Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili)

High_one · 26.02.2017, 21:15

Hallo,

ich glaube ich habe seit ca. 1 Woche immer wieder Malware auf dem Rechner und bin jetzt auf dieses Board gestossen.
Zum einen wurde über meinen Rechner auf mein Paypal Konto zugegriffen (da das Kennwort leider im Browser gespeichert war) und es wurden innerhalb von Minuten 7 Steam Gutscheine im Wert von je 50,- Euro gekauft. Mittlerweile habe ich es zum Glück von Paypal aber ersetzt bekommen.

Seitdem ist allerdings mein Windows Defender auch deaktiviert und kann nicht mehr eingeschaltet werden:
Fehlermeldung "diese App wurde über eine Gruppenrichtlinie deaktiviert"
Er hatte aber vor seiner "Deaktivierung" noch Schädlinge gemeldet, leider ging die Meldung zu schnell weg (ich konnte es mir nicht behalten).
Über die Einstellungen lässt er sich nun nicht mehr aktivieren.

Malwarebytes Anti Malware ist bei mir installiert und findet auch immer wieder was.
z.B. waren das Trotux, Winsnare, Bilibili und noch mehr (siehe LOG)

Zitat:

<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2017/02/25 07:08:55 +0100</date>
<logfile>mbam-log-2017-02-25 (07-08-14).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.2.1.1043</version>
<malware-database>v2017.02.25.05</malware-database>
<rootkit-database>v2017.02.15.01</rootkit-database>
<license>free</license>
<file-protection>disabled</file-protection>
<web-protection>disabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<hostname>HIGHLANDER</hostname>
<ip>192.168.192.21</ip>
<osversion>Windows 10</osversion>
<arch>x64</arch>
<username>Daniel</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>custom</type>
<result>completed</result>
<objects>821604</objects>
<time>13347</time>
<processes>0</processes>
<modules>0</modules>
<keys>4</keys>
<values>1</values>
<datas>0</datas>
<folders>3</folders>
<files>3</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>enabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<key><path>HKU\S-1-5-21-1478581348-535765091-3593234125-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B}</path><vendor>PUP.Optional.YTAdBlocker</vendor><action>success</action><hash>81a82f784464979f80fd203561a008f8</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4679B86E-8935-455E-850C-E95DCC2C0362}</path><vendor>PUP.Optional.BikaQRssReader</vendor><action>delete-on-reboot</action><hash>5bceffa86444bb7b1c986bdc3dc417e9</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\BikaQ_FetchAndUpgrade_CanBeDel</path><vendor>PUP.Optional.BikaQRssReader</vendor><action>delete-on-reboot</action><hash>43e6aff8387047efeb474afeb051629e</hash></key>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\bilibili</path><vendor>Adware.Elex</vendor><action>success</action><hash>9297b5f2cade2a0cc7d81bd72dd36d93</hash></key>
<value><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4679B86E-8935-455E-850C-E95DCC2C0362}</path><valuename>Path</valuename><vendor>PUP.Optional.BikaQRssReader</vendor><action>delete-on-reboot</action><valuedata>\BikaQ_FetchAndUpgrade_CanBeDel</valuedata><hash>5bceffa86444bb7b1c986bdc3dc417e9</hash></value>
<folder><path>C:\Program Files (x86)\bilibili</path><vendor>Adware.Elex</vendor><action>success</action><hash>31f8f0b731776dc91ca749a70df3c040</hash></folder>
<folder><path>C:\Program Files (x86)\BikaQRssReader</path><vendor>PUP.Optional.BikaQRssReader</vendor><action>success</action><hash>a0896443a701e55134d16dda52af3dc3</hash></folder>
<folder><path>C:\Program Files (x86)\WinSnare(4.1.0)</path><vendor>Adware.Elex</vendor><action>success</action><hash>91985552604869cdede0f262b34ec838</hash></folder>
<file><path>C:\Windows\System32\Tasks\BikaQ_FetchAndUpgrade_CanBeDel</path><vendor>PUP.Optional.BikaQRssReader</vendor><action>success</action><hash>50d98324525650e64ee580c75da4669a</hash></file>
<file><path>C:\Program Files (x86)\BikaQRssReader\app.bikaQ.config</path><vendor>PUP.Optional.BikaQRssReader</vendor><action>success</action><hash>a0896443a701e55134d16dda52af3dc3</hash></file>
<file><path>C:\Program Files (x86)\WinSnare(4.1.0)\WinSnare.dll</path><vendor>Adware.Elex</vendor><action>success</action><hash>91985552604869cdede0f262b34ec838</hash></file>
</items>
</mbam-log>

SpyBot Search&Destroy hat z.B. auch diese Funde gemeldet:

Zitat:

[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product Macromedia.FlashPlayer.Cookies
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\admin.brightcove.com\MediaPreferences.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\affiliate.gameladen.com\pap20.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\aka-cdn-ns.adtech.de\movad.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\az731861.vo.msecnd.net\nexxCACHE_584.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\besttv39.cdn.it.best-tv.com\com.longtailvideo.jwplayer.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\blackbird.zoomin.tv\flashCookie.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\c.paypal.com\PayPalLSO.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\c4.ac-data.com\com.px24.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn.flashtalking.com\ftLocalComms.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn.flashtalking.com\FT_cookie.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn.movad.net\movad.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn1-ref-cl.amscontent.net\MessengerBarCookie.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn3-ref-cl.landing.comcontent.net\MessengerBarCookie.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn3.screen9.com\picsearch_user_session.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn5-ref-cl.amscontent.net\MessengerBarCookie.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\ced.sascdn.com\movad.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cfiles.5min.com\5minSessionTracker_www.huffingtonpost.de.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cfiles.5min.com\Storage5minCookie.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\chatroulette.com\16chatroulette.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\de-castaclip.cdn.videoplaza.tv\com.videoplaza.adplayer.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\de-castaclip.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\de-ipd.cdn.videoplaza.tv\com.videoplaza.adplayer.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\de-ipd.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\de-ipd.cdn.videoplaza.tv\se.videoplaza.kit.adplayer.adplayer.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\delivery.fashiondaily.tv\analytics.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\deliverybeta.fashiondaily.tv\analytics.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\deliverybeta.freshmilk.tv\analytics.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\dizcdn.yobt.com\com.jeroenwijering.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\duapys4lcv8ju.cloudfront.net\settings.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\effektivesdating.info\pap20.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\embed.live-stream.tv\com.jeroenwijering.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\gadcreatives.mode.com\movad.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\glatzenrechner.alpecin.de\analytics.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\i.bongacams.com\limit.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\images-eu.ssl-images-amazon.com\mercury.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\images-na.ssl-images-amazon.com\mercury.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\imagesrv.adition.com\movad.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\members.bet365.com\FCE.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\mpsnare.iesnare.com\stm.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\opf.ooyala.com\ima_adsets.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\oystatic.ignimgs.com\analytics.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\pagead2.googlesyndication.com\movad.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\player.ooyala.com\auth.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\player.ooyala.com\auth2.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\player.ooyala.com\auth_id.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\player.ooyala.com\perf.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\pornsharing.com\tubeContextPlayer.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\publishing.kaloo.ga\analytics.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\pxc1.adscale.de\analytics.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\s.yimg.com\com.conviva.livePass.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\s.yimg.com\com.yahoo.yep.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\s.ytimg.com\restore.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\s.ytimg.com\soundData.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\secureinclude.ebaystatic.com\ebayLSO.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\secureinclude.ebaystatic.com\ebayT.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\server072.20min-tv.ch\analytics.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\server072.20min-tv.ch\com.jeroenwijering.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\smava.postaffiliatepro.com\pap20.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\software.hiro.tv\HIRO_REPO.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\ssl.hurra.com\restore.hurra.com.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\stake7.postaffiliatepro.com\pap20.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static-cdn1.ustream.tv\viewer.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.allinviews.com\com.quantserve.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.medallia.com\medallia.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static1.dmcdn.net\com.dm.player.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\staticloads.com\com.jeroenwijering.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\taxi69.com\com.jeroenwijering.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\v4s.yimg.com\com.conviva.livePass.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\v4s.yimg.com\com.yahoo.yep.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\video.golem.de\golem_videoplayer.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\video.viewster.com\hiro_companion_cookie.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\video.viewster.com\HIRO_NETWORK_CAPPING_COOKIE.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\video.viewster.com\US_FARM_lbviewster.hiro.tv_STREMING_CLIENT_ID_COOKIE.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\video.viewster.com\US_FARM__STREMING_CLIENT_ID_COOKIE.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\webmaster.erotik.com\pap20.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.amateurseite.com\MessengerBarCookie.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.cdkeys.com\pap20.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.cellartracker.com\F2UTG.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.dailymotion.com\com.dm.player.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.gameliebe.com\pap20.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.gamers.de\analytics.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.gamestar.de\analytics.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.hornbach.de\com.jeroenwijering.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.ikea.com\PAXplanner(2).sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.naiadsystems.com\AdobeDynamicStream.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.naiadsystems.com\naiad.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.paypalobjects.com\PayPalLSO.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.paypalobjects.com\ppLsoTest.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.pcgames.de\analytics.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.pcgameshardware.de\analytics.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.spiegel.de\BandwidthCache.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\z.cdn.turner.com\com.turner.cvp.so.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\z.cdn.turner.com\octoshapeuserinfo.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\aa.online-metrix.net\fpc.swf\session.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\counter.cam-content.com\visitCounter105.swf\lsps_local.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\delivery.fashiondaily.tv\flowplayer.commercial-3.2.15.swf\org.flowplayer.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\eu-st.xhamster.com\videoplayerE.swf\dats.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\eu-st.xhamster.com\xembed7.swf\dats.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\eu-st.xhamster.com\xembed9.swf\dats.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\fapteentube.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\js.rating-widget.com\RatingWidget.swf\RatingWidget.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\lsps2007.cam-content.com\flowplayer.commercial-3.2.18.swf\org.flowplayer.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\ndirect.ppro.de\vft\clickIDs.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\securepaths.com\sp.swf\securepaths.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\swf.cam-content.com\evoChat2014_169.swf\muschiControl.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\swf.cam-content.com\evoVideoPlayerFree394.swf\evoAd_local.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\track.webgains.com\wg.swf\5930.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\uk.cdn-net.com\s.swf\_cc.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.18-schoolgirlz.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.18tube.xxx\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.ajaxcdn.org\swf.swf\dm_cookie.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.cdn-net.com\s.swf\_cc.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.hotshame.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.naiadsystems.com\#naiad\pure.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.perfektegirls.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.pinkrod.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.pornoid.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.pornpropeller.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.sleazyneasy.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.youx.xxx\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\xxxdessert.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\a.affil.io\s\af.swf\afstorage.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\aeu.alicdn.com\flash\JSocket.swf\kj.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\bilder.rtl.de\flash\david09_player_20150112.swf\rtl.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\bilder.rtl.de\flash\david09_player_20150112.swf\rtlbw.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\bilder.rtl.de\flash\david09_player_20150112.swf\userinfo6.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cc1.midasplayer.com\swf\CCMain.swf\holiday_card.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cc1.midasplayer.com\swf\CCMain.swf\pushYetiShop.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cc1.midasplayer.com\swf\CCMain.swf\pwf_livesPop.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cc1.midasplayer.com\swf\CCMain.swf\receivedBoosterGifts.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn2.dashbida.com\prod\vpaid2-dbfp.swf\dbStore.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\deliverybeta.fashiondaily.tv\static\flowplayer.commercial-3.2.15.swf\org.flowplayer.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\deliverybeta.freshmilk.tv\static\flowplayer.commercial-3.2.15.swf\org.flowplayer.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\heias.com\x\heias_sc.swf\heias.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\mp.ksta.de\bucket\novosense.swf\nodeforty_data.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\mp.piano.noz.de\bucket\novosense.swf\nodeforty_data.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\pagead2.googlesyndication.com\pagead\imgad\movad.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\pagead2.googlesyndication.com\pagead\imgad\_mg549519bfa32bc606fe000007.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\pagead2.googlesyndication.com\pagead\imgad\_mg54d41f216e9552186d0000a0.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\play.snacktv.de\player\videoplayer.swf\SnackTV.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\player.zdf.de\latest\EmbeddedPlayer.swf\changeMe0815.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\publishing.kaloo.ga\media\flowplayer.commercial-3.2.18.swf\org.flowplayer.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.clipfish.de\flash\clipfish_player_3.swf\rtl.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.clipfish.de\flash\clipfish_player_3.swf\rtlbw.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.clipfish.de\flash\clipfish_player_3.swf\userinfo6.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.xvideos.com\swf\flv_player_site_v4.swf\hexaplayerVolumeCookie.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.xvideos.com\swf\xv-player.swf\hexaplayerVolumeCookie.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.empflix.com\embedding_player\player_v0.2.1.swf\flixstream_audio_settings.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.snacktv.de\vpaidplayer\vpaid.swf\SnackTV.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www2.whatsupcams.com\fp\flowplayer.commercial.swf\org.flowplayer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\admin.brightcove.com\MediaPreferences.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\affiliate.gameladen.com\pap20.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\aka-cdn-ns.adtech.de\movad.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\az731861.vo.msecnd.net\nexxCACHE_584.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\besttv39.cdn.it.best-tv.com\com.longtailvideo.jwplayer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\blackbird.zoomin.tv\flashCookie.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\c.paypal.com\PayPalLSO.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\c4.ac-data.com\com.px24.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn.flashtalking.com\ftLocalComms.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn.flashtalking.com\FT_cookie.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn.movad.net\movad.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn1-ref-cl.amscontent.net\MessengerBarCookie.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn3-ref-cl.landing.comcontent.net\MessengerBarCookie.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn3.screen9.com\picsearch_user_session.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn5-ref-cl.amscontent.net\MessengerBarCookie.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\ced.sascdn.com\movad.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cfiles.5min.com\5minSessionTracker_www.huffingtonpost.de.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cfiles.5min.com\Storage5minCookie.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\chatroulette.com\16chatroulette.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\de-castaclip.cdn.videoplaza.tv\com.videoplaza.adplayer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\de-castaclip.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\de-ipd.cdn.videoplaza.tv\com.videoplaza.adplayer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\de-ipd.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\de-ipd.cdn.videoplaza.tv\se.videoplaza.kit.adplayer.adplayer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\delivery.fashiondaily.tv\analytics.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\deliverybeta.fashiondaily.tv\analytics.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\deliverybeta.freshmilk.tv\analytics.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\dizcdn.yobt.com\com.jeroenwijering.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\duapys4lcv8ju.cloudfront.net\settings.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\effektivesdating.info\pap20.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\embed.live-stream.tv\com.jeroenwijering.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\gadcreatives.mode.com\movad.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\glatzenrechner.alpecin.de\analytics.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\i.bongacams.com\limit.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\images-eu.ssl-images-amazon.com\mercury.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\images-na.ssl-images-amazon.com\mercury.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\imagesrv.adition.com\movad.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\members.bet365.com\FCE.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\mpsnare.iesnare.com\stm.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\opf.ooyala.com\ima_adsets.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\oystatic.ignimgs.com\analytics.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\pagead2.googlesyndication.com\movad.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\player.ooyala.com\auth.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\player.ooyala.com\auth2.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\player.ooyala.com\auth_id.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\player.ooyala.com\perf.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\pornsharing.com\tubeContextPlayer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\publishing.kaloo.ga\analytics.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\pxc1.adscale.de\analytics.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\s.yimg.com\com.conviva.livePass.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\s.yimg.com\com.yahoo.yep.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\s.ytimg.com\restore.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\s.ytimg.com\soundData.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\secureinclude.ebaystatic.com\ebayLSO.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\secureinclude.ebaystatic.com\ebayT.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\server072.20min-tv.ch\analytics.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\server072.20min-tv.ch\com.jeroenwijering.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\smava.postaffiliatepro.com\pap20.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\software.hiro.tv\HIRO_REPO.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\ssl.hurra.com\restore.hurra.com.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\stake7.postaffiliatepro.com\pap20.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static-cdn1.ustream.tv\viewer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.allinviews.com\com.quantserve.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.medallia.com\medallia.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static1.dmcdn.net\com.dm.player.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\staticloads.com\com.jeroenwijering.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\taxi69.com\com.jeroenwijering.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\v4s.yimg.com\com.conviva.livePass.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\v4s.yimg.com\com.yahoo.yep.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\video.golem.de\golem_videoplayer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\video.viewster.com\hiro_companion_cookie.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\video.viewster.com\HIRO_NETWORK_CAPPING_COOKIE.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\video.viewster.com\US_FARM_lbviewster.hiro.tv_STREMING_CLIENT_ID_COOKIE.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\video.viewster.com\US_FARM__STREMING_CLIENT_ID_COOKIE.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\webmaster.erotik.com\pap20.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.amateurseite.com\MessengerBarCookie.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.cdkeys.com\pap20.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.cellartracker.com\F2UTG.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.dailymotion.com\com.dm.player.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.gameliebe.com\pap20.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.gamers.de\analytics.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.gamestar.de\analytics.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.hornbach.de\com.jeroenwijering.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.ikea.com\PAXplanner(2).sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.naiadsystems.com\AdobeDynamicStream.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.naiadsystems.com\naiad.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.paypalobjects.com\PayPalLSO.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.paypalobjects.com\ppLsoTest.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.pcgames.de\analytics.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.pcgameshardware.de\analytics.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.spiegel.de\BandwidthCache.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\z.cdn.turner.com\com.turner.cvp.so.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\z.cdn.turner.com\octoshapeuserinfo.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\aa.online-metrix.net\fpc.swf\session.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\counter.cam-content.com\visitCounter105.swf\lsps_local.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\delivery.fashiondaily.tv\flowplayer.commercial-3.2.15.swf\org.flowplayer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\eu-st.xhamster.com\videoplayerE.swf\dats.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\eu-st.xhamster.com\xembed7.swf\dats.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\eu-st.xhamster.com\xembed9.swf\dats.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\fapteentube.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\js.rating-widget.com\RatingWidget.swf\RatingWidget.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\lsps2007.cam-content.com\flowplayer.commercial-3.2.18.swf\org.flowplayer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\ndirect.ppro.de\vft\clickIDs.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\securepaths.com\sp.swf\securepaths.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\swf.cam-content.com\evoChat2014_169.swf\muschiControl.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\swf.cam-content.com\evoVideoPlayerFree394.swf\evoAd_local.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\track.webgains.com\wg.swf\5930.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\uk.cdn-net.com\s.swf\_cc.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.18-schoolgirlz.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.18tube.xxx\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.ajaxcdn.org\swf.swf\dm_cookie.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.cdn-net.com\s.swf\_cc.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.hotshame.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.naiadsystems.com\#naiad\pure.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.perfektegirls.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.pinkrod.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.pornoid.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.pornpropeller.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.sleazyneasy.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.youx.xxx\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\xxxdessert.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\a.affil.io\s\af.swf\afstorage.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\aeu.alicdn.com\flash\JSocket.swf\kj.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\bilder.rtl.de\flash\david09_player_20150112.swf\rtl.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\bilder.rtl.de\flash\david09_player_20150112.swf\rtlbw.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\bilder.rtl.de\flash\david09_player_20150112.swf\userinfo6.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cc1.midasplayer.com\swf\CCMain.swf\holiday_card.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cc1.midasplayer.com\swf\CCMain.swf\pushYetiShop.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cc1.midasplayer.com\swf\CCMain.swf\pwf_livesPop.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cc1.midasplayer.com\swf\CCMain.swf\receivedBoosterGifts.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn2.dashbida.com\prod\vpaid2-dbfp.swf\dbStore.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\deliverybeta.fashiondaily.tv\static\flowplayer.commercial-3.2.15.swf\org.flowplayer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\deliverybeta.freshmilk.tv\static\flowplayer.commercial-3.2.15.swf\org.flowplayer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\heias.com\x\heias_sc.swf\heias.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\mp.ksta.de\bucket\novosense.swf\nodeforty_data.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\mp.piano.noz.de\bucket\novosense.swf\nodeforty_data.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\pagead2.googlesyndication.com\pagead\imgad\movad.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\pagead2.googlesyndication.com\pagead\imgad\_mg549519bfa32bc606fe000007.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\pagead2.googlesyndication.com\pagead\imgad\_mg54d41f216e9552186d0000a0.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\play.snacktv.de\player\videoplayer.swf\SnackTV.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\player.zdf.de\latest\EmbeddedPlayer.swf\changeMe0815.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\publishing.kaloo.ga\media\flowplayer.commercial-3.2.18.swf\org.flowplayer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.clipfish.de\flash\clipfish_player_3.swf\rtl.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.clipfish.de\flash\clipfish_player_3.swf\rtlbw.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.clipfish.de\flash\clipfish_player_3.swf\userinfo6.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.xvideos.com\swf\flv_player_site_v4.swf\hexaplayerVolumeCookie.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.xvideos.com\swf\xv-player.swf\hexaplayerVolumeCookie.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.empflix.com\embedding_player\player_v0.2.1.swf\flixstream_audio_settings.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.snacktv.de\vpaidplayer\vpaid.swf\SnackTV.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www2.whatsupcams.com\fp\flowplayer.commercial.swf\org.flowplayer.sol
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product Win32.Graftor
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\help
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\help
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product Win32.Trotux
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\help
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_LOCAL_MACHINE\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}\ffd
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_LOCAL_MACHINE\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}\chd
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Local\Anopert\
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\help
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_LOCAL_MACHINE\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}\ffd
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_LOCAL_MACHINE\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}\chd
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Local\Anopert\
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product DoubleClick
[+] 17-02-19 21:46:38 Moving into quarantine Cookie (Firefox: Daniel (default)).doubleclick.net/ (id)
[+] 17-02-19 21:46:38 Moving into quarantine Cookie (Firefox: Daniel (default)).doubleclick.net/ (IDE)
[+] 17-02-19 21:46:38 Successfully cleaned Cookie (Firefox: Daniel (default)).doubleclick.net/ (id)
[+] 17-02-19 21:46:38 Successfully cleaned Cookie (Firefox: Daniel (default)).doubleclick.net/ (IDE)
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product Internet Explorer
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\TypedURLs
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\TypedURLs
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Internet Explorer\TypedURLs
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\TypedURLs
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\TypedURLs
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Internet Explorer\TypedURLs
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product MS Management Console
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Microsoft Management Console\Recent File List
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Microsoft Management Console\Recent File List
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product MS Direct3D
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product MS DirectDraw
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product MS DirectInput
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product MS Office 12.0 (Excel)
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Office\12.0\Excel\File MRU
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Office\12.0\Excel\File MRU
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product MS Office 12.0 (Word)
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Office\12.0\Word\File MRU
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Office\12.0\Word\File MRU
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product MS Regedit
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product MS Wordpad
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product Windows.OpenWith
[+] 17-02-19 21:46:39 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
[+] 17-02-19 21:46:39 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CFG\OpenWithList
[+] 17-02-19 21:46:39 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CPL\OpenWithList
[+] 17-02-19 21:46:39 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
[+] 17-02-19 21:46:39 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
[+] 17-02-19 21:46:39 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CFG\OpenWithList
[+] 17-02-19 21:46:39 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CPL\OpenWithList
[+] 17-02-19 21:46:39 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
[i] 17-02-19 21:46:39
[i] 17-02-19 21:46:39 Product Windows Explorer
[+] 17-02-19 21:46:39 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[+] 17-02-19 21:46:39 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[+] 17-02-19 21:46:39 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[+] 17-02-19 21:46:39 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[i] 17-02-19 21:46:39
[i] 17-02-19 21:46:39 Product Windows Media SDK
[+] 17-02-19 21:46:39 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+] 17-02-19 21:46:39 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+] 17-02-19 21:46:39 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+] 17-02-19 21:46:39 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+] 17-02-19 21:46:39 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+] 17-02-19 21:46:39 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[i] 17-02-19 21:46:39
[i] 17-02-19 21:46:39 Product Verlauf
[+] 17-02-19 21:46:39 Moving into quarantine Internet Explorer (Benutzer) (Daniel)History
[+] 17-02-19 21:46:39 Successfully cleaned Internet Explorer (Benutzer) (Daniel)History
[i] 17-02-19 21:46:39
[i] 17-02-19 21:46:39 Product Cookie
[+] 17-02-19 21:46:39 Moving into quarantine Firefox (Daniel (default))Cookies
[+] 17-02-19 21:46:39 Successfully cleaned Firefox (Daniel (default))Cookies
[i] 17-02-19 21:46:39
[i] 17-02-19 21:46:39 Summary
[i] 17-02-19 21:46:39 Errors while cleaning 0
[i] 17-02-19 21:46:39 Files moved into quarantine 185
[i] 17-02-19 21:46:39 Files successfully cleaned 185

Ich habe auch wie beschrieben jetzt mal FRST laufen lassen .. hier die Log-Ausgabe
FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 25-02-2017
durchgeführt von Daniel (Administrator) auf HIGHLANDER (26-02-2017 20:31:51)
Gestartet von C:\Users\Daniel\Downloads
Geladene Profile: Daniel (Verfügbare Profile: Daniel)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.15\AsusFanControlService.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
() C:\Windows\SysWOW64\spdsvc.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Canon INC.) C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(CANON INC.) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1735288 2016-09-30] (Logitech, Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2012-08-20] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\Run: [DAEMON Tools Lite] => X:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\Run: [STUISpeedLauncher] => C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [411136 2015-02-09] ()
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [151040 2016-07-16] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2016-11-19]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2013-12-13]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2016-11-19]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Steam - Verknüpfung.lnk [2016-02-10]
ShortcutTarget: Steam - Verknüpfung.lnk -> X:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Beschränkung - Windows Defender <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 127.0.0.1			d3oxij66pru1i3.cloudfront.net
Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{27DD6B25-BC9C-4C3E-8FE2-641BBCDC0111}: [DhcpNameServer] 192.168.100.11 192.168.100.12
Tcpip\..\Interfaces\{93abd697-dc98-42c5-8239-078743b5d7f7}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{fc57916e-ea56-438d-8a5b-66a75d23fe17}: [DhcpNameServer] 192.168.192.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/$22/
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1478581348-535765091-3593234125-1001 -> Kein Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default [2017-02-26]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\k40kk53n.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\k40kk53n.default -> hxxps://www.google.de/
FF Extension: (Firebug) - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\Extensions\firebug@software.joehewitt.com.xpi [2016-10-12]
FF Extension: (divx helper) - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\Extensions\{7b0f509e-2df1-4fe9-bcae-93cd2ae17596}.xpi [2015-12-19] [ist nicht signiert]
FF Extension: (Video DownloadHelper) - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-12-30]
FF Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\searchplugins\google-images.xml [2014-10-21]
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\searchplugins\google-maps.xml [2014-10-21]
FF HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\extensions\cliqz@cliqz.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-20] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-20] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\firefox.js [2017-02-12]

Opera: 
=======
OPR Extension: (Kein Name) - C:\Users\Daniel\AppData\Roaming\Opera Software\Opera Stable\Extensions\oiiphhgajcopkkkglmilkjfokamokgni [2017-02-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-12-13] (Adobe Systems) [Datei ist nicht signiert]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-12-07] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-12-07] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2013-12-08] (ASUSTeK Computer Inc.)
U2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.15\AsusFanControlService.exe [1457664 2014-01-11] (ASUSTeK Computer Inc.) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1225216 2015-10-01] ()
R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [218768 2015-06-24] (DTS)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2016-08-11] (Futuremark)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert]
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2017-02-19] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184208 2017-02-19] (Electronic Arts)
R2 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [499000 2016-07-17] ()
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWoW64\SecUPDUtilSvc.exe [143664 2016-12-24] ()
R2 TermService; C:\WINDOWS\system32\rdpwrap.dll [116736 2017-02-13] (Stas'M Corp.) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2012-04-19] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-12-07] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-12-07] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2013-03-04] (MCCI Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2014-05-27] (Disc Soft Ltd)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation)
S3 RimUsb; C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2016-07-16] (Realtek Semiconductor Corporation                           )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-26 20:31 - 2017-02-26 20:32 - 00015683 _____ C:\Users\Daniel\Downloads\FRST.txt
2017-02-26 20:31 - 2017-02-26 20:31 - 00000000 ____D C:\FRST
2017-02-26 20:30 - 2017-02-26 20:30 - 02423296 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe
2017-02-26 20:24 - 2017-02-26 20:24 - 00000000 ___HD C:\OneDriveTemp
2017-02-26 20:12 - 2017-02-26 20:12 - 00000085 _____ C:\WINDOWS\wininit.ini
2017-02-26 20:05 - 2017-02-26 20:05 - 00000000 ____D C:\Users\Daniel\.QtWebEngineProcess
2017-02-20 18:40 - 2017-02-26 11:10 - 00000000 ____D C:\Users\Daniel\Desktop\Neuer Ordner
2017-02-19 21:52 - 2017-02-19 21:52 - 00000000 ___HD C:\$SysReset
2017-02-19 20:08 - 2017-02-19 20:08 - 01426593 _____ C:\Users\Daniel\Downloads\licensecrawler_1.85_build-1566.zip
2017-02-19 18:15 - 2017-02-19 18:16 - 02870984 _____ (ESET) C:\Users\Daniel\Downloads\esetsmartinstaller_deu.exe
2017-02-19 17:39 - 2017-02-19 17:39 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-19 17:33 - 2017-02-19 17:33 - 00000000 ____D C:\Users\Daniel\Documents\ProcAlyzer Dumps
2017-02-19 15:36 - 2017-02-26 20:14 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-02-19 15:36 - 2017-02-26 20:12 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-02-19 15:36 - 2017-02-19 15:36 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-02-19 12:31 - 2017-02-19 15:35 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Daniel\Downloads\spybot-2.4.exe
2017-02-19 12:03 - 2017-02-19 12:03 - 00000000 ____D C:\Users\Daniel\AppData\Local\AdAwareDesktop
2017-02-19 11:46 - 2017-02-19 11:46 - 00000000 ____D C:\Users\Daniel\AppData\Local\AdAwareUpdater
2017-02-19 11:45 - 2017-02-19 11:45 - 00000000 ____D C:\Program Files\Common Files\adaware
2017-02-19 11:44 - 2017-02-19 11:44 - 02546688 _____ C:\Users\Daniel\Downloads\Adaware_Installer.exe
2017-02-13 21:02 - 2017-02-19 14:46 - 00051015 _____ C:\WINDOWS\system32\rdpwrap.ini
2017-02-13 21:02 - 2017-02-13 21:02 - 00116736 _____ (Stas'M Corp.) C:\WINDOWS\system32\rdpwrap.dll
2017-02-12 23:01 - 2017-02-12 23:01 - 00001482 _____ C:\Users\Daniel\Desktop\Penudomataneght.default.lnk
2017-02-12 21:56 - 2017-02-12 21:56 - 00000306 __RSH C:\Users\Daniel\ntuser.pol
2017-02-12 21:33 - 2017-02-12 21:53 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\ProxyGate
2017-02-12 21:32 - 2017-02-12 21:32 - 00594944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\libeay32.dll
2017-02-12 21:32 - 2017-02-12 21:32 - 00152576 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\ssleay32.dll
2017-02-12 21:32 - 2017-02-12 21:32 - 00002052 _____ C:\WINDOWS\System32\Tasks\uLlF2As5l8
2017-02-12 21:31 - 2017-02-12 21:53 - 00000000 ____D C:\Program Files (x86)\GRR242xMGC
2017-02-12 21:30 - 2017-02-12 21:53 - 00000000 ____D C:\Program Files (x86)\Atikationbogot System
2017-02-12 21:30 - 2017-02-12 21:33 - 00000000 ____D C:\WINDOWS\system32\SSL
2017-02-11 19:56 - 2017-02-26 20:22 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashDumps
2017-02-11 19:55 - 2017-02-19 20:37 - 00000000 __SHD C:\jpjiQMOQLhjpjiQMOQLh
2017-02-11 19:55 - 2017-02-19 20:37 - 00000000 ____D C:\Users\Daniel\jpjiQMOQLh
2017-02-11 19:55 - 2017-02-11 19:55 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\MicProCam
2017-02-11 19:55 - 2017-02-11 19:55 - 00000000 ____D C:\Program Files (x86)\Client
2017-02-11 18:14 - 2017-02-11 18:14 - 00000000 ____D C:\Users\Daniel\AppData\Local\sabnzbd
2017-02-10 16:16 - 2017-02-10 16:16 - 03287737 _____ C:\WINDOWS\70c6c8294cb8d4334ed10f21aa6b120e.exe
2017-02-10 16:12 - 2017-02-10 16:12 - 00014040 _____ C:\WINDOWS\system32\Drivers\7d084fb4bdf36fe9254301e9f5290e95.sys
2017-02-09 10:03 - 2017-02-09 10:03 - 00014040 _____ C:\WINDOWS\system32\Drivers\Lace_wpf_x64.sys
2017-02-08 12:37 - 2017-02-08 12:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-02-08 12:36 - 2017-02-08 12:36 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-08 12:36 - 2017-01-04 15:24 - 00222648 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-02-08 12:36 - 2017-01-04 15:24 - 00210360 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-02-08 12:36 - 2016-12-29 14:06 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-08 12:36 - 2016-12-29 13:43 - 00133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-02-08 12:36 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-02-08 12:36 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-02-08 12:36 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-02-08 12:36 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-26 20:30 - 2014-01-11 14:35 - 00000000 _____ C:\WINDOWS\Path.idx
2017-02-26 20:25 - 2013-12-08 17:21 - 01048576 _____ C:\WINDOWS\PE_Rom.dll
2017-02-26 20:24 - 2016-10-02 17:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-26 20:24 - 2016-10-02 16:44 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-26 20:24 - 2014-05-25 19:28 - 00000000 __RDO C:\Users\Daniel\OneDrive
2017-02-26 20:23 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-02-26 20:05 - 2016-10-02 16:48 - 00000000 ____D C:\Users\Daniel
2017-02-26 20:05 - 2014-12-14 19:45 - 00000000 ____D C:\ProgramData\Origin
2017-02-26 13:08 - 2016-10-02 16:42 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-26 11:04 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-26 11:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-25 10:56 - 2013-12-25 11:08 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-25 07:08 - 2014-08-25 18:10 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-24 19:45 - 2016-12-14 20:34 - 00000000 ____D C:\Users\Daniel\dwhelper
2017-02-23 18:28 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 18:27 - 2013-12-08 16:48 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 18:24 - 2013-12-08 16:48 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-20 15:48 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-20 01:25 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-20 01:25 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-19 20:47 - 2016-10-02 16:42 - 00346672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-19 19:53 - 2014-05-26 16:41 - 00000000 ____D C:\ProgramData\Apple
2017-02-19 19:53 - 2014-05-26 16:41 - 00000000 ____D C:\Program Files\Common Files\Apple
2017-02-19 19:48 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-19 19:47 - 2016-04-11 20:11 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2017-02-19 15:28 - 2014-03-23 09:41 - 00000000 ____D C:\Program Files (x86)\Origin
2017-02-19 11:37 - 2016-07-16 23:51 - 01045548 _____ C:\WINDOWS\system32\perfh007.dat
2017-02-19 11:37 - 2016-07-16 23:51 - 00246560 _____ C:\WINDOWS\system32\perfc007.dat
2017-02-19 11:37 - 2015-09-01 16:21 - 02489702 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-19 11:32 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\GameBarPresenceWriter
2017-02-18 23:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\IME
2017-02-15 21:59 - 2013-12-07 22:27 - 00000000 ____D C:\Users\Daniel\AppData\Local\Packages
2017-02-14 21:08 - 2016-10-12 19:06 - 00000000 ____D C:\WINDOWS\PCHEALTH
2017-02-12 22:48 - 2015-06-02 20:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-12 22:43 - 2014-09-21 13:48 - 00000000 ___RD C:\Users\Daniel\Desktop\Bewerbungen
2017-02-12 22:14 - 2013-12-08 08:05 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-02-12 21:33 - 2015-09-01 20:12 - 00000306 __RSH C:\ProgramData\ntuser.pol
2017-02-12 21:33 - 2013-08-22 16:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-02-12 20:36 - 2015-01-11 15:04 - 00000000 ____D C:\Users\Daniel\AppData\Local\Ubisoft Game Launcher
2017-02-08 12:37 - 2016-10-02 16:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-08 12:36 - 2016-10-02 16:44 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-08 12:36 - 2016-10-02 16:44 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-12-08 19:48 - 2013-12-24 11:01 - 0000600 _____ () C:\Users\Daniel\AppData\Local\PUTTY.RND
2013-12-08 13:43 - 2013-12-08 13:43 - 0000017 _____ () C:\Users\Daniel\AppData\Local\resmon.resmoncfg
2015-10-19 21:01 - 2015-10-19 21:01 - 0000011 _____ () C:\ProgramData\.tv7
2016-10-02 16:44 - 2016-10-02 16:44 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-02-18 23:51

==================== Ende von FRST.txt ============================

--- --- ---

Ich bin dankbar für jede Hilfe!

Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili)

Plagegeister aller Art und deren Bekämpfung: Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili)

Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili)

Ähnliche Themen: Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili)