Windows 7: Chrome wurde von s.coldsearch.com übernommen

Kautzerine · 23.11.2015, 09:14

Hallo liebes Forum,

seit 7-10 Tagen habe ich auf meinem Arbeits-PC Probleme. Ich hatte hier bislang Chrome laufen und nun wurde dieser Browser offenbar von einer Schadsoftware übernommen.
Dies äußerte sich so, dass ich zum einen plötzlich ein mir unbekanntes Lesezeichen+Startseite geändert auf "wiixp.de" vorfand. Desweiteren hatte ich plötzlich eine Erweiterung "Snow", mit der Beschreibung "lässt es auf den Webseiten schneien" die ich definitiv nicht selbst installiert habe.
Außerdem habe ich nun, wenn ich in die Adressleiste meinen Suchbegriff eingebe statt [Verweis auf Google] immer etwas mit "s.coldsearch.com/..." in der Suchleiste stehen. Letztendlich komme ich zwar wieder bei Google raus (mit richtigem Link in der Adressleiste), aber meine Anfrage scheint eben jemand mitzuloggen.

Wie erwähnt, das neue Lesezeichen, die geänderte Startseite und Snow-Erweiterung habe ich etwa Anfang letzter Woche bemerkt. Die Geschichte mit der Suchleiste viel mir so Mitte letzter Woche auf, am Freitag hatte ich Gelegenheit mich etwas intensiver hiermit zu beschäftigen.

Ich habe u.a. diesen Beitrag gelesen http://www.trojaner-board.de/172930-...ntfernen.html.

Leider hilft mir das aber nicht weiter; dieses "s.coldsearch.com" konnte ich nicht als Programm vorfinden (auch nicht als Erweiterung in Chrome). Gefunden habe ich hierzu einen Eintrag in der Registry (HKLM/SOFTWARE/Policies/Google/Chrome/..), diesen habe ich entfernt. Desweiteren war es zu finden in C:/Benutzer/Computer/AppData/Local/Google/Chrome/User Data/Default in der Datei "Web Data". Hier sind alle Einträge der verfügbaren Suchmaschinen zu finden.

Ich bin einziger Benutzer dieses Computers und auch Administrator. Neu-aufsetzen ist für mich leider keine Lösung, aufgrund des hohen Zeitaufwandes (ist wie gesagt mein ArbeitsPC, hier kann ich mir leider nicht einfach mal einen Tag Zeit nehmen).

-> Zur Info

Wir haben keine EDV o. ä., wir sind nur ein kleiner Softwarehersteller...

Folgendes habe ich bisher versucht:
- (bitte nicht hauen) HiJackThis
- Malwarebytes (hat beim ersten Mal was gefunden und heute früh nochmal, Logs hänge ich an)
- Kaspersky Suchlauf (findet nichts)
- Junkware Removal Tool (sorry, keine Logs)
- FRST (Logs hänge ich an)
- ESET (hat nichts gefunden)
- Chrome Software Removal Tool (hat nichts gefunden / geholfen)
- AdwCleaner (hat beim ersten Mal einen Eintrag gefunden, aber die Log habe ich nicht mehr)
- Avast Browser Cleanup (hat nichts gefunden / geholfen)

(in den Logfiles habe ich Ordnernamen/Dateinamen/IPs die auf meine Firma zurückführen durch einen entsprechenen Hinweis ersetzt).

Außerdem habe ich die Chrome-Verknüpfung kontrolliert und die Erweiterungen geprüft.

-> Interessanter Weise ist dieses Problem im abgesichterten Modus nicht da! Ich habe den PC zu Testzwecken im abgesicherten Modus (mit Netzwerktreibern) gestartet und dann nachgesehen, hier funktionierte Chrome problemlos! Ich konnte meine Suchmaschine ändern, etc..

In Chrome stellt es sich derzeit so dar, dass ich diese Suchmaschine nicht entfernen kann. Chrome sagt, diese Einstellung wird vom Admin erzwungen, deshalb könnte ich sie nicht ändern.

Was evtl. noch wichtig ist, ich hatte FlashPlayer installiert. Diesen habe ich am Freitag deinstalliert. Heute habe ich noch Web Developer deinstalliert.
Aber ich sag mal so, ich treibe mich mit diesem Rechner eigentlich nicht wirklich im Internet herum, also nicht so wie zu Hause. Zu Hause im Chrome bin ich nicht eingeloggt (ich meine bzgl. Chrome-Personalisierung), hier war ich es aber. Chrome habe ich im übrigen versucht neu zu installieren. Akuell bin ich nicht eingeloggt.

Ich hoffe jemand kann mir behilflich sein und bedanke mich schonmal für das Lesen meiner Frage.

Freundliche Grüße,

Kautzerine

Warlord711 · 23.11.2015, 09:56

Hallo Kautzerine

Mein Name ist Timo und ich werde Dir bei deinem Problem behilflich sein.

Bitte arbeite alle Schritte der Reihe nach ab.
Hier findest du die Anleitung für Hilfesuchende
Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
Nur Scans durchführen zu denen Du von einem Helfer aufgefordert wirst.
Bitte kein Crossposting ( posten in mehreren Foren).
Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist immer der sicherste Weg.

Wir arbeiten hier alle freiwillig und meist auch nur in unserer Freizeit. Daher kann es bei Antworten zu Verzögerungen kommen.
Solltest du innerhalb 48 Std keine Antwort von mir erhalten, dann schreib mit eine PM
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis ich oder jemand vom Team sagt, dass Du clean bist.

Führe sämtliche Tools mit administrativen Rechten aus, Vista, Win7,Win8 User mit Rechtsklick "als Administrator starten".

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Cursor zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Für den Chrome gibt es eine administrative Richtlinie, ist das gewollt ?

Kautzerine · 23.11.2015, 10:02

Zitat:

Zitat von Warlord711

Für den Chrome gibt es eine administrative Richtlinie, ist das gewollt ?

Nein, das ist nicht gewollt. Dies muss wohl durch meinen ungewollten Besucher verursacht worden sein.
Wir haben zwar ein Firmennetzwerk, aber keine Gruppenrichtlinien o. ä. (also auch nicht für Windows).

Ich splitte die Logfiles nochmal auf, dies hatte ich in meinem ersten Post nicht beachtet, sorry.

FRST:

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:22-11-2015
durchgeführt von Computer (Administrator) auf PC (23-11-2015 09:22:44)
Gestartet von C:\Users\Computer\Downloads
Geladene Profile: Computer (Verfügbare Profile: Computer)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Aventail Corporation) C:\Windows\System32\ngvpnmgr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(The OpenVPN Project) C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe
(Oracle Corporation) C:\oraclexe\app\oracle\product\11.2.0\server\bin\oracle.exe
(Oracle Corporation) C:\oraclexe\app\oracle\product\11.2.0\server\bin\TNSLSNR.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
() C:\Program Files (x86)\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(AO Kaspersky Lab) C:\ProgramData\Kaspersky Lab\AVP16.0.0\Temp\temporaryFolder\updates\bin\kav16\16.0.0.614_kis_a\avp.exe.3030_2553_4126.removeOnNextReboot
(AO Kaspersky Lab) C:\ProgramData\Kaspersky Lab\AVP16.0.0\Temp\temporaryFolder\updates\bin\kav16\16.0.0.614_kis_a\avpui.exe.3030_2553_4126.removeOnNextReboot
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Program Files (x86)\sqldeveloper\sqldeveloper\bin\sqldeveloper64W.exe
(Oracle Corporation) C:\orant\BIN\ifrun60.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\wmi64.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7636696 2014-09-02] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [293872 2014-08-25] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [Check Point Endpoint Security] => C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe [738824 2010-09-26] (Check Point Software Technologies)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [221728 2015-10-05] (Geek Software GmbH)
HKLM-x32\...\Run: [openvpn-gui] => C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe [480992 2015-03-23] ()
HKU\S-1-5-21-3111903969-4264855908-3411873580-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3111903969-4264855908-3411873580-1000\...\MountPoints2: {891318f0-6e74-11e5-8adf-806e6f6e6963} - D:\Bin\ASSETUP.exe
HKU\S-1-5-21-3111903969-4264855908-3411873580-1000\...\MountPoints2: {b0f8f2fc-761a-11e5-975f-305a3a7a5d66} - G:\vs_professional.exe
HKU\S-1-5-21-3111903969-4264855908-3411873580-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aventail VPN Connection.lnk [2015-11-20]
ShortcutTarget: Aventail VPN Connection.lnk ->  (Keine Datei)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2015-11-20]
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{1C70C3ED-2DB3-4E74-831C-D2CFE3534800}: [NameServer] // entfernt weil FirmenIP

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKLM -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-10-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-10-19] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-10-19] (Microsoft Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-10-19] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-10-19] (Microsoft Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-19] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-10-19] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default
FF NewTab: about:blank
FF Homepage: hxxp://www.google.de
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-19] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-10-19] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-20]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-11-23] [ist nicht signiert]

Chrome: 
=======
CHR Profile: C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-20]
CHR Extension: (Google Docs) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-20]
CHR Extension: (Google Drive) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-20]
CHR Extension: (YouTube) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-20]
CHR Extension: (Google-Suche) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-20]
CHR Extension: (Kaspersky Protection) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-11-20]
CHR Extension: (Google Tabellen) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-20]
CHR Extension: (Google Docs Offline) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-20]
CHR Extension: (Google Mail) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-20]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM\...\Chrome\Extension: [fgnjeaojhepcaofghmclffkmeaimhnmk] - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fgnjeaojhepcaofghmclffkmeaimhnmk.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [fgnjeaojhepcaofghmclffkmeaimhnmk] - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fgnjeaojhepcaofghmclffkmeaimhnmk.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-07-09] (AO Kaspersky Lab)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [1127736 2013-07-01] ()
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [810808 2013-07-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-29] (Intel Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-08] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NgVpnMgr; C:\Windows\system32\ngvpnmgr.exe [529768 2012-09-30] (Aventail Corporation)
S3 OpenVPNService; C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [81024 2015-03-23] (The OpenVPN Project)
R2 OpenVPNServiceInteractive; C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [81024 2015-03-23] (The OpenVPN Project)
S3 OracleClientCache80; C:\orant\BIN\ONRSD80.EXE [101136 2002-11-26] () [Datei ist nicht signiert]
S4 OracleJobSchedulerXE; c:\oraclexe\app\oracle\product\11.2.0\server\Bin\extjob.exe [45568 2014-05-29] () [Datei ist nicht signiert]
S3 OracleMTSRecoveryService; C:\oraclexe\app\oracle\product\11.2.0\server\BIN\omtsreco.exe [81408 2014-05-29] (Oracle Corporation) [Datei ist nicht signiert]
R2 OracleServiceXE; c:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE [147110912 2014-05-30] (Oracle Corporation) [Datei ist nicht signiert]
S3 OracleXEClrAgent; C:\oraclexe\app\oracle\product\11.2.0\server\bin\OraClrAgnt.exe [83968 2014-05-29] (Oracle Corporation) [Datei ist nicht signiert]
R2 OracleXETNSListener; C:\oraclexe\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe [522240 2014-05-29] (Oracle Corporation) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [Datei ist nicht signiert]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 TracSrvWrapper; C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe [4142608 2010-09-26] (Check Point Software Technologies)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
R2 wgsslvpnsrc; C:\Program Files (x86)\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe [58368 2011-06-29] () [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-02-18] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-10-19] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
S0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
S1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [171192 2015-06-30] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-07-04] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [931000 2015-06-30] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [30392 2015-06-08] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 NgFilter; C:\Windows\System32\DRIVERS\ngfilter.sys [26184 2012-09-29] (Aventail Corporation)
R3 NgLog; C:\Windows\System32\DRIVERS\nglog.sys [31304 2012-09-29] (Aventail Corporation)
R3 NgVpn; C:\Windows\System32\DRIVERS\ngvpn.sys [103496 2012-09-29] (Aventail Corporation)
R3 NgWfp; C:\Windows\System32\DRIVERS\ngwfp.sys [28744 2012-09-29] (Aventail Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [Datei ist nicht signiert]
R3 vna_ap; C:\Windows\System32\DRIVERS\vnaap.sys [161256 2009-12-30] (Check Point Software Technologies)
R1 vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [457264 2010-09-13] (Check Point Software Technologies Ltd.)
R4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-23 08:32 - 2015-11-23 09:20 - 00000000 ____D C:\Users\Computer\Desktop\Forum
2015-11-23 08:16 - 2015-11-23 09:22 - 00026591 _____ C:\Users\Computer\Downloads\FRST.txt
2015-11-23 08:16 - 2015-11-23 08:16 - 00041129 _____ C:\Users\Computer\Downloads\Addition.txt
2015-11-23 07:20 - 2015-11-23 09:22 - 00000000 ____D C:\FRST
2015-11-23 07:19 - 2015-11-23 07:19 - 02346496 _____ (Farbar) C:\Users\Computer\Downloads\FRST64.exe
2015-11-23 06:45 - 2015-11-23 06:45 - 00000000 ____D C:\Program Files (x86)\ESET
2015-11-23 06:27 - 2015-11-23 06:27 - 00001284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Absolute Uninstaller.lnk
2015-11-23 06:27 - 2015-11-23 06:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2015-11-23 06:27 - 2015-11-23 06:27 - 00000000 ____D C:\Program Files (x86)\Glarysoft
2015-11-23 06:26 - 2015-11-23 06:26 - 04737952 _____ C:\Users\Computer\Downloads\ausetup5.3.1.20.exe
2015-11-23 06:26 - 2015-11-23 06:26 - 02870984 _____ (ESET) C:\Users\Computer\Downloads\esetsmartinstaller_deu.exe
2015-11-23 06:21 - 2015-11-23 08:37 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-11-23 06:21 - 2015-11-23 06:21 - 00002150 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2015-11-23 06:21 - 2015-11-23 06:21 - 00000000 ____D C:\Windows\ELAMBKUP
2015-11-23 06:21 - 2015-11-23 06:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-11-23 06:21 - 2015-11-23 06:21 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-11-23 06:21 - 2015-07-04 02:18 - 00227000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2015-11-23 06:21 - 2015-06-30 01:05 - 00931000 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-11-23 06:21 - 2015-06-30 01:05 - 00171192 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-11-23 06:21 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-11-23 06:18 - 2015-11-23 06:18 - 00000000 _____ C:\Windows\system32\Drivers\OLDFBBB.tmp
2015-11-23 06:18 - 2015-11-23 06:18 - 00000000 _____ C:\Windows\system32\Drivers\OLDF8E1.tmp
2015-11-23 06:17 - 2015-11-23 06:18 - 173986008 _____ (Kaspersky Lab) C:\Users\Computer\Downloads\kis16.0.0.614de-de.exe
2015-11-23 06:16 - 2015-11-23 06:16 - 00463688 _____ (Bleeping Computer, LLC) C:\Users\Computer\Downloads\sc-cleaner.exe
2015-11-23 06:06 - 2015-11-23 06:06 - 01733632 _____ C:\Users\Computer\Downloads\adwcleaner_5.022.exe
2015-11-20 10:12 - 2015-11-20 10:43 - 00000000 ____D C:\Users\Computer\AppData\Roaming\AVAST Software
2015-11-20 10:12 - 2015-11-20 10:12 - 00004258 _____ C:\Windows\System32\Tasks\avast! BCU UpdateS-1-5-21-3111903969-4264855908-3411873580-1000
2015-11-20 10:12 - 2015-11-20 10:12 - 00003316 _____ C:\Windows\System32\Tasks\avastBCLS-1-5-21-3111903969-4264855908-3411873580-1000
2015-11-20 10:10 - 2015-11-20 10:10 - 03840080 _____ (AVAST Software) C:\Users\Computer\Downloads\avast-browse104-cleanup-sfx.exe
2015-11-20 10:08 - 2015-11-20 10:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-20 09:59 - 2015-11-23 06:06 - 00000000 ____D C:\AdwCleaner
2015-11-20 09:38 - 2015-11-23 06:22 - 04431176 _____ (Google) C:\Users\Computer\Downloads\software_removal_tool.exe
2015-11-20 09:38 - 2015-11-23 06:22 - 00000402 _____ C:\Users\Computer\Downloads\debug.log
2015-11-20 08:36 - 2015-11-23 06:08 - 00002261 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-20 08:36 - 2015-11-20 09:38 - 00000000 ____D C:\Users\Computer\AppData\Local\Google
2015-11-20 08:36 - 2015-11-20 08:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-20 08:35 - 2015-11-23 08:40 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-20 08:35 - 2015-11-23 08:40 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-20 08:35 - 2015-11-20 08:36 - 00000000 ____D C:\Program Files (x86)\Google
2015-11-20 08:35 - 2015-11-20 08:35 - 00929872 _____ (Google Inc.) C:\Users\Computer\Downloads\ChromeSetup.exe
2015-11-20 08:35 - 2015-11-20 08:35 - 00004110 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-11-20 08:35 - 2015-11-20 08:35 - 00003858 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-20 08:30 - 2015-11-20 08:30 - 00388608 _____ (Trend Micro Inc.) C:\Users\Computer\Downloads\HijackThis_2.0.5.exe
2015-11-20 08:28 - 2015-11-20 08:28 - 00000000 ____D C:\Users\Computer\AppData\Local\GWX
2015-11-20 07:50 - 2015-11-23 06:57 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-20 07:49 - 2015-11-20 07:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-20 07:49 - 2015-11-20 07:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-20 07:49 - 2015-11-20 07:49 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-11-20 07:49 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-20 07:49 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-20 07:49 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-20 07:42 - 2015-11-20 08:00 - 00001073 _____ C:\Users\Computer\Desktop\Notepad++.lnk
2015-11-17 14:12 - 2015-11-17 14:12 - 00001142 __RSH C:\ProgramData\ntuser.pol
2015-11-12 12:03 - 2015-11-18 14:44 - 00000000 ____D C:\Echo Grafiken bearbeitet
2015-11-12 11:31 - 2015-11-12 11:31 - 00000000 ____D C:\go_grafiken
2015-11-12 06:37 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 09:03 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 09:03 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 09:03 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 09:03 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 09:03 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 09:03 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 09:03 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 09:03 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 09:03 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 09:03 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 09:03 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 09:03 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 09:03 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 09:03 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 09:03 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 09:03 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 09:03 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 09:03 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 09:03 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 09:03 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 09:03 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 09:03 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 09:03 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 09:03 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 09:03 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 09:03 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 09:03 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 09:03 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 09:03 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 09:03 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 09:03 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 09:03 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 09:03 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 09:03 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 09:03 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 09:03 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 09:03 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 09:03 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 09:03 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 09:03 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 09:03 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 09:03 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 09:03 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 09:03 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 09:03 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 09:03 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 09:03 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 09:03 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 09:03 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 09:03 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 09:03 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 09:03 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 09:03 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 09:03 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 09:03 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 09:03 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 09:03 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 09:03 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 09:03 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 09:03 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 09:03 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 09:03 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 09:03 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 09:03 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 09:03 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 09:03 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 09:03 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 09:03 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 09:03 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-11 09:03 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-11 09:03 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-11 09:03 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 09:03 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 09:03 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 09:03 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 09:03 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 09:03 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 09:03 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 09:03 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 09:03 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 09:03 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 09:03 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 09:03 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 09:03 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 09:03 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 09:03 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-11 09:03 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 09:03 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 09:03 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 09:03 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 09:03 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 09:03 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 09:03 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 09:03 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 09:03 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 09:03 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 09:03 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 09:03 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 09:03 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 09:03 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 09:03 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 09:03 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 09:03 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 09:03 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 09:03 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 09:03 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 09:03 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 09:03 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 09:03 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 09:03 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 09:03 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 09:03 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 09:03 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 09:03 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 09:03 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 09:03 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 09:03 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 09:03 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 09:03 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 09:03 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 09:03 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 09:03 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 09:03 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 09:03 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 09:03 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 09:03 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 09:03 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 09:03 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 09:03 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 09:03 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 09:03 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 09:03 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 09:03 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 09:03 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 09:03 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-11 09:03 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 09:03 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 09:03 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-09 10:24 - 2015-11-20 08:00 - 00000989 _____ C:\Users\Computer\Desktop\Forms Builder.lnk
2015-11-09 10:13 - 2015-11-09 10:22 - 00000000 ____D C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oracle Reports 6i Admin
2015-11-09 10:13 - 2015-11-09 10:22 - 00000000 ____D C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oracle Reports 6i
2015-11-09 10:13 - 2015-11-09 10:13 - 00000000 ____D C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oracle Olap Client 2.2
2015-11-09 10:00 - 2015-11-20 08:00 - 00000989 _____ C:\Users\Computer\Desktop\Report Builder.lnk
2015-11-09 09:22 - 2015-11-20 08:00 - 00001472 _____ C:\Users\Computer\Desktop\Forms Runtime.lnk
2015-11-09 09:13 - 2015-11-09 10:22 - 00000000 ____D C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oracle für Windows NT
2015-11-09 09:13 - 2015-11-09 10:22 - 00000000 ____D C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oracle Forms & Reports 6i
2015-11-09 09:13 - 2015-11-09 10:19 - 00000000 ____D C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oracle Forms 6i Admin
2015-11-09 09:13 - 2015-11-09 10:19 - 00000000 ____D C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oracle Forms 6i
2015-11-09 09:13 - 2015-11-09 10:13 - 00000000 ____D C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oracle Forms & Reports 6i Doc
2015-11-09 09:11 - 2015-11-09 10:13 - 00000000 ____D C:\orant
2015-11-05 11:48 - 2015-11-05 11:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2015-11-05 11:38 - 2015-11-05 11:38 - 01386504 _____ C:\Users\Computer\Downloads\sslvpn_inst_// entfernt weil Firmenname.exe
2015-11-05 11:30 - 2015-11-05 11:30 - 00133800 _____ C:\Users\Computer\Downloads\sslvpn_conf_// entfernt weil Firmenname.exe
2015-11-03 16:14 - 2015-11-04 08:33 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-11-03 16:14 - 2015-11-03 16:45 - 00000000 ____D C:\Users\Computer\AppData\Roaming\Apple Computer
2015-11-03 15:47 - 2015-11-03 15:47 - 00000000 ____D C:\Users\Computer\AppData\Local\Sophos
2015-11-03 15:27 - 2015-11-03 15:27 - 00000000 ____D C:\Program Files (x86)\Sophos

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-23 07:49 - 2015-10-09 12:16 - 00072568 _____ C:\Users\Computer\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-23 06:44 - 2015-10-19 06:25 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-23 06:29 - 2015-10-21 07:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2015-11-23 06:29 - 2015-10-19 07:03 - 00000000 ____D C:\Program Files (x86)\sqldeveloper
2015-11-23 06:28 - 2009-07-14 05:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-23 06:28 - 2009-07-14 05:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-23 06:25 - 2011-04-12 08:43 - 00778052 _____ C:\Windows\system32\perfh007.dat
2015-11-23 06:25 - 2011-04-12 08:43 - 00180530 _____ C:\Windows\system32\perfc007.dat
2015-11-23 06:25 - 2009-07-14 06:13 - 01815974 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-23 06:23 - 2015-10-09 12:00 - 01762525 _____ C:\Windows\WindowsUpdate.log
2015-11-23 06:22 - 2015-10-09 12:18 - 00006462 _____ C:\Windows\SysWOW64\Gms.log
2015-11-23 06:20 - 2015-10-09 14:43 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-23 06:20 - 2010-11-21 04:47 - 00154274 _____ C:\Windows\PFRO.log
2015-11-23 06:20 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-23 06:20 - 2009-07-14 05:51 - 00035165 _____ C:\Windows\setupact.log
2015-11-20 10:57 - 2015-10-19 07:03 - 00000000 ____D C:\Users\Computer\AppData\Local\TSVNCache
2015-11-20 10:33 - 2015-10-19 09:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-20 10:24 - 2015-10-19 06:39 - 00000000 ___RD C:\Users\Computer\Desktop\ToDo
2015-11-20 10:03 - 2015-10-20 11:32 - 00000000 ____D C:\Users\Computer\AppData\Local\CrashDumps
2015-11-20 08:37 - 2015-10-19 09:21 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-11-20 08:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Registration
2015-11-20 08:26 - 2015-10-19 06:39 - 00000000 ___RD C:\Users\Computer\Desktop\// entfernt weil Firmenname
2015-11-20 08:17 - 2015-10-19 06:39 - 00000000 ___RD C:\Users\Computer\Desktop\Kram
2015-11-20 08:04 - 2015-10-20 11:41 - 00000000 ____D C:\Users\Computer\Downloads\Privat
2015-11-20 08:01 - 2015-10-20 08:34 - 00001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-20 08:01 - 2015-10-20 08:02 - 00001298 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2015-11-20 08:01 - 2015-10-19 09:21 - 00001045 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-11-20 08:01 - 2015-10-09 13:34 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-20 08:01 - 2015-10-09 11:58 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-11-20 08:01 - 2015-10-09 11:58 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-11-20 08:01 - 2009-07-14 05:57 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-11-20 08:01 - 2009-07-14 05:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2015-11-20 08:01 - 2009-07-14 05:57 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2015-11-20 08:01 - 2009-07-14 05:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2015-11-20 08:01 - 2009-07-14 05:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2015-11-20 08:00 - 2015-10-22 08:52 - 00001087 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2015-11-20 08:00 - 2015-10-20 08:34 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-11-20 08:00 - 2015-10-20 08:05 - 00001841 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2015-11-20 08:00 - 2015-10-20 08:02 - 00001292 _____ C:\Users\Public\Desktop\paint.net.lnk
2015-11-20 08:00 - 2015-10-19 11:24 - 00002161 _____ C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-11-20 08:00 - 2015-10-19 09:21 - 00001039 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-11-20 08:00 - 2015-10-19 07:03 - 00001069 _____ C:\Users\Computer\Desktop\SQL.lnk
2015-11-20 08:00 - 2015-10-19 07:03 - 00001044 _____ C:\Users\Computer\Desktop\Password Safe.lnk
2015-11-20 08:00 - 2015-10-09 13:34 - 00002041 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-11-20 08:00 - 2015-10-09 13:31 - 00001064 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-11-20 08:00 - 2015-10-09 12:00 - 00001425 _____ C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-11-20 08:00 - 2009-07-14 06:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2015-11-20 08:00 - 2009-07-14 05:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2015-11-20 07:42 - 2015-10-19 06:31 - 00000000 ____D C:\Users\Computer\AppData\Roaming\Notepad++
2015-11-20 07:40 - 2015-10-09 13:50 - 00001912 _____ C:\Windows\epplauncher.mif
2015-11-18 14:39 - 2015-10-19 06:25 - 00000000 ____D C:\Users\Computer\Documents\Visual Studio 2008
2015-11-17 14:12 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-11-17 14:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-11-17 13:34 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-13 08:42 - 2009-07-14 05:45 - 00330688 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-12 12:11 - 2015-10-19 06:39 - 00000000 ___RD C:\Users\Computer\Desktop\// entfernt weil Firmenname
2015-11-12 11:56 - 2015-10-09 12:17 - 00000000 ____D C:\Temp
2015-11-11 17:10 - 2015-10-09 12:54 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 17:08 - 2015-10-09 12:54 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 17:05 - 2015-10-09 12:07 - 01789318 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 17:05 - 2011-04-12 08:55 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-05 11:50 - 2015-10-19 06:39 - 00000000 ___RD C:\Users\Computer\Desktop\VPN Clients
2015-11-04 06:58 - 2015-10-09 13:31 - 00000000 ____D C:\Users\Computer\AppData\Roaming\vlc
2015-11-03 15:59 - 2015-10-20 09:20 - 00002242 ____H C:\Users\Computer\Documents\Default.rdp
2015-11-02 09:02 - 2015-10-19 11:19 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-11-02 08:56 - 2015-10-09 13:34 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-10-09 12:09 - 2015-10-09 12:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-10 13:22

==================== Ende von FRST.txt ============================

--- --- ---

Addition:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:22-11-2015
durchgeführt von Computer (2015-11-23 09:22:56)
Gestartet von C:\Users\Computer\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-10-09 11:00:24)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3111903969-4264855908-3411873580-500 - Administrator - Disabled)
Computer (S-1-5-21-3111903969-4264855908-3411873580-1000 - Administrator - Enabled) => C:\Users\Computer
Gast (S-1-5-21-3111903969-4264855908-3411873580-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Disabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Disabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (Version: 16.2.1 - Hewlett-Packard) Hidden
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Absolute Uninstaller 5.3.1.20 (HKLM-x32\...\Absolute Uninstaller) (Version: 5.3.1.20 - Glarysoft Ltd)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Aventail Connect (HKLM\...\{C338ACAC-7162-42E3-8B8C-85E5746F4A2E}) (Version: 10.62.196 - SonicWALL Aventail)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 DEU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Check Point Endpoint Security (HKLM-x32\...\{f508ae38-2d20-413e-a55c-58c86661f045}) (Version: 5.41.0000 - CheckPoint)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Crystal Reports Basic for Visual Studio 2008 (HKLM-x32\...\{AA467959-A1D6-4F45-90CD-11DC57733F32}) (Version: 10.5.0.0 - Business Objects)
Crystal Reports Basic German Language Pack for Visual Studio 2008 (HKLM-x32\...\{3924C3E7-C440-4B23-9740-9A9EC0545F21}) (Version: 10.5.0.0 - Business Objects)
Crystal Reports Basic Runtime for Visual Studio 2008 (x64) (HKLM\...\{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}) (Version: 10.5.0.0 - Business Objects)
Crystal Reports Basic Runtime German Language Pack for Visual Studio 2008 (x64) (HKLM\...\{1D5F34D0-6329-4D92-B81A-E24E9028910C}) (Version: 10.5.0.0 - Business Objects)
Devenv-Ressourcen für Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hotfix für Microsoft Visual Studio 2008 Professional Edition - DEU (KBKB971091) (HKLM-x32\...\{445174EA-3D3A-308E-84AD-446127E71441}.KB971091) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2008 Professional Edition - DEU (KBKB973674) (HKLM-x32\...\{445174EA-3D3A-308E-84AD-446127E71441}.KB973674) (Version: 1 - Microsoft Corporation)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.17 - Intel(R) Corporation) Hidden
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Language Pack (DEU) für freigegebene Windows Azure-Komponenten für Microsoft Visual Studio 2013 - v1.0 (x32 Version: 1.0.10829.1601 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for de-de Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Compact Framework 2.0 SP2 (HKLM-x32\...\{B1060346-9388-4C5B-AA52-176C39819E43}) (Version: 2.0.7045 - Microsoft Corporation)
Microsoft .NET Compact Framework 3.5 (HKLM-x32\...\{72CCBEA1-8D57-4981-A337-81019F28C5BA}) (Version: 3.5.7283 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Device Emulator (64 Bit) Version 3.0 - DEU (HKLM\...\{7ECA1AEA-2B61-3DE6-8276-6A9A2693F111}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Document Explorer 2008 (HKLM-x32\...\Microsoft Document Explorer 2008) (Version:  - Microsoft Corporation)
Microsoft Document Explorer 2008 Language Pack - DEU (HKLM-x32\...\Microsoft Document Explorer 2008 Language Pack - DEU) (Version:  - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office Home and Business 2013 - de-de (HKLM\...\HomeBusinessRetail - de-de) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3111903969-4264855908-3411873580-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst  (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 Design Tools DEU (HKLM-x32\...\{E32260E7-0B10-43C7-9B77-AB9F4184676D}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 DEU (HKLM-x32\...\{159098AF-4EB8-4C10-B0C6-24CDA32B45F9}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 for Devices DEU (HKLM-x32\...\{1C3ADB5F-750E-4453-AC98-B75C5323845C}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.2 (HKLM-x32\...\{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}) (Version: 1.2.0.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7C39E0D1-E138-42B1-B083-213EC2CF7692}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{1FBEA8BA-D40B-48BC-85BC-EE2D5575F27C}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime Language Pack (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime Language Pack) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Professional Edition - DEU (HKLM-x32\...\Microsoft Visual Studio 2008 Professional Edition - DEU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger - DEU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger - DEU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{06eb36bf-d26a-41a8-bcf3-638a3f6aa7aa}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools (HKLM\...\{AC888A60-9557-3B74-B52B-F353D01BD544}) (Version: 3.5.21022 - Microsoft)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense (HKLM\...\{9aa5f39c-a8de-46b0-919a-0248f8bc8490}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Tools (HKLM\...\{62EED300-E841-4083-A1D6-60B906271804}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Win32 Tools (HKLM\...\{A992BBAA-723D-4574-A07F-983BF8FAA3E1}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
OpenVPN 2.2.2 (HKLM-x32\...\OpenVPN) (Version: 2.2.2 - )
Oracle Database 11g Express Edition (HKLM-x32\...\InstallShield_{05A7B662-80A3-4EB9-AE1D-89A62449431C}) (Version: 11.2.0 - Oracle Corporation)
Oracle Database 11g Express Edition (Version: 11.2.0 - Oracle Corporation) Hidden
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Password Safe (HKLM-x32\...\Password Safe) (Version:  - )
PDF24 Creator 7.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Python Tools - Umleitungsvorlage (x32 Version: 1.1 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.87.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7335 - Realtek Semiconductor Corp.)
SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version:  - )
Sophos SSL VPN Client 2.1 (HKLM-x32\...\Sophos SSL VPN Client) (Version: 2.1 - )
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TortoiseSVN 1.8.11.26392 (64 bit) (HKLM\...\{11309CA9-9118-44D6-B345-83C86A5111D5}) (Version: 1.8.26392 - TortoiseSVN)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM-x32\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.5000.00 - Microsoft Corporation)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update für Microsoft Visual Studio 2008 Professional Edition - DEU (KBKB972221) (HKLM-x32\...\{445174EA-3D3A-308E-84AD-446127E71441}.KB972221) (Version: 1 - Microsoft Corporation)
VC Runtimes MSI (x32 Version: 9.0.21022 - Microsoft) Hidden
Visual Studio .NET Prerequisites - English (HKLM\...\{ACD875CC-A146-3125-8F99-D3766F46FD86}) (Version: 9.0.21022 - Microsoft Corporation)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio-Tools für Office System 3.0 Runtime Language Pack - DEU (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime Language Pack - DEU) (Version:  - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WatchGuard Mobile VPN with SSL client 11.4.2 (HKLM-x32\...\Mobile VPN with SSL client_is1) (Version:  - WatchGuard)
WCF Data Services 5.6.0 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows Mobile 5.0 SDK R2 for Pocket PC (HKLM-x32\...\{721B5CF0-D220-4955-BB6F-EBCFB1096DE7}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)
Windows Mobile 5.0 SDK R2 for Smartphone (HKLM-x32\...\{DA7F48EF-5F56-45FE-9169-3B8159A7A323}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)
Workflow Manager Client 1.0 (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.30725.1 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

16-11-2015 09:37:37 Windows Update
20-11-2015 06:18:15 Windows Update
20-11-2015 08:45:40 JRT Pre-Junkware Removal
20-11-2015 08:51:22 JRT Pre-Junkware Removal
20-11-2015 08:51:42 JRT Pre-Junkware Removal
23-11-2015 06:29:26 Removed Dotfuscator and Analytics Community Edition
23-11-2015 06:29:35 Dotfuscator and Analytics Community Edition Language Pack wurde entfernt
23-11-2015 06:43:59 Microsoft Office Visual Web Developer 2007 wird entfernt
23-11-2015 06:44:05 Removed Microsoft Visual Studio Web Authoring Component

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0B50BCB7-E7FF-45AF-8CA0-EDB925ADEB2F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-20] (Google Inc.)
Task: {80494CB8-6B44-4D69-B284-BDA6857AEEA8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {9DE4F5D4-7798-4C05-911D-68C0FD4D415B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {A000957B-C018-4AF7-B944-A42B369EBB02} - System32\Tasks\avastBCLS-1-5-21-3111903969-4264855908-3411873580-1000 => C:\Users\Computer\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe
Task: {B5AE0ED6-5DC0-4833-8CE4-D8BDE8B274AC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-20] (Google Inc.)
Task: {DA5A327C-0CD0-4317-AEF1-DDABF1685157} - System32\Tasks\avast! BCU UpdateS-1-5-21-3111903969-4264855908-3411873580-1000 => C:\Users\Computer\AppData\Roaming\AVAST Software\Browser Cleanup\BCUUpdate.exe
Task: {E046770C-F5ED-4944-BBDA-98F603AE2317} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-09-30 04:22 - 2012-09-30 04:22 - 00229736 _____ () C:\Windows\ngmsi.dll
2015-10-09 14:43 - 2015-10-03 03:49 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-19 11:19 - 2015-10-07 18:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-07-01 09:21 - 2013-07-01 09:21 - 00810808 _____ () C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
2013-07-01 00:15 - 2013-07-01 00:15 - 00018432 _____ () C:\Program Files\ShrewSoft\VPN Client\libith.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 00029184 _____ () C:\Program Files\ShrewSoft\VPN Client\libpfk.dll
2013-07-01 00:15 - 2013-07-01 00:15 - 00022016 _____ () C:\Program Files\ShrewSoft\VPN Client\libidb.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 00035840 _____ () C:\Program Files\ShrewSoft\VPN Client\libvflt.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 00116736 _____ () C:\Program Files\ShrewSoft\VPN Client\libip.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 00013312 _____ () C:\Program Files\ShrewSoft\VPN Client\liblog.dll
2015-10-19 09:16 - 2011-06-29 22:02 - 00058368 _____ () C:\Program Files (x86)\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe
2015-03-19 18:55 - 2015-03-19 18:55 - 00088960 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2015-10-16 11:02 - 2015-10-16 11:02 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2015-10-19 07:03 - 2014-03-17 09:16 - 00015360 _____ () C:\Program Files (x86)\sqldeveloper\sqldeveloper\bin\sqldeveloper64W.exe
2015-10-19 07:03 - 2014-03-17 09:14 - 00154112 _____ () C:\Program Files (x86)\sqldeveloper\ide\bin\launcher64.dll
2015-10-19 07:03 - 2014-03-17 09:14 - 00128512 _____ () C:\Program Files (x86)\sqldeveloper\ide\lib\idenative64.dll
2010-03-23 12:26 - 2010-03-23 12:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2015-10-22 08:52 - 2015-10-05 08:22 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll
2015-10-22 08:52 - 2015-10-05 08:22 - 00051744 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll
2015-10-19 11:19 - 2015-10-19 11:19 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-10-19 11:21 - 2015-10-19 11:21 - 01033792 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2014-04-29 15:23 - 2014-04-29 15:23 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-11-09 09:52 - 2002-03-24 11:49 - 00179200 _____ () C:\orant\BIN\nnb60.dll
2015-11-09 09:52 - 2000-10-31 20:25 - 00246544 _____ () C:\orant\BIN\OTRACE80.dll
2002-11-26 19:49 - 2002-11-26 19:49 - 00159232 _____ () C:\orant\BIN\mmc60.dll
2015-11-09 09:52 - 2000-10-27 11:42 - 00051472 _____ () C:\orant\BIN\NDWSI80.DLL
2002-11-26 19:49 - 2002-11-26 19:49 - 00024576 _____ () C:\orant\BIN\mma60.dll
2002-11-26 19:49 - 2002-11-26 19:49 - 00059904 _____ () C:\orant\BIN\mmv60.dll
2002-11-26 19:49 - 2002-11-26 19:49 - 00192000 _____ () C:\orant\BIN\MMI60.dll
2002-11-26 19:49 - 2002-11-26 19:49 - 00123904 _____ () C:\orant\BIN\mms60.dll
2002-11-26 19:49 - 2002-11-26 19:49 - 00189440 _____ () C:\orant\BIN\mmw60.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3111903969-4264855908-3411873580-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: // entfernt weil FirmenIP
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{925C692C-2F11-43E8-8867-28E74F92DBC8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{214ABBE6-14B8-4865-A84F-FFA89A8DD83C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C43BB274-CA77-4023-B758-F4B7433F2653}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{EB9C33E6-D61E-47EF-BA24-588708AC5F85}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C1D8BCEC-3C54-4822-8302-DE82D89A97B2}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe
FirewallRules: [{72CEFB52-8FDE-4553-9E65-FCA42C58F90C}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
FirewallRules: [{F706406B-F3A1-4405-83F8-D520D0E8C903}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{15E77C64-84FC-48C1-822B-FB4ED14D7E34}] => (Allow) C:\Users\Computer\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{39B600A4-E88F-49B6-9AF7-DE5517C936AD}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
FirewallRules: [{22F85E4E-321D-458E-B39C-74EFC6FFC880}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe
FirewallRules: [{BEF220B2-5D4C-415E-A9AE-9715624E42CC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D9F17202-52E5-41C8-98CC-403B051DD482}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CF6CC85D-0D5B-434A-AFBE-C268C741CB08}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{EEF33EDA-40D4-4448-8E5C-75A14DBF5F60}] => (Allow) LPort=12292
FirewallRules: [{75089B9A-64EB-475A-ABE3-64215788D5CF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5A012DBE-FF97-46DE-9E24-CF7535EC5B13}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B36DA14E-5188-414D-ABF3-E428AAD6AB25}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/23/2015 08:37:21 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/23/2015 06:53:47 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm setup.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1b5c

Startzeit: 01d125b1f63e2452

Endzeit: 0

Anwendungspfad: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe

Berichts-ID:

Error: (11/23/2015 06:45:23 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/23/2015 06:22:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/23/2015 06:02:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/20/2015 10:59:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/20/2015 10:50:45 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Users\Computer\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"; Beschreibung = JRT Pre-Junkware Removal; Fehler = 0x8007043c).

Error: (11/20/2015 10:50:29 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Users\Computer\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"; Beschreibung = JRT Pre-Junkware Removal; Fehler = 0x8007043c).

Error: (11/20/2015 10:40:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/20/2015 10:24:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (11/23/2015 06:54:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ShrewSoft IKE Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/23/2015 06:53:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "TeamViewer 10" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/23/2015 06:52:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ASUS Com Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/23/2015 06:47:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (11/23/2015 06:47:16 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Computer\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (11/23/2015 06:47:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (11/23/2015 06:47:15 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Computer\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (11/23/2015 06:47:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (11/23/2015 06:47:15 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Computer\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (11/23/2015 06:46:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 38%
Installierter physikalischer RAM: 16325.59 MB
Verfügbarer physikalischer RAM: 10091.65 MB
Summe virtueller Speicher: 32649.39 MB
Verfügbarer virtueller Speicher: 25981.17 MB

==================== Laufwerke ================================

Drive c: (System SSD) (Fixed) (Total:232.79 GB) (Free:144.12 GB) NTFS
Drive d: (Daten HDD) (Fixed) (Total:931.51 GB) (Free:894.07 GB) NTFS
Drive z: (// entfernt weil Firmenname) (Network) (Total:465.76 GB) (Free:23.99 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 3F335886)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1E138C47)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Kautzerine · 23.11.2015, 10:04

MBAM_LOG vom Freitag, 20.11.15:

Code:

ATTFilter

<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2015/11/20 07:50:55 +0100</date>
<logfile>mbam-log-2015-11-20 (07-50-54).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.2.0.1024</version>
<malware-database>v2015.11.20.01</malware-database>
<rootkit-database>v2015.11.14.01</rootkit-database>
<license>trial</license>
<file-protection>enabled</file-protection>
<web-protection>enabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<hostname>PC</hostname>
<ip> entfernt weil FirmenIP </ip>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>Computer</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>393040</objects>
<time>438</time>
<processes>0</processes>
<modules>0</modules>
<keys>10</keys>
<values>4</values>
<datas>4</datas>
<folders>78</folders>
<files>221</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<key><path>HKLM\SOFTWARE\CLASSES\APPID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}</path><vendor>PUP.Optional.WinManger</vendor><action>success</action><hash>df6295eb93f86ec8b6f6b8887a887090</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}</path><vendor>PUP.Optional.WinManger</vendor><action>success</action><hash>df6295eb93f86ec8b6f6b8887a887090</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}</path><vendor>PUP.Optional.WinManger</vendor><action>success</action><hash>df6295eb93f86ec8b6f6b8887a887090</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\do-searchSoftware</path><vendor>PUP.Optional.DoSearch.ShrtCln</vendor><action>success</action><hash>231e651ba1ea6acca8642d7cb74b936d</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\ihpmserver</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>b48d067a3655ed4979a0595526ddbb45</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\RAYDLD</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>8ab78af646453bfbf536a6e9cf335da3</hash></key>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MUSTANGSERVICE_2015_10_10</path><vendor>PUP.Optional.TempMoudleSet</vendor><action>success</action><hash>3a07b1cfa3e85cdafd99fbe1d92af20e</hash></key>
<value><path>HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS</path><valuename>smartffsearch@gmail.com</valuename><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><valuedata>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com</valuedata><hash>e55cc0c02f5c69cd1c784795c043c43c</hash></value>
<value><path>HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS</path><valuename>ffsmartsearchbar@gmail.com</valuename><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><valuedata>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\ffsmartsearchbar@gmail.com</valuedata><hash>54ede39d791272c4613209d3d0332ed2</hash></value>
<value><path>HKLM\SOFTWARE\WOW6432NODE\RAYDLD</path><valuename>dir</valuename><vendor>PUP.Optional.Elex</vendor><action>success</action><valuedata>C:\Program Files (x86)\RayDld</valuedata><hash>8ab78af646453bfbf536a6e9cf335da3</hash></value>
<value><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MustangService_2015_10_10</path><valuename>ImagePath</valuename><vendor>PUP.Optional.TempMoudleSet</vendor><action>success</action><valuedata>C:\ProgramData\TempMoudleSet\MustangSer1713.exe</valuedata><hash>3a07b1cfa3e85cdafd99fbe1d92af20e</hash></value>
<data><path>HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN</path><valuename>Default_Search_URL</valuename><vendor>PUP.Optional.DoSearch.ShrtCln</vendor><action>replaced</action><valuedata>hxxp://do-search.com/web/?type=ds&amp;ts=1445232091&amp;z=2ac503876801f98bda88e2ag3z2z9w6odcco0eateg&amp;from=dae&amp;uid=samsungxssdx850xevox250gb_s21pnsag775996b&amp;q={searchTerms}</valuedata><baddata>hxxp://do-search.com/web/?type=ds&amp;ts=1445232091&amp;z=2ac503876801f98bda88e2ag3z2z9w6odcco0eateg&amp;from=dae&amp;uid=samsungxssdx850xevox250gb_s21pnsag775996b&amp;q={searchTerms}</baddata><gooddata>www.google.com</gooddata><hash>ed54dba5672467cffa3be576ba4a0000</hash></data>
<data><path>HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN</path><valuename>Search Page</valuename><vendor>PUP.Optional.DoSearch.ShrtCln</vendor><action>replaced</action><valuedata>hxxp://do-search.com/web/?type=ds&amp;ts=1445232091&amp;z=2ac503876801f98bda88e2ag3z2z9w6odcco0eateg&amp;from=dae&amp;uid=samsungxssdx850xevox250gb_s21pnsag775996b&amp;q={searchTerms}</valuedata><baddata>hxxp://do-search.com/web/?type=ds&amp;ts=1445232091&amp;z=2ac503876801f98bda88e2ag3z2z9w6odcco0eateg&amp;from=dae&amp;uid=samsungxssdx850xevox250gb_s21pnsag775996b&amp;q={searchTerms}</baddata><gooddata>www.google.com</gooddata><hash>78c9037d8efd43f3b87d29320ef6cd33</hash></data>
<data><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN</path><valuename>Default_Search_URL</valuename><vendor>PUP.Optional.DoSearch.ShrtCln</vendor><action>replaced</action><valuedata>hxxp://do-search.com/web/?type=ds&amp;ts=1445232091&amp;z=2ac503876801f98bda88e2ag3z2z9w6odcco0eateg&amp;from=dae&amp;uid=samsungxssdx850xevox250gb_s21pnsag775996b&amp;q={searchTerms}</valuedata><baddata>hxxp://do-search.com/web/?type=ds&amp;ts=1445232091&amp;z=2ac503876801f98bda88e2ag3z2z9w6odcco0eateg&amp;from=dae&amp;uid=samsungxssdx850xevox250gb_s21pnsag775996b&amp;q={searchTerms}</baddata><gooddata>www.google.com</gooddata><hash>a39ef38d820979bd3005c49716ee7987</hash></data>
<data><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN</path><valuename>Search Page</valuename><vendor>PUP.Optional.DoSearch.ShrtCln</vendor><action>replaced</action><valuedata>hxxp://do-search.com/web/?type=ds&amp;ts=1445232091&amp;z=2ac503876801f98bda88e2ag3z2z9w6odcco0eateg&amp;from=dae&amp;uid=samsungxssdx850xevox250gb_s21pnsag775996b&amp;q={searchTerms}</valuedata><baddata>hxxp://do-search.com/web/?type=ds&amp;ts=1445232091&amp;z=2ac503876801f98bda88e2ag3z2z9w6odcco0eateg&amp;from=dae&amp;uid=samsungxssdx850xevox250gb_s21pnsag775996b&amp;q={searchTerms}</baddata><gooddata>www.google.com</gooddata><hash>5de4afd147441d19dc59f269f4107987</hash></data>
<folder><path>C:\Program Files (x86)\RayDld</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></folder>
<folder><path>C:\Program Files (x86)\RayDld\skin</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\ffsmartsearchbar@gmail.com</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>ba87fa86cdbede581921bfcbc43e6997</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\ffsmartsearchbar@gmail.com\chrome</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>ba87fa86cdbede581921bfcbc43e6997</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\ffsmartsearchbar@gmail.com\chrome\content</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>ba87fa86cdbede581921bfcbc43e6997</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\ffsmartsearchbar@gmail.com\chrome\skin</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>ba87fa86cdbede581921bfcbc43e6997</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\ffsmartsearchbar@gmail.com\__MACOSX</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>ba87fa86cdbede581921bfcbc43e6997</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\ffsmartsearchbar@gmail.com\__MACOSX\chrome</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>ba87fa86cdbede581921bfcbc43e6997</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\ffsmartsearchbar@gmail.com\__MACOSX\chrome\content</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>ba87fa86cdbede581921bfcbc43e6997</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\ffsmartsearchbar@gmail.com\__MACOSX\chrome\skin</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>ba87fa86cdbede581921bfcbc43e6997</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\include</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\include\tools</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\js\lib</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\js\module</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\js\pack</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\en</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\en-US</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\es</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\es-419</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\fr</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\fr-BE</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\fr-CA</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\fr-CH</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\fr-LU</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\it</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\it-CH</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\pl</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\pt-BR</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\ru</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\ru-MO</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\tr</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\vi</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\zh-CN</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\zh-TW</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\skin</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\defaults</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\defaults\preferences</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\modules</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\include</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\include\tools</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\js\lib</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\js\module</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\js\pack</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\fr-CA</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\en</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\en-US</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\es</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\es-419</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\fr</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\fr-BE</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\fr-CH</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\fr-LU</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\it</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\it-CH</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\pl</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\pt-BR</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\ru</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\ru-MO</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\tr</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\vi</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\zh-CN</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\zh-TW</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\skin</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\defaults</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\defaults\preferences</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\modules</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></folder>
<folder><path>C:\ProgramData\TempMoudleSet</path><vendor>PUP.Optional.TempMoudleSet</vendor><action>success</action><hash>4100166a5b3070c62319d9b122e0ea16</hash></folder>
<folder><path>C:\ProgramData\TempMoudleSet\update</path><vendor>PUP.Optional.TempMoudleSet</vendor><action>success</action><hash>4100166a5b3070c62319d9b122e0ea16</hash></folder>
<file><path>C:\Program Files (x86)\RayDld\uninstall.exe</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\ihpmServer.exe</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\ihpmServer.ini</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\Raydld.exe</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\main.xml</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\About.xml</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\about_banner.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\animate_history.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\animate_portal.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\animate_recent.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\big_button_down.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\bk_shadow.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\bottom_toolbar_bk.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\brower_back.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\brower_refresh.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\btn.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\btn_browser_dir.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\ck_box.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\ck_check.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\close.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\create.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\delete.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\drag_flag.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\exclamation.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\list_header_bk.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\logo_16.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\logo_small.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\Menu.xml</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\MenuItem.xml</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\menu_bk.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\menu_bk_seperator.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\MessageBox.xml</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\min.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\open_position.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\pause.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\progress_bk.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\progress_fore.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\scrollbar.bmp</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\Start.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\sysmenu.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\TaskListItem.xml</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\TaskListItemHistory.xml</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\TaskNew.xml</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\task_completed.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\task_failed.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\task_pause.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\toolbar_separator.png</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\Program Files (x86)\RayDld\skin\WebPortal.xml</path><vendor>PUP.Optional.Elex</vendor><action>success</action><hash>231ecdb393f85dd957c1119dd62d47b9</hash></file>
<file><path>C:\ProgramData\TempMoudleSet\MustangSer1713.exe</path><vendor>PUP.Optional.TempMoudleSet</vendor><action>success</action><hash>3a07b1cfa3e85cdafd99fbe1d92af20e</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\ffsmartsearchbar@gmail.com\chrome.manifest</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>ba87fa86cdbede581921bfcbc43e6997</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\ffsmartsearchbar@gmail.com\install.rdf</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>ba87fa86cdbede581921bfcbc43e6997</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\ffsmartsearchbar@gmail.com\chrome\.DS_Store</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>ba87fa86cdbede581921bfcbc43e6997</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\ffsmartsearchbar@gmail.com\chrome\content\jquery-2.1.0.min.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>ba87fa86cdbede581921bfcbc43e6997</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\ffsmartsearchbar@gmail.com\chrome\content\toolbar.xul</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>ba87fa86cdbede581921bfcbc43e6997</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\ffsmartsearchbar@gmail.com\chrome\skin\icon.png</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>ba87fa86cdbede581921bfcbc43e6997</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\ffsmartsearchbar@gmail.com\__MACOSX\._chrome</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>ba87fa86cdbede581921bfcbc43e6997</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\ffsmartsearchbar@gmail.com\__MACOSX\._chrome.manifest</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>ba87fa86cdbede581921bfcbc43e6997</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\ffsmartsearchbar@gmail.com\__MACOSX\._install.rdf</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>ba87fa86cdbede581921bfcbc43e6997</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\ffsmartsearchbar@gmail.com\__MACOSX\chrome\._.DS_Store</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>ba87fa86cdbede581921bfcbc43e6997</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\ffsmartsearchbar@gmail.com\__MACOSX\chrome\._content</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>ba87fa86cdbede581921bfcbc43e6997</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\ffsmartsearchbar@gmail.com\__MACOSX\chrome\._skin</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>ba87fa86cdbede581921bfcbc43e6997</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\ffsmartsearchbar@gmail.com\__MACOSX\chrome\content\._jquery-2.1.0.min.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>ba87fa86cdbede581921bfcbc43e6997</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\ffsmartsearchbar@gmail.com\__MACOSX\chrome\content\._toolbar.xul</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>ba87fa86cdbede581921bfcbc43e6997</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\ffsmartsearchbar@gmail.com\__MACOSX\chrome\skin\._icon.png</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>ba87fa86cdbede581921bfcbc43e6997</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome.manifest</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\install.rdf</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\.DS_Store</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\.DS_Store</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\awesome.xul</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\index.html</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\smart_search.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\smart_search.xul</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\include\speed_dial.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\include\tools\about_blank_hook.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\include\tools\misc.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\include\tools\popup_image_helper.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\include\tools\urlrequestor.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\js\.DS_Store</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\js\lib\doT.min.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\js\lib\jquery-2.1.0.min.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\js\lib\jquery.autocomplete.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\js\module\mostgrid.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\js\module\sc.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\js\module\search.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\js\module\stat.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\js\pack\common.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\js\pack\ga.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\content\js\pack\gainit.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\en\locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\en-US\locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\es\locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\es-419\locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\fr\locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\fr-BE\locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\fr-CA\locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\fr-CH\locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\fr-LU\locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\it\locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\it-CH\locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\pl\locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\pt-BR\locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\ru\locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\ru-MO\locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\tr\locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\vi\locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\zh-CN\locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\locale\zh-TW\locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\skin\default_logo.png</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\skin\googlelogo.png</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\skin\google_trends.png</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\skin\ico.ico</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\skin\icon.png</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\skin\loading.gif</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\skin\logo.png</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\skin\simple.css</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\chrome\skin\style.css</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\defaults\preferences\fvd.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\defaults\preferences\preferences.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\modules\.DS_Store</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\modules\addonmanager.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\modules\aes.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\modules\last_tab.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\modules\misc.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\modules\properties.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\modules\remoterequest.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\modules\restoreprefs.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\modules\settings.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\._chrome</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\._chrome.manifest</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\._defaults</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\._install.rdf</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\._modules</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\._.DS_Store</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\._content</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\._locale</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\._skin</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\._.DS_Store</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\._awesome.xul</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\._include</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\._index.html</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\._js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\._smart_search.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\._smart_search.xul</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\include\._speed_dial.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\include\._tools</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\include\tools\._about_blank_hook.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\include\tools\._misc.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\include\tools\._popup_image_helper.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\include\tools\._urlrequestor.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\js\._.DS_Store</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\js\._lib</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\js\._module</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\js\._pack</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\js\lib\._doT.min.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\js\lib\._jquery-2.1.0.min.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\js\lib\._jquery.autocomplete.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\js\module\._mostgrid.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\js\module\._search.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\js\module\._stat.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\js\pack\._common.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\js\pack\._ga.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\content\js\pack\._gainit.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\._en</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\._en-US</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\._es</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\._es-419</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\._fr</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\._fr-BE</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\._fr-CA</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\._fr-CH</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\._fr-LU</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\._it</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\._it-CH</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\._pl</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\._pt-BR</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\._ru</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\._ru-MO</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\._tr</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\._vi</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\._zh-CN</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\._zh-TW</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\fr-CA\._locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\en\._locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\en-US\._locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\es\._locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\es-419\._locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\fr\._locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\fr-BE\._locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\fr-CH\._locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\fr-LU\._locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\it\._locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\it-CH\._locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\pl\._locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\pt-BR\._locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\ru\._locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\ru-MO\._locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\tr\._locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\vi\._locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\zh-CN\._locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\locale\zh-TW\._locale.properties</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\skin\._default_logo.png</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\skin\._googlelogo.png</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\skin\._google_trends.png</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\skin\._ico.ico</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\skin\._icon.png</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\skin\._loading.gif</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\skin\._logo.png</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\skin\._simple.css</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\chrome\skin\._style.css</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\defaults\._preferences</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\defaults\preferences\._fvd.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\defaults\preferences\._preferences.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\modules\._.DS_Store</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\modules\._addonmanager.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\modules\._aes.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\modules\._last_tab.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\modules\._misc.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\modules\._properties.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\modules\._remoterequest.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\modules\._restoreprefs.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
<file><path>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\smartffsearch@gmail.com\__MACOSX\modules\._settings.js</path><vendor>PUP.Optional.SmartSearch</vendor><action>success</action><hash>5ae74c341378de5879c2c5c5b250ba46</hash></file>
</items>
</mbam-log>

MBAM_LOG von heute, 23.11.15:

Code:

ATTFilter

<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2015/11/23 06:07:40 +0100</date>
<logfile>mbam-log-2015-11-23 (06-07-33).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.2.0.1024</version>
<malware-database>v2015.11.23.01</malware-database>
<rootkit-database>v2015.11.22.02</rootkit-database>
<license>free</license>
<file-protection>disabled</file-protection>
<web-protection>disabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<hostname>PC</hostname>
<ip> entfernt weil FirmenIP </ip>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>Computer</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>385948</objects>
<time>363</time>
<processes>0</processes>
<modules>0</modules>
<keys>0</keys>
<values>1</values>
<datas>0</datas>
<folders>0</folders>
<files>0</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<value><path>HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS</path><valuename>sidebarff@gmail.com</valuename><vendor>PUP.Optional.SideBar</vendor><action>success</action><valuedata>C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\extensions\sidebarff@gmail.com</valuedata><hash>234aea97eaa1e84ef24c7c1340c2be42</hash></value>
</items>
</mbam-log>

Warlord711 · 23.11.2015, 10:41

OK, dann versuchen wir es mit diesem Fix:

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

Kautzerine · 23.11.2015, 11:04

Fixlog:

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:22-11-2015
durchgeführt von Computer (2015-11-23 10:42:40) Run:1
Gestartet von C:\Users\Computer\Downloads\FRST
Geladene Profile: Computer (Verfügbare Profile: Computer)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
emptytemp:
         
*****************

C:\Windows\system32\GroupPolicy\Machine => erfolgreich verschoben
C:\Windows\system32\GroupPolicy\GPT.ini => erfolgreich verschoben
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => erfolgreich verschoben
"HKLM\SOFTWARE\Policies\Google" => Schlüssel erfolgreich entfernt
EmptyTemp: => 439.1 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 10:42:46 ====

AdwCleaner:
AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v5.022 - Bericht erstellt am 23/11/2015 um 10:50:18
# Aktualisiert am 22/11/2015 von Xplode
# Datenbank : 2015-11-22.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : Computer - PC
# Gestartet von : C:\Users\Computer\Downloads\adwcleaner_5.022.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****

[-] [C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : google

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [946 Bytes] ##########

--- --- ---

JRT:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.0 (11.12.2015)
Operating System: Windows 7 Professional x64 
Ran by Computer (Administrator) on 23.11.2015 at 10:52:10,47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 




Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.11.2015 at 10:53:31,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Nochmal FRST:

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:22-11-2015
durchgeführt von Computer (Administrator) auf PC (23-11-2015 10:55:20)
Gestartet von C:\Users\Computer\Downloads\FRST
Geladene Profile: Computer (Verfügbare Profile: Computer)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Aventail Corporation) C:\Windows\System32\ngvpnmgr.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
() C:\Program Files\ShrewSoft\VPN Client\iked.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(The OpenVPN Project) C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe
(Oracle Corporation) C:\oraclexe\app\oracle\product\11.2.0\server\bin\oracle.exe
(Oracle Corporation) C:\oraclexe\app\oracle\product\11.2.0\server\bin\TNSLSNR.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
() C:\Program Files (x86)\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7636696 2014-09-02] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [293872 2014-08-25] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [Check Point Endpoint Security] => C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe [738824 2010-09-26] (Check Point Software Technologies)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [221728 2015-10-05] (Geek Software GmbH)
HKLM-x32\...\Run: [openvpn-gui] => C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe [480992 2015-03-23] ()
HKU\S-1-5-21-3111903969-4264855908-3411873580-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\system32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3111903969-4264855908-3411873580-1000\...\MountPoints2: {891318f0-6e74-11e5-8adf-806e6f6e6963} - D:\Bin\ASSETUP.exe
HKU\S-1-5-21-3111903969-4264855908-3411873580-1000\...\MountPoints2: {b0f8f2fc-761a-11e5-975f-305a3a7a5d66} - G:\vs_professional.exe
HKU\S-1-5-21-3111903969-4264855908-3411873580-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aventail VPN Connection.lnk [2015-11-20]
ShortcutTarget: Aventail VPN Connection.lnk ->  (Keine Datei)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2015-11-20]
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{1C70C3ED-2DB3-4E74-831C-D2CFE3534800}: [NameServer] // entfernt wegen FirmenIP

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKLM -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-10-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-10-19] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-10-19] (Microsoft Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-10-19] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-10-19] (Microsoft Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-19] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-10-19] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default
FF NewTab: about:blank
FF Homepage: hxxp://www.google.de
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-19] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-10-19] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-11-23] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\aqbl6cxr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-20]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox

Chrome: 
=======
CHR Profile: C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-20]
CHR Extension: (Google Docs) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-20]
CHR Extension: (Google Drive) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-20]
CHR Extension: (YouTube) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-20]
CHR Extension: (Google-Suche) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-20]
CHR Extension: (Kaspersky Protection) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-11-20]
CHR Extension: (Google Tabellen) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-20]
CHR Extension: (Google Docs Offline) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-20]
CHR Extension: (Google Mail) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-20]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM\...\Chrome\Extension: [fgnjeaojhepcaofghmclffkmeaimhnmk] - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fgnjeaojhepcaofghmclffkmeaimhnmk.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [fgnjeaojhepcaofghmclffkmeaimhnmk] - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fgnjeaojhepcaofghmclffkmeaimhnmk.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-07-09] (AO Kaspersky Lab)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [1127736 2013-07-01] ()
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [810808 2013-07-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-29] (Intel Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-08] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NgVpnMgr; C:\Windows\system32\ngvpnmgr.exe [529768 2012-09-30] (Aventail Corporation)
S3 OpenVPNService; C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [81024 2015-03-23] (The OpenVPN Project)
R2 OpenVPNServiceInteractive; C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [81024 2015-03-23] (The OpenVPN Project)
S3 OracleClientCache80; C:\orant\BIN\ONRSD80.EXE [101136 2002-11-26] () [Datei ist nicht signiert]
S4 OracleJobSchedulerXE; c:\oraclexe\app\oracle\product\11.2.0\server\Bin\extjob.exe [45568 2014-05-29] () [Datei ist nicht signiert]
S3 OracleMTSRecoveryService; C:\oraclexe\app\oracle\product\11.2.0\server\BIN\omtsreco.exe [81408 2014-05-29] (Oracle Corporation) [Datei ist nicht signiert]
R2 OracleServiceXE; c:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE [147110912 2014-05-30] (Oracle Corporation) [Datei ist nicht signiert]
S3 OracleXEClrAgent; C:\oraclexe\app\oracle\product\11.2.0\server\bin\OraClrAgnt.exe [83968 2014-05-29] (Oracle Corporation) [Datei ist nicht signiert]
R2 OracleXETNSListener; C:\oraclexe\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe [522240 2014-05-29] (Oracle Corporation) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [Datei ist nicht signiert]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 TracSrvWrapper; C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe [4142608 2010-09-26] (Check Point Software Technologies)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
R2 wgsslvpnsrc; C:\Program Files (x86)\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe [58368 2011-06-29] () [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-02-18] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-10-19] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [171192 2015-06-30] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-07-04] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [931000 2015-06-30] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [30392 2015-06-08] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 NgFilter; C:\Windows\System32\DRIVERS\ngfilter.sys [26184 2012-09-29] (Aventail Corporation)
R3 NgLog; C:\Windows\System32\DRIVERS\nglog.sys [31304 2012-09-29] (Aventail Corporation)
R3 NgVpn; C:\Windows\System32\DRIVERS\ngvpn.sys [103496 2012-09-29] (Aventail Corporation)
R3 NgWfp; C:\Windows\System32\DRIVERS\ngwfp.sys [28744 2012-09-29] (Aventail Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [Datei ist nicht signiert]
R3 vna_ap; C:\Windows\System32\DRIVERS\vnaap.sys [161256 2009-12-30] (Check Point Software Technologies)
R1 vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [457264 2010-09-13] (Check Point Software Technologies Ltd.)
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-23 10:53 - 2015-11-23 10:53 - 00000557 _____ C:\Users\Computer\Desktop\JRT.txt
2015-11-23 10:42 - 2015-11-23 10:42 - 00000000 ____D C:\Users\Computer\Downloads\FRST
2015-11-23 08:32 - 2015-11-23 10:54 - 00000000 ____D C:\Users\Computer\Desktop\Forum
2015-11-23 07:20 - 2015-11-23 10:55 - 00000000 ____D C:\FRST
2015-11-23 06:27 - 2015-11-23 06:27 - 00001284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Absolute Uninstaller.lnk
2015-11-23 06:27 - 2015-11-23 06:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2015-11-23 06:27 - 2015-11-23 06:27 - 00000000 ____D C:\Program Files (x86)\Glarysoft
2015-11-23 06:26 - 2015-11-23 06:26 - 04737952 _____ C:\Users\Computer\Downloads\ausetup5.3.1.20.exe
2015-11-23 06:26 - 2015-11-23 06:26 - 02870984 _____ (ESET) C:\Users\Computer\Downloads\esetsmartinstaller_deu.exe
2015-11-23 06:21 - 2015-11-23 10:51 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-11-23 06:21 - 2015-11-23 06:21 - 00002150 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2015-11-23 06:21 - 2015-11-23 06:21 - 00000000 ____D C:\Windows\ELAMBKUP
2015-11-23 06:21 - 2015-11-23 06:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-11-23 06:21 - 2015-11-23 06:21 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-11-23 06:21 - 2015-07-04 02:18 - 00227000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2015-11-23 06:21 - 2015-06-30 01:05 - 00931000 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-11-23 06:21 - 2015-06-30 01:05 - 00171192 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-11-23 06:21 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-11-23 06:18 - 2015-11-23 06:18 - 00000000 _____ C:\Windows\system32\Drivers\OLDFBBB.tmp
2015-11-23 06:18 - 2015-11-23 06:18 - 00000000 _____ C:\Windows\system32\Drivers\OLDF8E1.tmp
2015-11-23 06:17 - 2015-11-23 06:18 - 173986008 _____ (Kaspersky Lab) C:\Users\Computer\Downloads\kis16.0.0.614de-de.exe
2015-11-23 06:16 - 2015-11-23 06:16 - 00463688 _____ (Bleeping Computer, LLC) C:\Users\Computer\Downloads\sc-cleaner.exe
2015-11-23 06:06 - 2015-11-23 06:06 - 01733632 _____ C:\Users\Computer\Downloads\adwcleaner_5.022.exe
2015-11-20 10:12 - 2015-11-20 10:43 - 00000000 ____D C:\Users\Computer\AppData\Roaming\AVAST Software
2015-11-20 10:12 - 2015-11-20 10:12 - 00004258 _____ C:\Windows\System32\Tasks\avast! BCU UpdateS-1-5-21-3111903969-4264855908-3411873580-1000
2015-11-20 10:12 - 2015-11-20 10:12 - 00003316 _____ C:\Windows\System32\Tasks\avastBCLS-1-5-21-3111903969-4264855908-3411873580-1000
2015-11-20 10:10 - 2015-11-20 10:10 - 03840080 _____ (AVAST Software) C:\Users\Computer\Downloads\avast-browse104-cleanup-sfx.exe
2015-11-20 10:08 - 2015-11-20 10:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-20 09:59 - 2015-11-23 10:50 - 00000000 ____D C:\AdwCleaner
2015-11-20 09:38 - 2015-11-23 06:22 - 04431176 _____ (Google) C:\Users\Computer\Downloads\software_removal_tool.exe
2015-11-20 09:38 - 2015-11-23 06:22 - 00000402 _____ C:\Users\Computer\Downloads\debug.log
2015-11-20 08:36 - 2015-11-23 06:08 - 00002261 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-20 08:36 - 2015-11-20 09:38 - 00000000 ____D C:\Users\Computer\AppData\Local\Google
2015-11-20 08:36 - 2015-11-20 08:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-20 08:35 - 2015-11-23 10:51 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-20 08:35 - 2015-11-23 10:40 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-20 08:35 - 2015-11-20 08:36 - 00000000 ____D C:\Program Files (x86)\Google
2015-11-20 08:35 - 2015-11-20 08:35 - 00929872 _____ (Google Inc.) C:\Users\Computer\Downloads\ChromeSetup.exe
2015-11-20 08:35 - 2015-11-20 08:35 - 00004110 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-11-20 08:35 - 2015-11-20 08:35 - 00003858 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-20 08:30 - 2015-11-20 08:30 - 00388608 _____ (Trend Micro Inc.) C:\Users\Computer\Downloads\HijackThis_2.0.5.exe
2015-11-20 08:28 - 2015-11-20 08:28 - 00000000 ____D C:\Users\Computer\AppData\Local\GWX
2015-11-20 07:50 - 2015-11-23 06:57 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-20 07:49 - 2015-11-20 07:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-20 07:49 - 2015-11-20 07:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-20 07:49 - 2015-11-20 07:49 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-11-20 07:49 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-20 07:49 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-20 07:49 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-20 07:42 - 2015-11-20 08:00 - 00001073 _____ C:\Users\Computer\Desktop\Notepad++.lnk
2015-11-17 14:12 - 2015-11-23 10:43 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-11-12 12:03 - 2015-11-18 14:44 - 00000000 ____D C:\Echo Grafiken bearbeitet
2015-11-12 11:31 - 2015-11-12 11:31 - 00000000 ____D C:\go_grafiken
2015-11-12 06:37 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 09:03 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 09:03 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 09:03 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 09:03 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 09:03 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 09:03 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 09:03 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 09:03 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 09:03 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 09:03 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 09:03 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 09:03 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 09:03 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 09:03 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 09:03 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 09:03 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 09:03 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 09:03 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 09:03 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 09:03 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 09:03 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 09:03 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 09:03 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 09:03 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 09:03 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 09:03 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 09:03 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 09:03 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 09:03 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 09:03 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 09:03 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 09:03 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 09:03 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 09:03 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 09:03 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 09:03 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 09:03 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 09:03 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 09:03 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 09:03 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 09:03 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 09:03 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 09:03 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 09:03 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 09:03 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 09:03 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 09:03 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 09:03 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 09:03 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 09:03 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 09:03 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 09:03 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 09:03 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 09:03 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 09:03 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 09:03 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 09:03 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 09:03 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 09:03 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 09:03 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 09:03 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 09:03 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 09:03 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 09:03 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 09:03 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 09:03 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 09:03 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 09:03 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 09:03 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-11 09:03 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-11 09:03 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-11 09:03 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 09:03 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 09:03 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 09:03 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 09:03 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 09:03 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 09:03 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 09:03 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 09:03 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 09:03 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 09:03 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 09:03 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 09:03 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 09:03 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 09:03 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-11 09:03 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 09:03 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 09:03 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 09:03 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 09:03 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 09:03 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 09:03 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 09:03 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 09:03 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 09:03 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 09:03 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 09:03 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 09:03 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 09:03 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 09:03 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 09:03 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 09:03 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 09:03 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 09:03 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 09:03 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 09:03 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 09:03 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 09:03 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 09:03 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 09:03 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 09:03 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 09:03 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 09:03 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 09:03 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 09:03 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 09:03 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 09:03 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 09:03 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 09:03 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 09:03 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 09:03 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 09:03 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 09:03 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 09:03 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 09:03 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 09:03 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 09:03 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 09:03 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 09:03 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 09:03 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 09:03 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 09:03 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 09:03 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 09:03 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 09:03 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 09:03 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-11 09:03 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 09:03 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 09:03 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-09 10:24 - 2015-11-20 08:00 - 00000989 _____ C:\Users\Computer\Desktop\Forms Builder.lnk
2015-11-09 10:13 - 2015-11-09 10:22 - 00000000 ____D C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oracle Reports 6i Admin
2015-11-09 10:13 - 2015-11-09 10:22 - 00000000 ____D C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oracle Reports 6i
2015-11-09 10:13 - 2015-11-09 10:13 - 00000000 ____D C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oracle Olap Client 2.2
2015-11-09 10:00 - 2015-11-20 08:00 - 00000989 _____ C:\Users\Computer\Desktop\Report Builder.lnk
2015-11-09 09:22 - 2015-11-20 08:00 - 00001472 _____ C:\Users\Computer\Desktop\Forms Runtime.lnk
2015-11-09 09:13 - 2015-11-09 10:22 - 00000000 ____D C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oracle für Windows NT
2015-11-09 09:13 - 2015-11-09 10:22 - 00000000 ____D C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oracle Forms & Reports 6i
2015-11-09 09:13 - 2015-11-09 10:19 - 00000000 ____D C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oracle Forms 6i Admin
2015-11-09 09:13 - 2015-11-09 10:19 - 00000000 ____D C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oracle Forms 6i
2015-11-09 09:13 - 2015-11-09 10:13 - 00000000 ____D C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oracle Forms & Reports 6i Doc
2015-11-09 09:11 - 2015-11-09 10:13 - 00000000 ____D C:\orant
2015-11-05 11:48 - 2015-11-05 11:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2015-11-05 11:48 - 2015-11-05 11:48 - 00000000 ____D C:\Program Files (x86)\ // entfernt wegen Firmennamen
2015-11-05 11:38 - 2015-11-05 11:38 - 01386504 _____ C:\Users\Computer\Downloads\sslvpn_inst_ // entfernt wegen Firmennamen.exe
2015-11-05 11:30 - 2015-11-05 11:30 - 00133800 _____ C:\Users\Computer\Downloads\sslvpn_conf_ // entfernt wegen Firmennamen.exe
2015-11-03 16:14 - 2015-11-04 08:33 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-11-03 16:14 - 2015-11-03 16:45 - 00000000 ____D C:\Users\Computer\AppData\Roaming\Apple Computer
2015-11-03 15:47 - 2015-11-03 15:47 - 00000000 ____D C:\Users\Computer\AppData\Local\Sophos
2015-11-03 15:27 - 2015-11-03 15:27 - 00000000 ____D C:\Program Files (x86)\Sophos

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-23 10:54 - 2015-10-09 12:00 - 01774760 _____ C:\Windows\WindowsUpdate.log
2015-11-23 10:53 - 2015-10-09 12:18 - 00006533 _____ C:\Windows\SysWOW64\Gms.log
2015-11-23 10:51 - 2015-10-19 07:03 - 00000000 ____D C:\Users\Computer\AppData\Local\TSVNCache
2015-11-23 10:50 - 2015-10-09 14:43 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-23 10:50 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-23 10:50 - 2009-07-14 05:51 - 00035277 _____ C:\Windows\setupact.log
2015-11-23 10:50 - 2009-07-14 05:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-23 10:50 - 2009-07-14 05:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-23 10:49 - 2011-04-12 08:43 - 00778052 _____ C:\Windows\system32\perfh007.dat
2015-11-23 10:49 - 2011-04-12 08:43 - 00180530 _____ C:\Windows\system32\perfc007.dat
2015-11-23 10:49 - 2009-07-14 06:13 - 01815974 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-23 10:45 - 2015-10-19 07:03 - 00000000 ____D C:\Program Files (x86)\sqldeveloper
2015-11-23 10:43 - 2010-11-21 04:47 - 00159112 _____ C:\Windows\PFRO.log
2015-11-23 10:43 - 2009-07-14 05:45 - 00330664 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-23 10:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-11-23 07:49 - 2015-10-09 12:16 - 00072568 _____ C:\Users\Computer\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-23 06:44 - 2015-10-19 06:25 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-23 06:29 - 2015-10-21 07:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2015-11-20 10:33 - 2015-10-19 09:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-20 10:24 - 2015-10-19 06:39 - 00000000 ___RD C:\Users\Computer\Desktop\ToDo
2015-11-20 10:03 - 2015-10-20 11:32 - 00000000 ____D C:\Users\Computer\AppData\Local\CrashDumps
2015-11-20 08:37 - 2015-10-19 09:21 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-11-20 08:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Registration
2015-11-20 08:26 - 2015-10-19 06:39 - 00000000 ___RD C:\Users\Computer\Desktop\GO# Module
2015-11-20 08:17 - 2015-10-19 06:39 - 00000000 ___RD C:\Users\Computer\Desktop\Kram
2015-11-20 08:04 - 2015-10-20 11:41 - 00000000 ____D C:\Users\Computer\Downloads\Privat
2015-11-20 08:01 - 2015-10-20 08:34 - 00001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-20 08:01 - 2015-10-20 08:02 - 00001298 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2015-11-20 08:01 - 2015-10-19 09:21 - 00001045 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-11-20 08:01 - 2015-10-09 13:34 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-20 08:01 - 2015-10-09 11:58 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-11-20 08:01 - 2015-10-09 11:58 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-11-20 08:01 - 2009-07-14 05:57 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-11-20 08:01 - 2009-07-14 05:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2015-11-20 08:01 - 2009-07-14 05:57 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2015-11-20 08:01 - 2009-07-14 05:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2015-11-20 08:01 - 2009-07-14 05:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2015-11-20 08:00 - 2015-10-22 08:52 - 00001087 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2015-11-20 08:00 - 2015-10-20 08:34 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-11-20 08:00 - 2015-10-20 08:05 - 00001841 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2015-11-20 08:00 - 2015-10-20 08:02 - 00001292 _____ C:\Users\Public\Desktop\paint.net.lnk
2015-11-20 08:00 - 2015-10-19 11:24 - 00002161 _____ C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-11-20 08:00 - 2015-10-19 09:21 - 00001039 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-11-20 08:00 - 2015-10-19 07:03 - 00001069 _____ C:\Users\Computer\Desktop\SQL.lnk
2015-11-20 08:00 - 2015-10-19 07:03 - 00001044 _____ C:\Users\Computer\Desktop\Password Safe.lnk
2015-11-20 08:00 - 2015-10-09 13:34 - 00002041 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-11-20 08:00 - 2015-10-09 13:31 - 00001064 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-11-20 08:00 - 2015-10-09 12:00 - 00001425 _____ C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-11-20 08:00 - 2009-07-14 06:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2015-11-20 08:00 - 2009-07-14 05:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2015-11-20 07:42 - 2015-10-19 06:31 - 00000000 ____D C:\Users\Computer\AppData\Roaming\Notepad++
2015-11-20 07:40 - 2015-10-09 13:50 - 00001912 _____ C:\Windows\epplauncher.mif
2015-11-18 14:39 - 2015-10-19 06:25 - 00000000 ____D C:\Users\Computer\Documents\Visual Studio 2008
2015-11-17 13:34 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-12 12:11 - 2015-10-19 06:39 - 00000000 ___RD C:\Users\Computer\Desktop\GOEcho
2015-11-12 11:56 - 2015-10-09 12:17 - 00000000 ____D C:\Temp
2015-11-11 17:10 - 2015-10-09 12:54 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 17:08 - 2015-10-09 12:54 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 17:05 - 2015-10-09 12:07 - 01789318 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 17:05 - 2011-04-12 08:55 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-05 11:50 - 2015-10-19 06:39 - 00000000 ___RD C:\Users\Computer\Desktop\VPN Clients
2015-11-04 06:58 - 2015-10-09 13:31 - 00000000 ____D C:\Users\Computer\AppData\Roaming\vlc
2015-11-03 15:59 - 2015-10-20 09:20 - 00002242 ____H C:\Users\Computer\Documents\Default.rdp
2015-11-02 09:02 - 2015-10-19 11:19 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-11-02 08:56 - 2015-10-09 13:34 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-10-09 12:09 - 2015-10-09 12:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Computer\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-10 13:22

==================== Ende von FRST.txt ============================

--- --- ---

und Addition:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:22-11-2015
durchgeführt von Computer (2015-11-23 10:55:32)
Gestartet von C:\Users\Computer\Downloads\FRST
Windows 7 Professional Service Pack 1 (X64) (2015-10-09 11:00:24)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3111903969-4264855908-3411873580-500 - Administrator - Disabled)
Computer (S-1-5-21-3111903969-4264855908-3411873580-1000 - Administrator - Enabled) => C:\Users\Computer
Gast (S-1-5-21-3111903969-4264855908-3411873580-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Disabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Disabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (Version: 16.2.1 - Hewlett-Packard) Hidden
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Absolute Uninstaller 5.3.1.20 (HKLM-x32\...\Absolute Uninstaller) (Version: 5.3.1.20 - Glarysoft Ltd)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Aventail Connect (HKLM\...\{C338ACAC-7162-42E3-8B8C-85E5746F4A2E}) (Version: 10.62.196 - SonicWALL Aventail)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 DEU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Check Point Endpoint Security (HKLM-x32\...\{f508ae38-2d20-413e-a55c-58c86661f045}) (Version: 5.41.0000 - CheckPoint)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Crystal Reports Basic for Visual Studio 2008 (HKLM-x32\...\{AA467959-A1D6-4F45-90CD-11DC57733F32}) (Version: 10.5.0.0 - Business Objects)
Crystal Reports Basic German Language Pack for Visual Studio 2008 (HKLM-x32\...\{3924C3E7-C440-4B23-9740-9A9EC0545F21}) (Version: 10.5.0.0 - Business Objects)
Crystal Reports Basic Runtime for Visual Studio 2008 (x64) (HKLM\...\{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}) (Version: 10.5.0.0 - Business Objects)
Crystal Reports Basic Runtime German Language Pack for Visual Studio 2008 (x64) (HKLM\...\{1D5F34D0-6329-4D92-B81A-E24E9028910C}) (Version: 10.5.0.0 - Business Objects)
Devenv-Ressourcen für Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hotfix für Microsoft Visual Studio 2008 Professional Edition - DEU (KBKB971091) (HKLM-x32\...\{445174EA-3D3A-308E-84AD-446127E71441}.KB971091) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2008 Professional Edition - DEU (KBKB973674) (HKLM-x32\...\{445174EA-3D3A-308E-84AD-446127E71441}.KB973674) (Version: 1 - Microsoft Corporation)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.17 - Intel(R) Corporation) Hidden
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Language Pack (DEU) für freigegebene Windows Azure-Komponenten für Microsoft Visual Studio 2013 - v1.0 (x32 Version: 1.0.10829.1601 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for de-de Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Compact Framework 2.0 SP2 (HKLM-x32\...\{B1060346-9388-4C5B-AA52-176C39819E43}) (Version: 2.0.7045 - Microsoft Corporation)
Microsoft .NET Compact Framework 3.5 (HKLM-x32\...\{72CCBEA1-8D57-4981-A337-81019F28C5BA}) (Version: 3.5.7283 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Device Emulator (64 Bit) Version 3.0 - DEU (HKLM\...\{7ECA1AEA-2B61-3DE6-8276-6A9A2693F111}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Document Explorer 2008 (HKLM-x32\...\Microsoft Document Explorer 2008) (Version:  - Microsoft Corporation)
Microsoft Document Explorer 2008 Language Pack - DEU (HKLM-x32\...\Microsoft Document Explorer 2008 Language Pack - DEU) (Version:  - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office Home and Business 2013 - de-de (HKLM\...\HomeBusinessRetail - de-de) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3111903969-4264855908-3411873580-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst  (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 Design Tools DEU (HKLM-x32\...\{E32260E7-0B10-43C7-9B77-AB9F4184676D}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 DEU (HKLM-x32\...\{159098AF-4EB8-4C10-B0C6-24CDA32B45F9}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 for Devices DEU (HKLM-x32\...\{1C3ADB5F-750E-4453-AC98-B75C5323845C}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.2 (HKLM-x32\...\{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}) (Version: 1.2.0.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7C39E0D1-E138-42B1-B083-213EC2CF7692}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{1FBEA8BA-D40B-48BC-85BC-EE2D5575F27C}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime Language Pack (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime Language Pack) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Professional Edition - DEU (HKLM-x32\...\Microsoft Visual Studio 2008 Professional Edition - DEU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger - DEU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger - DEU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{06eb36bf-d26a-41a8-bcf3-638a3f6aa7aa}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools (HKLM\...\{AC888A60-9557-3B74-B52B-F353D01BD544}) (Version: 3.5.21022 - Microsoft)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense (HKLM\...\{9aa5f39c-a8de-46b0-919a-0248f8bc8490}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Tools (HKLM\...\{62EED300-E841-4083-A1D6-60B906271804}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Win32 Tools (HKLM\...\{A992BBAA-723D-4574-A07F-983BF8FAA3E1}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
OpenVPN 2.2.2 (HKLM-x32\...\OpenVPN) (Version: 2.2.2 - )
Oracle Database 11g Express Edition (HKLM-x32\...\InstallShield_{05A7B662-80A3-4EB9-AE1D-89A62449431C}) (Version: 11.2.0 - Oracle Corporation)
Oracle Database 11g Express Edition (Version: 11.2.0 - Oracle Corporation) Hidden
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Password Safe (HKLM-x32\...\Password Safe) (Version:  - )
PDF24 Creator 7.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Python Tools - Umleitungsvorlage (x32 Version: 1.1 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.87.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7335 - Realtek Semiconductor Corp.)
SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version:  - )
Sophos SSL VPN Client 2.1 (HKLM-x32\...\Sophos SSL VPN Client) (Version: 2.1 - )
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TortoiseSVN 1.8.11.26392 (64 bit) (HKLM\...\{11309CA9-9118-44D6-B345-83C86A5111D5}) (Version: 1.8.26392 - TortoiseSVN)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM-x32\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.5000.00 - Microsoft Corporation)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update für Microsoft Visual Studio 2008 Professional Edition - DEU (KBKB972221) (HKLM-x32\...\{445174EA-3D3A-308E-84AD-446127E71441}.KB972221) (Version: 1 - Microsoft Corporation)
VC Runtimes MSI (x32 Version: 9.0.21022 - Microsoft) Hidden
Visual Studio .NET Prerequisites - English (HKLM\...\{ACD875CC-A146-3125-8F99-D3766F46FD86}) (Version: 9.0.21022 - Microsoft Corporation)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio-Tools für Office System 3.0 Runtime Language Pack - DEU (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime Language Pack - DEU) (Version:  - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WatchGuard Mobile VPN with SSL client 11.4.2 (HKLM-x32\...\Mobile VPN with SSL client_is1) (Version:  - WatchGuard)
WCF Data Services 5.6.0 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows Mobile 5.0 SDK R2 for Pocket PC (HKLM-x32\...\{721B5CF0-D220-4955-BB6F-EBCFB1096DE7}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)
Windows Mobile 5.0 SDK R2 for Smartphone (HKLM-x32\...\{DA7F48EF-5F56-45FE-9169-3B8159A7A323}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)
Workflow Manager Client 1.0 (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.30725.1 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

16-11-2015 09:37:37 Windows Update
20-11-2015 06:18:15 Windows Update
20-11-2015 08:45:40 JRT Pre-Junkware Removal
20-11-2015 08:51:22 JRT Pre-Junkware Removal
20-11-2015 08:51:42 JRT Pre-Junkware Removal
23-11-2015 06:29:26 Removed Dotfuscator and Analytics Community Edition
23-11-2015 06:29:35 Dotfuscator and Analytics Community Edition Language Pack wurde entfernt
23-11-2015 06:43:59 Microsoft Office Visual Web Developer 2007 wird entfernt
23-11-2015 06:44:05 Removed Microsoft Visual Studio Web Authoring Component
23-11-2015 10:52:10 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0B50BCB7-E7FF-45AF-8CA0-EDB925ADEB2F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-20] (Google Inc.)
Task: {80494CB8-6B44-4D69-B284-BDA6857AEEA8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {9DE4F5D4-7798-4C05-911D-68C0FD4D415B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {A000957B-C018-4AF7-B944-A42B369EBB02} - System32\Tasks\avastBCLS-1-5-21-3111903969-4264855908-3411873580-1000 => C:\Users\Computer\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe
Task: {B5AE0ED6-5DC0-4833-8CE4-D8BDE8B274AC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-20] (Google Inc.)
Task: {DA5A327C-0CD0-4317-AEF1-DDABF1685157} - System32\Tasks\avast! BCU UpdateS-1-5-21-3111903969-4264855908-3411873580-1000 => C:\Users\Computer\AppData\Roaming\AVAST Software\Browser Cleanup\BCUUpdate.exe
Task: {E046770C-F5ED-4944-BBDA-98F603AE2317} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-09-30 04:22 - 2012-09-30 04:22 - 00229736 _____ () C:\Windows\ngmsi.dll
2015-10-09 12:02 - 2014-01-28 04:16 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2015-10-19 11:19 - 2015-10-07 18:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-07-01 09:21 - 2013-07-01 09:21 - 01127736 _____ () C:\Program Files\ShrewSoft\VPN Client\iked.exe
2013-07-01 00:16 - 2013-07-01 00:16 - 00628224 _____ () C:\Program Files\ShrewSoft\VPN Client\libike.dll
2013-07-01 00:15 - 2013-07-01 00:15 - 00022016 _____ () C:\Program Files\ShrewSoft\VPN Client\libidb.dll
2013-07-01 00:15 - 2013-07-01 00:15 - 00018432 _____ () C:\Program Files\ShrewSoft\VPN Client\libith.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 00039936 _____ () C:\Program Files\ShrewSoft\VPN Client\libvnet.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 00013312 _____ () C:\Program Files\ShrewSoft\VPN Client\liblog.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 00116736 _____ () C:\Program Files\ShrewSoft\VPN Client\libip.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 00029184 _____ () C:\Program Files\ShrewSoft\VPN Client\libpfk.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 00017920 _____ () C:\Program Files\ShrewSoft\VPN Client\libdtp.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 00035840 _____ () C:\Program Files\ShrewSoft\VPN Client\libvflt.dll
2013-07-01 09:21 - 2013-07-01 09:21 - 00810808 _____ () C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
2015-10-19 09:16 - 2011-06-29 22:02 - 00058368 _____ () C:\Program Files (x86)\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe
2015-03-19 18:55 - 2015-03-19 18:55 - 00088960 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2015-10-16 11:02 - 2015-10-16 11:02 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2015-10-09 12:02 - 2015-11-23 10:50 - 00035472 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2015-10-09 12:02 - 2014-01-28 04:16 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2010-03-23 12:26 - 2010-03-23 12:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2014-04-29 15:23 - 2014-04-29 15:23 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-10-19 11:19 - 2015-10-19 11:19 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-10-19 11:21 - 2015-10-19 11:21 - 01033792 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3111903969-4264855908-3411873580-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: // entfernt wegen FirmenIP
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{925C692C-2F11-43E8-8867-28E74F92DBC8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{214ABBE6-14B8-4865-A84F-FFA89A8DD83C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C43BB274-CA77-4023-B758-F4B7433F2653}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{EB9C33E6-D61E-47EF-BA24-588708AC5F85}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C1D8BCEC-3C54-4822-8302-DE82D89A97B2}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe
FirewallRules: [{72CEFB52-8FDE-4553-9E65-FCA42C58F90C}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
FirewallRules: [{F706406B-F3A1-4405-83F8-D520D0E8C903}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{15E77C64-84FC-48C1-822B-FB4ED14D7E34}] => (Allow) C:\Users\Computer\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{39B600A4-E88F-49B6-9AF7-DE5517C936AD}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
FirewallRules: [{22F85E4E-321D-458E-B39C-74EFC6FFC880}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe
FirewallRules: [{BEF220B2-5D4C-415E-A9AE-9715624E42CC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D9F17202-52E5-41C8-98CC-403B051DD482}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CF6CC85D-0D5B-434A-AFBE-C268C741CB08}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{EEF33EDA-40D4-4448-8E5C-75A14DBF5F60}] => (Allow) LPort=12292
FirewallRules: [{75089B9A-64EB-475A-ABE3-64215788D5CF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5A012DBE-FF97-46DE-9E24-CF7535EC5B13}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B36DA14E-5188-414D-ABF3-E428AAD6AB25}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/23/2015 10:52:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/23/2015 10:45:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/23/2015 10:41:46 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/23/2015 08:37:21 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/23/2015 06:53:47 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm setup.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1b5c

Startzeit: 01d125b1f63e2452

Endzeit: 0

Anwendungspfad: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe

Berichts-ID:

Error: (11/23/2015 06:45:23 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/23/2015 06:22:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/23/2015 06:02:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/20/2015 10:59:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/20/2015 10:50:45 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Users\Computer\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"; Beschreibung = JRT Pre-Junkware Removal; Fehler = 0x8007043c).


Systemfehler:
=============
Error: (11/23/2015 10:52:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/23/2015 10:51:58 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (11/23/2015 10:50:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/23/2015 10:50:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/23/2015 10:50:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/23/2015 10:50:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Office Software Protection Platform" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/23/2015 10:50:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/23/2015 10:50:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/23/2015 10:50:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/23/2015 10:50:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WatchGuard SSLVPN Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 18%
Installierter physikalischer RAM: 16325.59 MB
Verfügbarer physikalischer RAM: 13384.94 MB
Summe virtueller Speicher: 32649.39 MB
Verfügbarer virtueller Speicher: 28818.07 MB

==================== Laufwerke ================================

Drive c: (System SSD) (Fixed) (Total:232.79 GB) (Free:144.36 GB) NTFS
Drive d: (Daten HDD) (Fixed) (Total:931.51 GB) (Free:894.07 GB) NTFS
Drive z: ( // entfernt wegen Firmenname ) (Network) (Total:465.76 GB) (Free:23.99 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 3F335886)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1E138C47)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Bzgl. der WebData-Datei möchte ich aber erwähnen, dass die, sofern sie nicht existiert, von Chrome bei jedem Start angelegt wird (zumindest bei mir). Ich starte ihn aktuell nicht, bin im Moment nur mit Firefox unterwegs.

Warlord711 · 23.11.2015, 11:45

Ok, unter FF also kein coldsearch.

Kannst du jetzt mal Chrome testen ?

Kautzerine · 23.11.2015, 11:53

Nachdem ich gerade Chrome gestestet habe kann ich mitteilen, dass alles wieder funktioniert!

Die Optionen lassen eine Änderung der Suchmaschine wieder zu (nicht mehr die Meldung "wird vom Admin verhindert") und es steht nirgends mehr coldsearch und wenn ich meinen Suchbegriff losschicke geht er auch nur auf Google, nicht mehr mit Zwischenstop über eine andere Seite

Ich bedanke mich vielmals!!!

Warlord711 · 24.11.2015, 11:33

Ok !

Zum Abschluss bitte noch ein Scan, der allerdings länger dauert:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Kautzerine · 24.11.2015, 13:55

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=e8dcf6d4a05bad4d84fc9583d3bd25ef
# end=init
# utc_time=2015-11-24 10:34:28
# local_time=2015-11-24 11:34:28 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 26869
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=e8dcf6d4a05bad4d84fc9583d3bd25ef
# end=updated
# utc_time=2015-11-24 10:36:08
# local_time=2015-11-24 11:36:08 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=e8dcf6d4a05bad4d84fc9583d3bd25ef
# engine=26869
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-11-24 11:54:31
# local_time=2015-11-24 12:54:31 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1305 16777213 100 100 6644 12584723 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 14887 199995921 0 0
# scanned=623277
# found=0
# cleaned=0
# scan_time=4703

Warlord711 · 24.11.2015, 15:08

Super ! Logs sind sauber !

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Abschließend habe ich noch ein paar Tipps zur Absicherung deines Systems.

Ändere regelmäßig alle deine Passwörter, jetzt, nach der Bereinigung ist ein idealer Zeitpunkt dafür

verwende für jede Anwendung und jeden Account ein anderes Passwort
ändere regelmäßig dein Passwort, vor allem bei Onlinebanking oder deinem Emailpostfach ist dieses sehr wichtig
speichere keine Passwörter auf deinem PC, gib diese nicht an dritte weiter
ein sicheres Passwort besteht aus mindestens 8 Zeichen und beinhaltet Groß- und Kleinbuchstaben, Zahlen und Sonderzeichen
benutze keine Zahlen- oder Buchstabenkombinationen, ( zB 12345678, qwertzui) auch keine Zahlen oder Buchstabenmuster
verwende keine Passwörter die einen Bezug zu dir, deinem Wohnort, Familienmitglied oder Haustier (Geburtsdatum, Postleitzahl, Adresse, Name) haben

Ich kann gar nicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7 / 8 : Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti-Viren-Programm und zusätzlicher Schutz

Gehe sicher, dass du immer nur eine Anti-Viren Software installiert hast und dass diese auch up to date ist!
MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demand Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion bietet zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
AdwCleaner
Dieses Tool erkennt eine Vielzahl von Werbeprogrammen (Adware) und unerwünschten Programmen (PUPs).
Starte das Tool einmal die Woche und lass es laufen. Sollte eine neue Version verfügbar sein, so wird dies angezeigt und du kannst dir die neueste Version direkt auf den Desktop downloaden.
SpywareBlaster
Eine kurze Einführung findest du Hier
WOT (Web of trust)
Dieses AddOn warnt dich, bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser
Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Mozilla Firefox

Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
NoScript
Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt, wenn Du es bestätigst.
AdblockPlus
Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
Es spart außerdem Downloadkapazität.

Performance

Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von Registry Cleanern.
Diese Schaden deinem System mehr als dass sie helfen. Hier ein englischer Link:
Miekemoes Blogspot ( MVP )

Was du vermeiden solltest:

Klicke nicht auf alles, nur weil es dich dazu auffordert und schön bunt ist.
Verwende keine P2P oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie z.B. deinFoto.jpg.exe.
Lade keine Software von Softonic oder Chip herunter, da diese Installer oft mit Adware oder unerünschter Software versehen sind!

Nun bleibt mir nur noch dir viel Spaß beim sicheren Surfen zu wünschen... ... und vielleicht möchtest du ja das Trojaner-Board unterstützen oder Lob, Kritik und Wünsche loswerden?

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

Kautzerine · 25.11.2015, 07:00

Ich habe die von Dir genannten Schritte nun ausgeführt und bedanke mich nochmals herzlichst für deine Hilfe.

Von meiner Seite aus bestehen keine Fragen mehr, sodass das Thema als abgeschlossen angesehen werden kann.

Vielen Dank!

23.11.2015, 11:45	#7
Warlord711 /// TB-Ausbilder	Windows 7: Chrome wurde von s.coldsearch.com übernommen Ok, unter FF also kein coldsearch. Kannst du jetzt mal Chrome testen ? __________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie \| Spende \| Lob & Kritik

Windows 7: Chrome wurde von s.coldsearch.com übernommen

Log-Analyse und Auswertung: Windows 7: Chrome wurde von s.coldsearch.com übernommen