäne, [4d5720ece1aa3ef8b70d4266df254db3], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F8C7301F-6A2B-419D-BF97-1CA6CAB01778}, In Quarantäne, [277db15bb7d489ad3490c3e5ff05ff01], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FAB4B594-AF2D-43D9-BA5C-C3B02CBEEFE9}, In Quarantäne, [990bb359b6d5ca6cd8ecbdeb32d2936d], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FC3E253B-3A12-4552-86C4-6C5F33EBEF68}, In Quarantäne, [c0e48488b6d5e3531aaa317723e14cb4], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FDB79DBF-1F8A-466F-AE32-C2A385177737}, In Quarantäne, [a6feef1da6e5999d7550e0c8bf45b050], PUP.Optional.AmazonTB.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1006\SOFTWARE\ALEXA INTERNET\ALEXA9\Amazon, In Quarantäne, [2a7a13f93f4cb680e115fa86719321df], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1006\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, In Quarantäne, [158f4cc0800b2313d7409bf31ee624dc], PUP.Optional.HDvidCodec.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1006\SOFTWARE\APPDATALOW\SOFTWARE\HDvid-Codec V9.0, In Quarantäne, [188c65a7d4b7181eb1c4bda761a23cc4], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1006\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{71030246-EAF9-487B-8821-BA73D8A164B3}, In Quarantäne, [1b89eb21088364d2457f743452b2ab55], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1006\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C758696B-35FE-4D44-BFAD-3A81D1DAF9C7}, In Quarantäne, [644098743a5141f5893c5850679dad53], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1006\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E1503BE2-11AD-46AF-9DD3-D52B19BCD654}, In Quarantäne, [9c081bf1305b1e18665f66421ee62cd4], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1006\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E581EF0B-1B66-4B13-AA3C-EAF263F0D31D}, In Quarantäne, [9c08c5474f3c44f204c03f69ad5745bb], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1006\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E78AE3B9-9CF8-4B15-A353-C07D804ECBEB}, In Quarantäne, [0b990903800b78be903405a3ed17817f], Registrierungswerte: 96 PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, In Quarantäne, [bee68e7ebbd0e155de808625ba4a09f7] PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, In Quarantäne, [891b020a2566f93d5b03d9d2fa0aa759] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{112EE2F3-C09C-42CF-8281-A17ABB3526B7}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [2282c24a3a51211532938028d43036ca] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{151956B0-3D85-482F-AFF7-418E18EBD5F6}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [069e86864d3e9c9a1fa510986c98629e] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{17AF7189-D17B-49C6-93BE-E64E358FBFCF}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [c4e0d3392764a2942b9a63451ce8bf41] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1A6EDC5A-2B61-4018-94E5-9B88AB68EE22}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [f8aca3691f6c7fb7398c6f390ff5ec14] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1BB48D43-B1C3-4FE1-B3B7-1A48AC952E46}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [4a5a49c3701b1a1c5372faaeac5847b9] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1C387AE1-D663-452B-92A8-215DC65A4A42}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [287ce725f893d75fbd08d6d259ab946c] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2070FE74-42C0-4096-961C-3DF14ABC4CA4}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [3d677a92187395a14e7646620cf80ff1] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{221FCF24-F430-4F2F-8475-DB3771EF56F9}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [b7edc9431f6c9f97cef66b3d41c3ee12] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{22BB3443-ECA0-4DD7-A68E-BF8A74AC6439}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [82227b914c3f6ec8269e7533996bbf41] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{26DB25DA-FF14-437F-A91D-85F899BA258C}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [b5ef25e773187eb8467e4f598b798c74] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{29CB0887-BB8D-4F07-95E8-FCBD9A75E849}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [1d87ef1d94f7be78f6cfb6f21aea4cb4] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3224B02F-EC8C-4B5D-877B-4EED7CE6A1C7}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [772db557b6d51620b0151f890afac040] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3AEF8936-9F9C-4B11-906C-222882E45A30}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [6e366e9ec9c2e155e9db7a2e49bbac54] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4020D351-5766-466E-80FA-39478BDCE8A3}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [d3d1b85442499a9c1ea7adfb36ce7987] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{41C26DE4-A374-488E-BE36-9A185EAF83C7}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [2e76a3692863ac8a0eb7b4f4df252ad6] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{47007127-1461-4F2F-B766-CF4ED85D825B}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [10945fad6229ad89b70eb1f7f90b36ca] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{48822029-6E67-4AE4-A6BA-3026F2FEA099}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [3470709ce3a89b9b695cd4d437cd6799] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{48B592C7-A2EF-4891-A84E-2BFCDDE7ED71}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [2b796aa217745dd9b11305a32fd5c43c] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4A8E7DD4-55F4-4046-9D37-D56FB176F174}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [8a1a0dffb5d6d462764f3870d2322ad6] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{554435EF-75D0-4533-AD18-CD58E395A660}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [6143ae5ecbc0241203c25a4eaf55669a] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{59B045EF-E05E-4B0E-848C-2DA47D96C8BB}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [03a1f319d9b2b185e0e52c7caa5af709] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5A3F9D31-4854-4083-AE3E-BD83B45B8BAC}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [8d173cd01b70e4520aba71379470d62a] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5C357FFC-9FCB-421D-8E7D-263AA1D986E5}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [347049c325662313695b7d2b8a7a8779] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{63162DBD-8474-4806-936A-53295BF1A68F}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [366e7a92602b79bda124189034d0629e] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{69D92B8F-E012-4BAC-BEC9-21BDCB3988F6}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [3f6584882c5f93a3e0e5bfe9d62e59a7] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6A3ABE5B-DCE1-48F9-B7B8-E79E871E9CFE}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [e0c433d92f5caa8c15b0dbcd689cab55] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6AAC34D7-9280-4AA6-B3C4-3DA0CC12E687}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [158f9874b8d3f244dde8beea5ea6fd03] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6B0BA050-5F17-40DE-97FA-90823E7A81F2}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [c9db89832d5e5bdb5d682c7c659f926e] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6E302A7D-C829-4F6B-8CFD-AD2D5B8C48FB}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [aafa0efe3a5168ce764fbceca16326da] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{727ED0AC-D30A-4FC7-9C1E-36F7E521B647}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [386c22ead1bac76fd9eb2484d92b27d9] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{72EF51CF-BE86-432B-82EA-30B8D1E9E621}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [a8fc51bb3c4f06302a9ad4d401031be5] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{73CBEF5C-FEEF-4EDB-B3A1-C5AB567CD1FA}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [c3e1b35956356acc6e565850ba4a1de3] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{76099390-C128-4FFB-A8C5-D11EAAF3B12C}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [84204fbd0e7d1b1b1fa5555314f05aa6] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7A82A726-A9C8-4DC8-9EE2-FEED3670B4E6}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [762e0903018a989eb31208a0f1135da3] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7DE1B2A1-D2DE-4409-82E6-51A3178FCDDD}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [455fa6661f6c54e271539414699b956b] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{80F269A0-C834-44CB-954D-579649DF31B2}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [822214f8612a2f07f8cd4167937115eb] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8193D33F-3340-428A-BDBB-A85B938DFBDE}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [b3f13dcf8b00e4527450b1f731d39f61] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8279782A-C76A-4B90-8324-6121B74CA214}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [6341907c4f3ce4520db701a7ad57966a] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{841195B7-6BA8-4EF0-9151-273EC360D140}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [3c685fad513a94a23d874c5c05ff7c84] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{84E4785C-4699-414A-82C8-6B639B448821}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [e6bedc30751659dd368efdab94702dd3] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{865D28BC-CBA4-4643-A1A5-374577173D88}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [822229e35c2fe650cdf88820659ff30d] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{89B81B39-B1A9-489B-9FEA-F59C1D9544DB}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [287c7b9155361c1a2a9a50586b9914ec] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8B6E1C80-41DE-4A38-901F-BB1864E6AC2A}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [5054a4685536d95d14b0ccdc877d9868] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8BD12D30-594C-44D9-BC1F-BD43332C4BB8}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [00a4a16b6724989ea71d684012f259a7] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8E0C3B5E-7894-4C24-8F48-BF86307DA345}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [8b191cf0414aa88e754ff6b2ba4aa957] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{930116DB-2460-4097-A3B8-C0B36265CFDD}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [525268a496f5979f00c53672a46048b8] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{97123013-E63E-4C94-9253-198E698B3EFA}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [099b23e9513af83e665f0b9d0aface32] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9A9BD4A0-A692-4A70-B32D-3F3DEC8A80C0}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [0c9820ec5c2f83b36f55ccdc2ada15eb] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9F05A775-993C-4628-9255-B6217E2C13BC}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [04a055b7ef9cc76f02c22187719340c0] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A1A6C171-6EA4-4366-8E53-E933C1DC8989}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [772dc844117ac472d0f41d8b42c22dd3] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A4F4B514-A148-43C7-A7C7-552445C7A9DB}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [772dd03c3f4c4beb7153b5f3c242fa06] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A562C3F8-2088-4593-B44C-B0F992693075}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [188c4bc1c8c3c472992c07a1ce369868] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AB5E9757-F44C-42F9-A027-F78CB05BAF8C}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [e6be61ab167532043a8a3474d82c31cf] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ACFDC687-7430-4188-BB90-5E801684279F}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [3074e22a3c4f8ea83b8aaff9be46ae52] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B31834BF-1E0C-4BBF-8449-40E5D3D21E11}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [c6de41cb2f5c6dc9962ee4c439cb3ac6] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B59B928C-DD7C-454D-AF7E-5D4CD934141D}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [881c6f9d4744092ddce9c5e34bb907f9] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B62357CB-E928-48F3-8D24-DCE912DC10E7}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [a9fb10fc6e1d15217f45c9df2cd89967] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B9FF8BAA-CE77-4D34-A044-6C24CB756AC6}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [dec6010b3e4d67cfb60f1c8c5ea69c64] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BBD5BB01-6AD1-4858-9B55-486466B98388}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [80240efe97f46bcb07bdcade0df79f61] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BEC8870B-5478-4DE1-A2FF-5788EDDD668F}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [2d77cf3d5a3181b58c389612de263fc1] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C15BEBA6-62A5-4C25-86D8-1AE0E6101D78}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [960e21ebdcafc571606418904eb6659b] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C3550E88-3AB0-4BC8-814A-D53B4BDA7F96}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [02a2f11b04870531477d7632e51f6a96] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C4DC5E70-1D5E-4A9D-A3E0-6318CDCDF916}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [9e060507ddaec67054714068956f7987] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C6646C10-6B1C-4350-B690-7D3226EE4187}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [30749a723b508aacf7cdbfe947bd39c7] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C70D36E5-F2DA-45A7-8D35-3C3377CF50C2}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [c0e41defc1ca69cd90357f2952b2a25e] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CB0020CF-F4CD-4F76-9686-319BA581F440}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [9a0a55b7eba0e452fec76d3b1aea669a] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D03329F9-3862-472A-A688-83AA978895DA}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [e1c32ce08a010e28eadb5058877d0ff1] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D3F9B2BF-6B58-422D-B978-414523F31811}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [8222fe0eaae17bbb3f86c6e22fd5f709] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D5235F3B-CA17-4DA7-8F4C-77CC6DA94BE6}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [0d9750bc3c4fef47c6fff9afd92b38c8] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DD4381CA-A065-4F07-A15F-2AA996A3F8F3}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [e4c0e527b2d93ef8576e2583e91be719] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E1D0BC65-7EBB-4BF9-A0AA-2EDE5DC15262}|AppName, 35b410ad-3cee-4f67-b810-b7f57a714405-2.exe-buttonutil.exe, In Quarantäne, [e4c0ce3edfac2511f5cfcbdd986c6a96] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6DA224A-AF11-454B-BFBF-BA5B29A1363D}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [6f353ad24a414bebe3e1e6c271937f81] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E8498DF2-2DBC-4442-859F-DEFAE77EE344}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [3f65789453389c9a477e97117c88ea16] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EB0255DE-2749-47A7-8724-7B9E8893A763}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [ced629e37a118ea821a3a008f50f649c] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EBA0063A-BFA3-4565-87E3-568F6C874BF4}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [acf87597b4d742f44b791c8cce3651af] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EBEB2251-22E0-4ED8-A5AB-C187CE81C673}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [198b34d85932cd69b113b7f151b303fd] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EF0503FA-3ABB-4B3B-9E5B-86DD8AA6E044}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [9e068d7f19721f178540acfcae563dc3] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EF29BA03-DA24-4A2C-8DFB-C0B216A7CFA7}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [772ded1f5536bf77c4018b1dd82cc937] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F3513E12-69A0-4BAA-9DC2-44B039C97F9E}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [00a442cad6b542f41aabe8c0cc3849b7] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F46D5860-99AC-4C3B-BB1D-FE4DF4E28C71}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [079d0ffd8dfe2610982d5850ba4aa25e] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F492C841-4F4F-4E2F-8179-4A308086EF80}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [515304080685a98db113bdeba36140c0] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F65FC7F4-706A-4340-A370-8444A97656E3}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [9f050ffd434895a124a1fdab61a32dd3] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F66E35F3-FF47-455F-A986-1060FF8181AC}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [fea652ba7d0e67cf18ac9810da2aea16] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F7124ECF-5769-49EA-88F5-7579E0DC2848}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [b5efdf2d810a8da9982c48605fa59c64] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F89CCBDD-8CE9-414E-882A-6775EA17C5DA}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [4d5720ece1aa3ef8b70d4266df254db3] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F8C7301F-6A2B-419D-BF97-1CA6CAB01778}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [277db15bb7d489ad3490c3e5ff05ff01] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FAB4B594-AF2D-43D9-BA5C-C3B02CBEEFE9}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [990bb359b6d5ca6cd8ecbdeb32d2936d] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FC3E253B-3A12-4552-86C4-6C5F33EBEF68}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [c0e48488b6d5e3531aaa317723e14cb4] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FDB79DBF-1F8A-466F-AE32-C2A385177737}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [a6feef1da6e5999d7550e0c8bf45b050] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1006\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{71030246-EAF9-487B-8821-BA73D8A164B3}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [1b89eb21088364d2457f743452b2ab55] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1006\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C758696B-35FE-4D44-BFAD-3A81D1DAF9C7}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [644098743a5141f5893c5850679dad53] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1006\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E1503BE2-11AD-46AF-9DD3-D52B19BCD654}|AppName, HDvid-Codec V9.0-enabler.exe-codedownloader.exe, In Quarantäne, [9c081bf1305b1e18665f66421ee62cd4] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1006\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E581EF0B-1B66-4B13-AA3C-EAF263F0D31D}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [9c08c5474f3c44f204c03f69ad5745bb] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2455217175-4274658696-198378322-1006\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E78AE3B9-9CF8-4B15-A353-C07D804ECBEB}|AppName, HDvid-Codec V9.0-enabler.exe-buttonutil.exe, In Quarantäne, [0b990903800b78be903405a3ed17817f] Registrierungsdaten: 2 PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[277d927a850660d6e9f52d2b50b527d9] PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[6c3825e70c7fe5510dd19abe689de51b] Ordner: 11 PUP.Optional.MultiPlug.A, C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifilbmpnkjinlkchohdfcpdkmpngiik\138, In Quarantäne, [822225e76229dc5ac181dfc421e3956b], PUP.Optional.MultiPlug.A, C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifilbmpnkjinlkchohdfcpdkmpngiik, In Quarantäne, [822225e76229dc5ac181dfc421e3956b], PUP.Optional.MultiPlug.A, C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifilbmpnkjinlkchohdfcpdkmpngiik\138, In Quarantäne, [00a41cf026651d196ed4762d778da35d], PUP.Optional.MultiPlug.A, C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifilbmpnkjinlkchohdfcpdkmpngiik, In Quarantäne, [00a41cf026651d196ed4762d778da35d], PUP.Optional.Happy2Save.A, C:\Program Files (x86)\HaPpy22SavvE, In Quarantäne, [376d3dcf414a90a65f80099af80c867a], PUP.Optional.Happy2Save.A, C:\Program Files (x86)\HAppy2eSaave, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.MultiPlug.Gen, C:\ProgramData\417994988090366824, In Quarantäne, [0f954ebe99f239fdc959d9d0c1431fe1], Rogue.Multiple, C:\ProgramData\600440862, In Quarantäne, [723260acef9c3ff72f78a633808203fd], PUP.Optional.CrossRider.A, C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_dhdepfaagokllfmhfbcfmocaeigmoebo_0, In Quarantäne, [2a7ab755dfacd165b352be34f111e61a], PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\iilfecopjcmjdgfffklfdkhbkpkmcglh, In Quarantäne, [871d1def67245dd962502fcdae54e818], PUP.Optional.CrossRider.A, C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_iilfecopjcmjdgfffklfdkhbkpkmcglh_0, In Quarantäne, [e9bb48c459321b1b1f9435c770928c74], Dateien: 39 PUP.Optional.MultiPlug.PLY, C:\Program Files (x86)\LibrarySystem\LibrarySystem.dll, Löschen bei Neustart, [d9cb53b9d6b55adcd312626d679a60a0], PUP.Optional.MultiPlug.PLY, C:\Program Files (x86)\SeekerGeneration\SeekerGeneration.dll, Löschen bei Neustart, [1193d23a8803d6608d58c10eac558c74], PUP.Optional.HDVid.A, C:\Users\Katrin\AppData\Roaming\TZ.exe, In Quarantäne, [515368a4b7d437ff93785bd746bb56aa], PUP.Optional.Multiplug.A, C:\Program Files (x86)\Hapopy2Save\Hapopy2Save.exe, In Quarantäne, [8c18fd0feba05ed8f0bc5029649dee12], PUP.Optional.Multiplug.A, C:\Program Files (x86)\HaPpy22SavvE\ObLvGwc98RJFrZ.exe, In Quarantäne, [e3c1fb11b5d6152163496f0a24dd07f9], PUP.Optional.Multiplug.A, C:\Program Files (x86)\HAppy2eSaave\Jc25Z265ygGjpu.exe, In Quarantäne, [e0c439d3becd4ceaa10bdb9ef50c33cd], PUP.Optional.MultiPlug.A, C:\Program Files (x86)\Mozilla Firefox\dbghelp.dll, In Quarantäne, [03a19973018ac96dcaa0f8d79f621ee2], PUP.Optional.Multiplug.A, C:\Program Files (x86)\IncognitoFilter\IncognitoFilter.exe, In Quarantäne, [554fcd3f3e4d191d3d6fd6a3976a1de3], PUP.Optional.Multiplug.A, C:\Program Files (x86)\jQuery Debugger\jQuery Debugger.exe, In Quarantäne, [f1b3e22a7a1175c1cddf186115ecd22e], PUP.Optional.Softonic, C:\Users\Katrin\Downloads\SoftonicDownloader_fuer_divx-plus-web-player.exe, In Quarantäne, [7d273ad26a215adc02507b6a56aa837d], PUP.Optional.Softonic.A, C:\Users\Katrin\Downloads\SoftonicDownloader_fuer_nexusfont.exe, In Quarantäne, [366e9e6e6b2011255316ef08d62a05fb], PUP.Optional.Softonic.A, C:\Users\Katrin\Downloads\SoftonicDownloader_fuer_samsung-kies.exe, In Quarantäne, [4a5a35d799f2e55103663fb8a65a0ef2], PUP.Optional.RegCleanerPro, C:\Users\Katrin\Downloads\rcpsetup_chip_de_chip_de.exe, In Quarantäne, [5153be4eaeddc472792cf5f49c64629e], PUP.Optional.Giga, C:\Users\Katrin\Downloads\Adobe-Flash-Player-lnstall.exe, In Quarantäne, [0e96e329f497e15503404cde679ebf41], PUP.Optional.DomaIQ, C:\Users\Martin\Downloads\Player Setup.exe, In Quarantäne, [9b0914f8206b8da9b71489b225db10f0], PUP.Optional.MultiPlug.A, C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifilbmpnkjinlkchohdfcpdkmpngiik\138\lsdb.js, In Quarantäne, [822225e76229dc5ac181dfc421e3956b], PUP.Optional.MultiPlug.A, C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifilbmpnkjinlkchohdfcpdkmpngiik\138\background.html, In Quarantäne, [822225e76229dc5ac181dfc421e3956b], PUP.Optional.MultiPlug.A, C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifilbmpnkjinlkchohdfcpdkmpngiik\138\bxI0a.js, In Quarantäne, [822225e76229dc5ac181dfc421e3956b], PUP.Optional.MultiPlug.A, C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifilbmpnkjinlkchohdfcpdkmpngiik\138\content.js, In Quarantäne, [822225e76229dc5ac181dfc421e3956b], PUP.Optional.MultiPlug.A, C:\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifilbmpnkjinlkchohdfcpdkmpngiik\138\manifest.json, In Quarantäne, [822225e76229dc5ac181dfc421e3956b], PUP.Optional.MultiPlug.A, C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifilbmpnkjinlkchohdfcpdkmpngiik\138\lsdb.js, In Quarantäne, [00a41cf026651d196ed4762d778da35d], PUP.Optional.MultiPlug.A, C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifilbmpnkjinlkchohdfcpdkmpngiik\138\background.html, In Quarantäne, [00a41cf026651d196ed4762d778da35d], PUP.Optional.MultiPlug.A, C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifilbmpnkjinlkchohdfcpdkmpngiik\138\bxI0a.js, In Quarantäne, [00a41cf026651d196ed4762d778da35d], PUP.Optional.MultiPlug.A, C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifilbmpnkjinlkchohdfcpdkmpngiik\138\content.js, In Quarantäne, [00a41cf026651d196ed4762d778da35d], PUP.Optional.MultiPlug.A, C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifilbmpnkjinlkchohdfcpdkmpngiik\138\manifest.json, In Quarantäne, [00a41cf026651d196ed4762d778da35d], PUP.Optional.Happy2Save.A, C:\Program Files (x86)\HaPpy22SavvE\ObLvGwc98RJFrZ.tlb, In Quarantäne, [376d3dcf414a90a65f80099af80c867a], PUP.Optional.Happy2Save.A, C:\Program Files (x86)\HaPpy22SavvE\ObLvGwc98RJFrZ.dat, In Quarantäne, [376d3dcf414a90a65f80099af80c867a], PUP.Optional.Happy2Save.A, C:\Program Files (x86)\HaPpy22SavvE\ObLvGwc98RJFrZ.dll, In Quarantäne, [376d3dcf414a90a65f80099af80c867a], PUP.Optional.Happy2Save.A, C:\Program Files (x86)\HaPpy22SavvE\ObLvGwc98RJFrZ.x64.dll, In Quarantäne, [376d3dcf414a90a65f80099af80c867a], PUP.Optional.Happy2Save.A, C:\Program Files (x86)\HAppy2eSaave\Jc25Z265ygGjpu.tlb, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, C:\Program Files (x86)\HAppy2eSaave\Jc25Z265ygGjpu.dat, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, C:\Program Files (x86)\HAppy2eSaave\Jc25Z265ygGjpu.dll, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.Happy2Save.A, C:\Program Files (x86)\HAppy2eSaave\Jc25Z265ygGjpu.x64.dll, In Quarantäne, [762ec6464f3c71c503dc851e4db7fe02], PUP.Optional.MultiPlug.Gen, C:\ProgramData\417994988090366824\2c8582ccba4cc27ddf876dedc629c915.ini, In Quarantäne, [0f954ebe99f239fdc959d9d0c1431fe1], PUP.Optional.MultiPlug.Gen, C:\ProgramData\417994988090366824\3b666fd215f9c6e1df876dedc629c915.ini, In Quarantäne, [0f954ebe99f239fdc959d9d0c1431fe1], PUP.Optional.MultiPlug.Gen, C:\ProgramData\417994988090366824\819693f039685626df876dedc629c915.ini, In Quarantäne, [0f954ebe99f239fdc959d9d0c1431fe1], PUP.Optional.MultiPlug.Gen, C:\ProgramData\417994988090366824\94ed4de9ca3f8249df876dedc629c915.ini, In Quarantäne, [0f954ebe99f239fdc959d9d0c1431fe1], PUP.Optional.MultiPlug.Gen, C:\ProgramData\417994988090366824\9809bbaa207c3dbddf876dedc629c915.ini, In Quarantäne, [0f954ebe99f239fdc959d9d0c1431fe1], PUP.Optional.MultiPlug.Gen, C:\ProgramData\417994988090366824\9937b805c8966bb4df876dedc629c915.ini, In Quarantäne, [0f954ebe99f239fdc959d9d0c1431fe1], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=10be658d1eb1d14194d7425eb65e14e4
# end=init
# utc_time=2015-08-24 05:15:15
# local_time=2015-08-24 07:15:15 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=10be658d1eb1d14194d7425eb65e14e4
# end=init
# utc_time=2015-08-24 05:21:23
# local_time=2015-08-24 07:21:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Init
Update Download
Update Finalize
Updated modules version: 25424
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=10be658d1eb1d14194d7425eb65e14e4
# end=updated
# utc_time=2015-08-24 05:26:24
# local_time=2015-08-24 07:26:24 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=10be658d1eb1d14194d7425eb65e14e4
# engine=25424
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-08-24 10:14:25
# local_time=2015-08-25 12:14:25 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 8697397 134635675 0 0
# scanned=456912
# found=64
# cleaned=0
# scan_time=17281
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=6E8670FE857F6711A761079D8DE3A9F8320B7469 ft=1 fh=c71c00119f83770e vn="Variante von Win32/Adware.MultiPlug.NW Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\CoUpScANiner\wm7Bb4kkrocvb7.dll.vir"
sh=57F3815D0942E3B0A9BEF621A7B4971F55FC74D7 ft=1 fh=c71c0011d20a434c vn="Win32/Adware.MultiPlug.KG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\CoUpScANiner\wm7Bb4kkrocvb7.exe.vir"
sh=F9F979387E732DCE4731AF585925443B08103184 ft=1 fh=47c89ea5e18017f5 vn="Variante von Win64/Adware.MultiPlug.K Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\CoUpScANiner\wm7Bb4kkrocvb7.x64.dll.vir"
sh=084DA69F3FC6AD596650FF8FB11D3B8F28BDAB3E ft=1 fh=c71c0011cef517ae vn="Variante von Win32/Adware.MultiPlug.NW Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\CoupScanner\Z9604vjgAlqjrI.dll.vir"
sh=57F3815D0942E3B0A9BEF621A7B4971F55FC74D7 ft=1 fh=c71c0011d20a434c vn="Win32/Adware.MultiPlug.KG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\CoupScanner\Z9604vjgAlqjrI.exe.vir"
sh=BFF1821845465A9ED36580276B931E7CDA5EED16 ft=1 fh=47c89ea56508398f vn="Variante von Win64/Adware.MultiPlug.K Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\CoupScanner\Z9604vjgAlqjrI.x64.dll.vir"
sh=57F3815D0942E3B0A9BEF621A7B4971F55FC74D7 ft=1 fh=c71c0011d20a434c vn="Win32/Adware.MultiPlug.KG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\FaIneDEaalSofTT\vqO3ycgW1Dl8NJ.exe.vir"
sh=57F3815D0942E3B0A9BEF621A7B4971F55FC74D7 ft=1 fh=c71c0011d20a434c vn="Win32/Adware.MultiPlug.KG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\FinEDealSoiftt\FinEDealSoiftt.exe.vir"
sh=3C1134E4C07E456C6781DA1C59D2EA10679C91C6 ft=1 fh=c71c00113a4c9cb7 vn="Variante von Win32/Adware.MultiPlug.IY Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\mozilla firefox\dbghelp.dll.vir"
sh=57F3815D0942E3B0A9BEF621A7B4971F55FC74D7 ft=1 fh=c71c0011d20a434c vn="Win32/Adware.MultiPlug.KG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SAverPro\xBwdumGYcFS3ta.exe.vir"
sh=5560A0D793500F6E93DF084CCA8458E046A63A39 ft=1 fh=c71c0011ca5bddcf vn="Variante von Win32/Adware.MultiPlug.NW Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\saviinGtioyoiu\WEOFLDtWeXNMGF.dll.vir"
sh=57F3815D0942E3B0A9BEF621A7B4971F55FC74D7 ft=1 fh=c71c0011d20a434c vn="Win32/Adware.MultiPlug.KG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\saviinGtioyoiu\WEOFLDtWeXNMGF.exe.vir"
sh=EE689859E801FDFDF3EC2DD0084B07062A6318FE ft=1 fh=47c89ea55d88d972 vn="Variante von Win64/Adware.MultiPlug.K Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\saviinGtioyoiu\WEOFLDtWeXNMGF.x64.dll.vir"
sh=9DB8B19A21C5C1CD83793D7AA58824B1CBB0829A ft=1 fh=c71c0011e84b39a4 vn="Variante von Win32/Adware.MultiPlug.NW Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\savingtoyoui\SvzFj2zuVrEm0v.dll.vir"
sh=57F3815D0942E3B0A9BEF621A7B4971F55FC74D7 ft=1 fh=c71c0011d20a434c vn="Win32/Adware.MultiPlug.KG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\savingtoyoui\SvzFj2zuVrEm0v.exe.vir"
sh=50CBB2A04120730F79E628D6F4AE3482DC99A808 ft=1 fh=47c89ea578421547 vn="Variante von Win64/Adware.MultiPlug.K Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\savingtoyoui\SvzFj2zuVrEm0v.x64.dll.vir"
sh=57F3815D0942E3B0A9BEF621A7B4971F55FC74D7 ft=1 fh=c71c0011d20a434c vn="Win32/Adware.MultiPlug.KG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SSaVEErrPro\nZ5C3RHe8GpEuk.exe.vir"
sh=7AE7EC4F927D511FE361C70AB7200C3429415852 ft=1 fh=f8489d57fd54e17b vn="Variante von Win32/Adware.SpeedingUpMyPC.AP Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\{7f80dd45-f618-ad6c-7f80-0dd45f617517}\hqghumeaylnlf.exe.vir"
sh=7AE7EC4F927D511FE361C70AB7200C3429415852 ft=1 fh=f8489d57fd54e17b vn="Variante von Win32/Adware.SpeedingUpMyPC.AP Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\{b6f24e06-57ab-5155-b6f2-24e0657a3819}\hqghumeaylnlf.exe.vir"
sh=97A764F36BB5252A60B91278E79ED979D5CDA91D ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.G Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhhnnnpaeobfddmlalhnehgclcmjimi\117\ExhL93.js.vir"
sh=67E2ECD03DFD7F719BE90E64C7047222D19687EF ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.G Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnoejnlbkbnckikbkmnpippafneemknp\134\j8.js.vir"
sh=415AC58CE1FC6EF775BCE3B9A18CD7B9B302290E ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.C Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhodhemilmjleephoimbfhoajnglghf\165\LpuS0GNrP.js.vir"
sh=C5B305FC6F87D534D6F2BB0BEE08A8933ABAB34A ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Katrin\AppData\Local\Google\Chrome\User Data\Default\Extensions\peibencbagcfjmachldjenlalojmkila\3.15\D.js.vir"
sh=303D6464E582AA9784584ECD0F50F4B7932E5F86 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgabimphpgkjochcoogplolgpcagmap\125\jIVLKRS.js.vir"
sh=97A764F36BB5252A60B91278E79ED979D5CDA91D ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.G Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhhnnnpaeobfddmlalhnehgclcmjimi\117\ExhL93.js.vir"
sh=E87ABD87A6168E160F36A5CE9E444C1719F203DC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilfecopjcmjdgfffklfdkhbkpkmcglh\1.26.9_0\extensionData\plugins\180_bpo_serp_m.js.vir"
sh=3B861553E2E5AB5258BAE46D7A6FD4EAE9705B69 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilfecopjcmjdgfffklfdkhbkpkmcglh\1.26.9_0\extensionData\plugins\19_CHAppAPIWrapper.js.vir"
sh=63D3217BF16BFB37091DD90C82E573D8CA13F08E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilfecopjcmjdgfffklfdkhbkpkmcglh\1.26.9_0\extensionData\plugins\1_base.js.vir"
sh=5902FC10054355A5B8B9CC41620445BAA0F1D0AB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilfecopjcmjdgfffklfdkhbkpkmcglh\1.26.9_0\extensionData\plugins\21_debug.js.vir"
sh=57F2136CD86B69E88017E3346CF16BE0C2A51A2B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilfecopjcmjdgfffklfdkhbkpkmcglh\1.26.9_0\extensionData\plugins\28_initializer.js.vir"
sh=98B08CD93EE71B7F004706196B4D415BB5647686 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilfecopjcmjdgfffklfdkhbkpkmcglh\1.26.9_0\extensionData\plugins\91_monetizationLoader.js.js.vir"
sh=34C11A75B2A93EDE2B3B945AA6A09250EF5C06F4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilfecopjcmjdgfffklfdkhbkpkmcglh\1.26.9_0\js\background.js.vir"
sh=832ADA6E9B2673CA1DE314A566FF76316F0A2997 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilfecopjcmjdgfffklfdkhbkpkmcglh\1.26.9_0\js\api\chrome.js.vir"
sh=F4FE303A5886572113DF4DA3579956CEBB907F56 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilfecopjcmjdgfffklfdkhbkpkmcglh\1.26.9_0\js\api\cookie.js.vir"
sh=FD2A3FEFF97D325433D2011C5ED5755B6D6A8FAA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilfecopjcmjdgfffklfdkhbkpkmcglh\1.26.9_0\js\api\message.js.vir"
sh=F12AB7ECE7B656776B6C51962B568E2ABCDE1D4D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilfecopjcmjdgfffklfdkhbkpkmcglh\1.26.9_0\js\api\monitor.js.vir"
sh=CA4563F63D05349DF3C504C456185B7559177496 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilfecopjcmjdgfffklfdkhbkpkmcglh\1.26.9_0\js\lib\bg_app_api.js.vir"
sh=6B8D57805A81A0C2A68E87C410FF89D15BB71CC9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilfecopjcmjdgfffklfdkhbkpkmcglh\1.26.9_0\js\lib\cookie_store.js.vir"
sh=CCE2C38E8E351E54EF7624D60D5C8E8943A8C1D9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilfecopjcmjdgfffklfdkhbkpkmcglh\1.26.9_0\js\lib\crossriderAPI.js.vir"
sh=EDB82EF0A2AC160256F1A5C49F0778E3A42AC559 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilfecopjcmjdgfffklfdkhbkpkmcglh\1.26.9_0\js\lib\events.js.vir"
sh=902E327ADBC89F0A47999D10E7F6F6554CFCC0F4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilfecopjcmjdgfffklfdkhbkpkmcglh\1.26.9_0\js\lib\onBGDocumentLoad.js.vir"
sh=09D5AE4A80F65C6B9123A1F494E3E181BF3C46FD ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilfecopjcmjdgfffklfdkhbkpkmcglh\1.26.9_0\js\lib\reports.js.vir"
sh=BE038417E468CAA3BBA91CFFD2F554922504407C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilfecopjcmjdgfffklfdkhbkpkmcglh\1.26.9_0\js\lib\util.js.vir"
sh=D88F73897D0415B880A52D98AACBCBA8372956B2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilfecopjcmjdgfffklfdkhbkpkmcglh\1.26.9_0\js\lib\xhr.js.vir"
sh=67E2ECD03DFD7F719BE90E64C7047222D19687EF ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.G Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnoejnlbkbnckikbkmnpippafneemknp\134\j8.js.vir"
sh=415AC58CE1FC6EF775BCE3B9A18CD7B9B302290E ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.C Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhodhemilmjleephoimbfhoajnglghf\165\LpuS0GNrP.js.vir"
sh=C5B305FC6F87D534D6F2BB0BEE08A8933ABAB34A ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\peibencbagcfjmachldjenlalojmkila\3.15\D.js.vir"
sh=0A7B0B42E890761457162FF5B6AFA4CACD03ADA7 ft=1 fh=f3588219254e4f42 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\Sysnative\roboot64.exe.vir"
sh=C78FB212C8E69E28ADED45E3449B484AD989C3C9 ft=1 fh=d8d5f1f763ce53db vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\DVDVideoSoftToolbar.exe"
sh=0C175A79D486279A1D790FFAA82469E4C4B5CBE9 ft=1 fh=a025b83c67ce3dca vn="Win32/Patched.NFU Trojaner" ac=I fn="C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\chrome.dll"
sh=1739FEF84A598A14518458407B7C419F6065BFCC ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.I Anwendung" ac=I fn="C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\1k37nphq.default\extensions\staged\EPD@t.org\content\bg.js"
sh=AEE0B5F1AE8564D7E4CCD032EDF7AD88339BFF4E ft=1 fh=88c3bdc65b0afccf vn="Variante von Win32/Systweak.R evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Katrin\Downloads\Apple_iPhone_5_Treiber_Update_06-2014.exe"
sh=DF43DE6D7E3A728DAF3F3E1D5B7DBD199770C1FE ft=1 fh=6e594f3c66b5ca0a vn="Variante von Win32/WinloadSDA.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Katrin\Downloads\DivX-CD-Autostart-Setup.exe"
sh=0A5D594B277E29C9854223A8AC46DD156C7B0E0E ft=1 fh=55550162f6ca8b1a vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Katrin\Downloads\FreeYouTubeDownload.exe"
sh=AA190194CD322F27B81B57B66F0E48B16DDF09FC ft=1 fh=7a1e2a1eaadddca3 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Katrin\Downloads\FreeYouTubeToMP3Converter(1).exe"
sh=07CF040FEFA25DFDA4287BAB632EAB806E294695 ft=1 fh=0db8f293d4a19d8f vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Katrin\Downloads\FreeYouTubeToMP3Converter.exe"
sh=AA190194CD322F27B81B57B66F0E48B16DDF09FC ft=1 fh=7a1e2a1eaadddca3 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Katrin\Downloads\FreeYouTubeToMP3Converter_3.11.35.1031.exe"
sh=B4A1633EB14523596976601429C7DBA53A52787E ft=1 fh=18b2bbd96249e1bb vn="NSIS/TrojanDownloader.Adload.AC Trojaner" ac=I fn="C:\Users\Katrin\Downloads\HDVidCodec.exe"
sh=64E917624CAB90091693748B1DC0227CA638BD2B ft=1 fh=ae3a16e9ac64cb57 vn="Variante von Win32/Verti.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Katrin\Downloads\MediaPlayerClassicInstaller (1).exe"
sh=64E917624CAB90091693748B1DC0227CA638BD2B ft=1 fh=ae3a16e9ac64cb57 vn="Variante von Win32/Verti.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Katrin\Downloads\MediaPlayerClassicInstaller (2).exe"
sh=64E917624CAB90091693748B1DC0227CA638BD2B ft=1 fh=ae3a16e9ac64cb57 vn="Variante von Win32/Verti.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Katrin\Downloads\MediaPlayerClassicInstaller.exe"
sh=FF63834F9966C2A9A7593C5AE4A4411B321DA80C ft=1 fh=bfdfab7dde0f745a vn="Variante von Win32/InstallCore.AAJ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Katrin\Downloads\Opera_964_int_Setup.exe"
sh=C9C74091094CD88B8BA3C20A1E01F5CF04952408 ft=1 fh=a116e182c0360af7 vn="Variante von Win32/ReImageRepair.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Katrin\Downloads\ReimageRepair.exe"
|
|
| Themen zu Windows 7: Opera, verlinkte Wörter auf Website und Werbefenster |
| akamai, bonjour, converter, cubase, desktop, dnsapi.dll, flash player, google, helper, home, homepage, iexplore.exe, installation, launch, mozilla, mp3, opera, problem, registry, reimagerealtimeprotector, scan, security, server, software, svchost.exe, system, updates, vista, werbefenster, windows, windows 7, wörter unterstichen als links |
dann auf 
und dann auf 
. 
Linear-Darstellung
