| |
| |||||||
Log-Analyse und Auswertung: TR/Ransom.Blocker mein OTL-LogWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
24.07.2013, 11:04
| #1 |
| |  TR/Ransom.Blocker mein OTL-Log Hi! Ich bitte um schnelle Hilfe, sitze gerade bei der Arbeit und hab in den ersten 2 Stunden schon nichts auf die Reihe bekommen, weil ich mit einem Blöden Trojaner am kämpfen bin.. Hab schon seit ein paar Tagen so nervige Werbung-Pop-Ups und angebliche Spyware-Warnungen, ich habe es ignoriert aber mittlerweile nervt es nur noch und ich habs mit einer Systemwiederherstellung versucht, welche nicht funktioniert.. Dann bin ich hier im Forum auf Threads gestoßen und ich komm nach dem Schritt "Wenn der Scan beendet wurde werden 2 Logfiles erstellt" nicht weiter, da der nächste ja ist diese hier zu posten, also hab ich mich hier mal eben fix angemeldet. und zwar meine Logfiles: Code:
ATTFilter OTL logfile created on: 24.07.2013 11:18:23 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\*****\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16635) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,68 Gb Total Physical Memory | 1,61 Gb Available Physical Memory | 43,84% Memory free 7,36 Gb Paging File | 4,93 Gb Available in Paging File | 66,99% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 284,99 Gb Total Space | 207,07 Gb Free Space | 72,66% Space Free | Partition Type: NTFS Computer Name: **** | User Name: **** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\*****\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Feven\Feven-bg.exe (Feven) PRC - C:\Program Files (x86)\Desk 365\deskSvc.exe (337 Technology Limited.) PRC - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-bg.exe (Plus HD) PRC - C:\Program Files (x86)\Iminent\Iminent.exe (Iminent) PRC - C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (Iminent) PRC - C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe (Iminent) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Users\*****\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit) PRC - C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe (Conduit) PRC - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe (Wajam) PRC - C:\Users\****\AppData\Local\Temp\OCS\Downloads\3fb4024f7caf3a01809ef819569822ba\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe () PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask) PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE (Microsoft Corporation.) PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE (Microsoft Corporation.) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe (Symantec Corporation) PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) PRC - C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation) PRC - C:\Windows\SysWOW64\bgsvcgen.exe (B.H.A Corporation) PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (ArcSoft Inc.) PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.) PRC - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe (NewTech Infosystems, Inc.) PRC - C:\Windows\PLFSetI.exe () PRC - C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe (Suyin) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer Group) PRC - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe (Acer Incorporated) PRC - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\AAVUpdateManager\aavus.exe () PRC - C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe () ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\46ffea70a355d5d07ede578e9bdcb44d\System.Web.Services.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\1489265c93f726f72f59fa268b99af37\System.IdentityModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\1fd03dbce5fb842598861bcc46d549a2\System.ServiceModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\16370ff17b53dc819a7ef78ac87f2901\System.Configuration.Install.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\faa947d3cf5ddf23a46cf292df004a35\System.EnterpriseServices.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\faa947d3cf5ddf23a46cf292df004a35\System.EnterpriseServices.Wrapper.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\5ec5f80f35fbc6665e2eddb7711a8410\System.Transactions.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\da2cc25eb270a9d8607ab7486f3ce890\System.Runtime.DurableInstancing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\6b3adc90b6f811b557d290e1436e7ff8\System.Runtime.Serialization.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\8a26ba5b45d30874fbebb0a475b22a75\SMDiagnostics.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\e8aafadcd1fc0f8f406434176fb97477\System.Xaml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlServ#\506097a16e352b6e17066da406fd718b\System.Data.SqlServerCe.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\8c97feff81aeabb05fe8c4ebeb460e29\System.Data.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\c57eba08ab60f48e7d57228849d92a34\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\89fe719039385377f6b5ad8d0070aa6b\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c25666b99761bc42322bae2e59968df8\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\45e4072bdc78b50abd6a5f28386e8153\IAStorUtil.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\6ea5ee4386d67f4b432a27c40fbff93c\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4787bb699ed4291859fb86f15d793add\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\a77cef85535aec07317e7b1a302365c1\System.Data.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\4c152db66c5438fbf9e3975858dde0bc\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\8d9db55b1eef7728c04fb1ec500089c6\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\d3c944049319ebe51e939c9342f0bcc2\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\91c185bd043af039dcdc93e3fcf87f3d\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\256b7bb1216345c5a66ced50c1cf239d\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\a1c174e579c9ad4e5b6eeed8a58a721b\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\8a6d1c8abeb8eb82f06c7d075130cc67\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll () MOD - C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll () MOD - C:\Program Files (x86)\Mozilla Thunderbird\nsldap32v60.dll () MOD - C:\Program Files (x86)\Mozilla Thunderbird\nsldappr32v60.dll () MOD - C:\ProgramData\DNSErrorHelper\bho.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\sqlite3.dll () MOD - C:\Windows\PLFSetI.exe () MOD - C:\Program Files (x86)\VideoWebCamera\VWC_ENG.dll () MOD - C:\Program Files (x86)\VideoWebCamera\sy_Utility.dll () MOD - C:\Program Files (x86)\Launch Manager\CdDirIo.dll () ========== Services (SafeList) ========== SRV:64bit: - (dfrgui32) -- C:\Windows\SysNative\provuhrd.exe () SRV:64bit: - (GFilterSvc) -- C:\Windows\SysNative\GFilterSvc.exe () SRV - (desksvc) -- C:\Program Files (x86)\Desk 365\deskSvc.exe (337 Technology Limited.) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (SProtection) -- C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe (Iminent) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (CltMngSvc) -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe (Conduit) SRV - (WajamUpdater) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe (Wajam) SRV - (AddonsHelper) -- C:\Users\Ulrike\AppData\Local\Temp\OCS\Downloads\3fb4024f7caf3a01809ef819569822ba\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe () SRV - (SearchAnonymizer) -- C:\Users\*****\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe () SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE (Microsoft Corporation.) SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE (Microsoft Corporation.) SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (NIS) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe (Symantec Corporation) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.) SRV - (bgsvcgen) -- C:\Windows\SysWOW64\bgsvcgen.exe (B.H.A Corporation) SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe (NewTech Infosystems, Inc.) SRV - (ePowerSvc) -- C:\Programme\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (Acer Incorporated) SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (Updater Service) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer Group) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (GREGService) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe (Acer Incorporated) SRV - (TurboBoost) -- C:\Programme\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation) SRV - (AdobeActiveFileMonitor8.0) -- c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated) SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (AAV UpdateService) -- C:\Program Files (x86)\AAVUpdateManager\aavus.exe () SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe () ========== Driver Services (SafeList) ========== DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation) DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation) DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation) DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation) DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symnets.sys (Symantec Corporation) DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1207020.003\srtsp64.sys (Symantec Corporation) DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\NISx64\1207020.003\srtspx64.sys (Symantec Corporation) DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symefa64.sys (Symantec Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symds64.sys (Symantec Corporation) DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NISx64\1207020.003\ironx64.sys (Symantec Corporation) DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys () DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.) DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20130723.017\ex64.sys (Symantec Corporation) DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20130723.017\eng64.sys (Symantec Corporation) DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20130723.001\IDSviA64.sys (Symantec Corporation) DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20130715.001\BHDrvx64.sys (Symantec Corporation) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\URLSearchHook: {66a449dc-6b1d-4187-a4f1-b335d3da5365} - C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.) IE - HKLM\..\SearchScopes,DefaultScope = {3EEA657D-134D-4F52-AFA1-29D58E5955FD} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox IE - HKLM\..\SearchScopes\{2059CF48-25F3-40d7-9D37-24A3142FD20B}: "URL" = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=3379&q={searchTerms}&rp=&s_it=adknowledge_de-ie&s_qt=sb&tb_uuid=AD0D6D20F9E8477BA54A4FBBB0DA3262&tb_oid=13-07-2013&tb_mrud=13-07-2013 IE - HKLM\..\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}: "URL" = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197&type=ds2se&d IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119828&tt=040713_xmlful&tsp=4936 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?ctid=CT3297265&octid=CT3297265&SearchSource=61&CUI=UN24652495911641414&UM=2&UP=SP9EBFC968-E412-4D30-B7CB-557515C2C7D7 IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) IE - HKCU\..\URLSearchHook: {66a449dc-6b1d-4187-a4f1-b335d3da5365} - C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.) IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes,DefaultScope = {3EEA657D-134D-4F52-AFA1-29D58E5955FD} IE - HKCU\..\SearchScopes\{07A64CD7-7415-43A8-963F-DF9ABF56354C}: "URL" = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=178b965e-f61b-44d0-8390-e5f443f82baa&pid=winsoftware&mode=bounce&k=0 IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1E7E5CAC4C3D18C9&affID=120519&tsp=4952 IE - HKCU\..\SearchScopes\{2059CF48-25F3-40d7-9D37-24A3142FD20B}: "URL" = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=3379&q={searchTerms}&rp=&s_it=adknowledge_de-ie&s_qt=sb&tb_uuid=AD0D6D20F9E8477BA54A4FBBB0DA3262&tb_oid=13-07-2013&tb_mrud=13-07-2013 IE - HKCU\..\SearchScopes\{3EEA657D-134D-4F52-AFA1-29D58E5955FD}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3297265&CUI=UN24652495911641414&UM=2 IE - HKCU\..\SearchScopes\{44A7C8CF-3553-4A05-B004-2822F1E00BCB}: "URL" = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=178b965e-f61b-44d0-8390-e5f443f82baa&pid=winsoftware&mode=bounce&k=0 IE - HKCU\..\SearchScopes\{6FA1E689-BEE7-407B-8AF1-6AD885CB1998}: "URL" = [String data over 1000 bytes] IE - HKCU\..\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}: "URL" = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197&type=ds2se&d IE - HKCU\..\SearchScopes\{7D2283C1-8D84-4FA8-865E-AF6E1A9C04F0}: "URL" = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=178b965e-f61b-44d0-8390-e5f443f82baa&pid=winsoftware&mode=bounce&k=0 IE - HKCU\..\SearchScopes\{95B2B476-0BA4-429D-A79E-2E729F0A2EE4}: "URL" = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=178b965e-f61b-44d0-8390-e5f443f82baa&pid=winsoftware&mode=bounce&k=0 IE - HKCU\..\SearchScopes\{9AB71EB6-8F10-46F3-84E8-B877B9BDBC73}: "URL" = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=178b965e-f61b-44d0-8390-e5f443f82baa&pid=winsoftware&mode=bounce&k=0 IE - HKCU\..\SearchScopes\{9B0BA1C1-9ECE-4BBA-8160-F2A63DA6C3AE}: "URL" = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=178b965e-f61b-44d0-8390-e5f443f82baa&pid=winsoftware&mode=bounce&k=0 IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_uid=4814424113754787&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@t-immersion.com/DFusionHomeWebPlugIn: C:\Program Files (x86)\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll (Total Immersion) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.12.05 23:24:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\IPSFFPlgn\ [2013.07.23 03:22:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\coFFPlgn_2011_7_13_2 [2013.07.24 11:00:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.07.15 11:14:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2013.07.23 02:20:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.7\extensions\\Components: kernel32::GetLongPathNameW(w R8, w .R7, i 1024)i .R6\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.7\extensions\\Plugins: kernel32::GetLongPathNameW(w R8, w .R7, i 1024)i .R6\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.12.05 23:24:55 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.7\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.07.15 11:14:30 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2013.07.23 02:20:57 | 000,000,000 | ---D | M] [2013.06.10 10:16:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Extensions [2013.07.07 10:47:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions ========== Chrome ========== CHR - default_search_provider: Conduit (Enabled) CHR - default_search_provider: search_url = hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN11141895337669174&ctid=CT3297265&UM=2 CHR - default_search_provider: suggest_url = hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}&CUI=UN11141895337669174&UM=2 CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: D'Fusion @Home Web Plug-In (3.10.17859) (Enabled) = C:\Program Files (x86)\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll CHR - Extension: Delta Toolbar = C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0\ CHR - Extension: Feven = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\crossrider CHR - Extension: Feven = C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\ CHR - Extension: DivX Browser Bar DE = C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkoahcaobjbihehldfimhblmhgalcipm\10.16.2.10_0\ CHR - Extension: Plus-HD-2.5 = C:\Users\Ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.23.8_0\crossrider CHR - Extension: Plus-HD-2.5 = C:\Users\Ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.23.8_0\ CHR - Extension: Wajam = C:\Users\Ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (Feven) - {11111111-1111-1111-1111-110311151154} - C:\Program Files (x86)\Feven\Feven-bho.dll (Feven) O2 - BHO: (Plus-HD-2.5) - {11111111-1111-1111-1111-110311341138} - C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-bho.dll (Plus HD) O2 - BHO: (AOL Deutschland Toolbar Loader) - {2d3b1910-86c2-4d4b-b1db-124b3ea35bef} - C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (DNS Error Helper) - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll () O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent) O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam) O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (AOL Deutschland Toolbar) - {567d4d94-8077-4682-b887-945f3d644116} - C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (AOL Deutschland Toolbar) - {567D4D94-8077-4682-B887-945F3D644116} - C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4:64bit: - HKLM..\Run: [ETDWare] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Ocs_SM] C:\Users\Ulrike\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe File not found O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe (Iminent) O4 - HKLM..\Run: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (Iminent) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation) O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe (Conduit) O4 - HKLM..\Run: [VideoWebCamera] C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe (Suyin) O4 - HKCU..\Run: [Desk 365] C:\Program Files (x86)\Desk 365\desk365.exe (337 Technology Limited.) O4 - HKCU..\Run: [SearchProtect] C:\Users\Ulrike\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit) O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil64_11_7_700_224_ActiveX.exe -update activex File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{503D6209-006C-4248-A448-A3950F20B94D}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA80D2BC-0D3E-40DD-87AB-7F9C62C57F22}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{5ad33193-e371-11df-88e7-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{5ad33193-e371-11df-88e7-806e6f6e6963}\Shell\AutoRun\command - "" = D:\FSetup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.07.24 11:16:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\****\Desktop\OTL.exe [2013.07.24 10:42:41 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013.07.23 19:35:46 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT [2013.07.23 02:26:17 | 000,000,000 | ---D | C] -- C:\Program Files\Uninstaller [2013.07.23 02:25:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tuguu SL [2013.07.23 02:25:11 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\player [2013.07.23 02:19:05 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2013.07.23 02:18:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared [2013.07.23 02:17:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit [2013.07.23 02:16:52 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Conduit [2013.07.23 02:16:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect [2013.07.23 02:16:09 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\SearchProtect [2013.07.23 02:15:49 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\CRE [2013.07.23 02:15:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\337 [2013.07.23 02:14:53 | 000,081,768 | ---- | C] (Conduit) -- C:\ministub.exe [2013.07.23 02:14:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365 [2013.07.23 02:14:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Conduit [2013.07.23 02:14:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX [2013.07.23 02:14:26 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Desk 365 [2013.07.23 02:14:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Desk 365 [2013.07.23 02:13:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Feven [2013.07.23 02:11:48 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2013.07.21 18:29:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared [2013.07.21 18:11:26 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Tific [2013.07.21 18:11:23 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\Symantec [2013.07.21 18:11:14 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\CrashDumps [2013.07.21 18:09:36 | 000,173,616 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS [2013.07.21 18:09:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared [2013.07.21 18:09:36 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec [2013.07.17 00:47:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager [2013.07.16 22:08:22 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\vlc [2013.07.16 22:02:55 | 000,000,000 | ---D | C] -- C:\ProgramData\TorchCrashHandler [2013.07.16 22:02:45 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch [2013.07.16 22:02:20 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\Torch [2013.07.16 21:57:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Datamngr [2013.07.16 21:57:22 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\iLivid [2013.07.15 11:14:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird [2013.07.13 20:12:44 | 000,000,000 | -HSD | C] -- C:\found.000 [2013.07.13 15:05:47 | 000,000,000 | ---D | C] -- C:\Lxk2200 [2013.07.13 14:52:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileOpenerPro [2013.07.13 14:51:18 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\VisualBeeClient [2013.07.13 14:50:55 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\AOL Deutschland Toolbar [2013.07.13 14:50:50 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\VisualBeeExe [2013.07.13 14:50:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plus-HD-2.5 [2013.07.13 14:49:57 | 000,000,000 | ---D | C] -- C:\ProgramData\VisualBee [2013.07.13 14:49:55 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\emaze [2013.07.13 14:49:13 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam [2013.07.13 14:49:13 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\Wajam [2013.07.13 14:49:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wajam [2013.07.13 14:49:02 | 000,000,000 | ---D | C] -- C:\ProgramData\AOL Deutschland Toolbar [2013.07.13 14:49:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AOL Deutschland Toolbar [2013.07.13 14:48:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Software Update Utility [2013.07.12 19:11:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins [2013.07.12 19:11:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions [2013.07.12 17:02:06 | 000,069,120 | R--- | C] (AVM Berlin) -- C:\Windows\SysWow64\avmadd32.dll [2013.07.12 17:02:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Box [2013.07.12 17:01:43 | 000,016,384 | R--- | C] (AVM Berlin GmbH) -- C:\Windows\SysWow64\avmprmon.dll [2013.07.12 17:01:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FRITZ!BoxPrint [2013.07.12 17:01:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FRITZ!Box [2013.07.10 19:11:28 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.07.10 19:11:28 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.07.10 19:11:27 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.07.10 19:11:27 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.07.10 19:11:27 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.07.10 19:11:27 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.07.10 19:11:27 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.07.10 19:11:27 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.07.10 19:11:27 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.07.10 19:11:27 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.07.10 19:11:27 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.07.10 19:11:24 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.07.10 19:11:24 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.07.10 19:11:24 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.07.10 19:11:23 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.07.10 15:34:58 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\WinRAR [2013.07.10 15:34:58 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.07.10 15:34:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.07.10 15:34:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR [2013.07.10 11:10:54 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll [2013.07.10 11:10:54 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll [2013.07.10 11:10:52 | 001,887,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL [2013.07.10 11:10:52 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL [2013.07.10 11:10:22 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013.07.07 10:52:08 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\gramps [2013.07.07 10:51:21 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GrampsAIO [2013.07.07 10:49:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GrampsAIO32 [2013.07.07 10:49:51 | 000,000,000 | ---D | C] -- C:\Users\Ulrike\AppData\Roaming\Iminent [2013.07.07 10:49:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Iminent [2013.07.07 10:49:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent [2013.07.07 10:49:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Umbrella [2013.07.07 10:48:16 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender [2013.07.07 10:48:10 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserDefender [2013.07.07 10:47:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Delta [2013.07.07 10:47:57 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\BabSolution [2013.07.07 10:47:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.07.07 10:47:56 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Delta [2013.07.07 10:47:14 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Babylon [2013.07.07 10:47:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon [2011.08.28 11:24:51 | 000,135,168 | -HS- | C] (Bitchecksum Technologies) -- C:\Users\*****\dxfaotdp.exe [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Users\*****\AppData\Local\*.tmp files -> C:\Users\Ulrike\AppData\Local\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.07.24 11:16:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\*****\Desktop\OTL.exe [2013.07.24 11:11:32 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.07.24 11:11:32 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.07.24 10:59:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.07.24 10:58:31 | 631,716,993 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.07.24 10:58:21 | 2962,259,968 | -HS- | M] () -- C:\hiberfil.sys [2013.07.24 10:03:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.07.24 10:01:01 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.07.24 09:29:02 | 000,001,906 | ---- | M] () -- C:\Windows\tasks\Plus-HD-2.5-chromeinstaller.job [2013.07.24 09:28:58 | 000,001,196 | ---- | M] () -- C:\Windows\tasks\Plus-HD-2.5-updater.job [2013.07.24 09:28:57 | 000,001,200 | ---- | M] () -- C:\Windows\tasks\Plus-HD-2.5-codedownloader.job [2013.07.24 09:28:57 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\Plus-HD-2.5-enabler.job [2013.07.23 20:14:04 | 000,001,160 | ---- | M] () -- C:\Windows\tasks\Feven-updater.job [2013.07.23 20:14:01 | 000,001,164 | ---- | M] () -- C:\Windows\tasks\Feven-codedownloader.job [2013.07.23 20:14:01 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\Feven-enabler.job [2013.07.23 20:13:04 | 000,001,860 | ---- | M] () -- C:\Windows\tasks\Feven-chromeinstaller.job [2013.07.23 20:09:52 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.07.23 19:35:20 | 001,592,818 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.07.23 19:35:20 | 000,697,542 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.07.23 19:35:20 | 000,652,820 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.07.23 19:35:20 | 000,148,548 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.07.23 19:35:20 | 000,121,494 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.07.23 19:35:14 | 001,592,818 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.07.23 12:47:48 | 088,425,338 | ---- | M] () -- C:\Users\*****\Desktop\splash! Mag präsentiert_The Notorious H.A.F.T (1).rar [2013.07.23 11:59:50 | 000,000,875 | ---- | M] () -- C:\Users\Ulrike\AppData\Local\recently-used.xbel [2013.07.23 03:19:04 | 000,379,448 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.07.23 02:18:03 | 000,000,009 | ---- | M] () -- C:\END [2013.07.23 02:14:56 | 000,081,768 | ---- | M] (Conduit) -- C:\ministub.exe [2013.07.22 23:32:01 | 002,647,984 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1207020.003\Cat.DB [2013.07.21 18:09:36 | 000,173,616 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS [2013.07.21 18:09:36 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT [2013.07.21 18:09:36 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF [2013.07.19 15:51:00 | 000,000,432 | ---- | M] () -- C:\Windows\BRWMARK.INI [2013.07.16 22:02:20 | 000,000,791 | ---- | M] () -- C:\Windows\wininit.ini [2013.07.14 14:18:01 | 000,000,982 | ---- | M] () -- C:\Users\*****\Desktop\FRITZ!Box Benutzeroberfläche.lnk [2013.07.13 19:37:25 | 001,084,727 | ---- | M] () -- C:\Users\*****\AppData\Local\2433f433 [2013.07.13 19:37:25 | 001,084,699 | ---- | M] () -- C:\Users\****\AppData\Roaming\2433f433 [2013.07.13 19:37:25 | 001,084,655 | ---- | M] () -- C:\ProgramData\2433f433 [2013.07.13 14:54:23 | 000,002,058 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2013.07.13 14:49:55 | 000,001,228 | ---- | M] () -- C:\Users\*****\Desktop\Create Amazing Presentations.lnk [2013.07.13 14:48:57 | 000,000,000 | ---- | M] () -- C:\extensions.sqlite [2013.07.13 05:56:11 | 000,002,155 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.07.10 09:31:13 | 000,117,760 | ---- | M] () -- C:\Windows\SysNative\provuhrd.exe [2013.07.07 10:51:21 | 000,002,096 | ---- | M] () -- C:\Users\***\Desktop\GrampsAIO32 3.4.5-1 Console.lnk [2013.07.07 10:51:21 | 000,002,093 | ---- | M] () -- C:\Users\***\Desktop\GrampsAIO32 3.4.5-1.lnk [2013.07.07 10:49:39 | 000,001,530 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog [2013.07.07 10:47:14 | 000,121,856 | ---- | M] () -- C:\Windows\SysNative\GFilterSvc0.exe [2013.07.07 10:47:14 | 000,121,856 | ---- | M] () -- C:\Windows\SysNative\GFilterSvc.exe [2013.06.27 15:36:30 | 000,083,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys [2013.06.26 13:31:50 | 000,000,034 | ---- | M] () -- C:\Windows\SysWow64\BD2030.DAT [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Users\****\AppData\Local\*.tmp files -> C:\Users\***AppData\Local\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.07.24 10:42:20 | 631,716,993 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013.07.23 12:46:59 | 088,425,338 | ---- | C] () -- C:\Users\****\Desktop\splash! Mag präsentiert_The Notorious H.A.F.T (1).rar [2013.07.23 11:59:50 | 000,000,875 | ---- | C] () -- C:\Users\****\AppData\Local\recently-used.xbel [2013.07.23 02:14:58 | 000,001,160 | ---- | C] () -- C:\Windows\tasks\Feven-updater.job [2013.07.23 02:14:52 | 000,001,064 | ---- | C] () -- C:\Windows\tasks\Feven-enabler.job [2013.07.23 02:14:34 | 000,001,164 | ---- | C] () -- C:\Windows\tasks\Feven-codedownloader.job [2013.07.23 02:14:19 | 000,000,009 | ---- | C] () -- C:\END [2013.07.23 02:13:31 | 000,001,860 | ---- | C] () -- C:\Windows\tasks\Feven-chromeinstaller.job [2013.07.21 18:09:36 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT [2013.07.21 18:09:36 | 000,000,854 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF [2013.07.16 22:02:55 | 000,001,396 | ---- | C] () -- C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk [2013.07.16 22:02:19 | 000,001,058 | ---- | C] () -- C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk [2013.07.14 14:18:01 | 000,000,982 | ---- | C] () -- C:\Users/****\Desktop\FRITZ!Box Benutzeroberfläche.lnk [2013.07.13 19:37:25 | 001,084,727 | ---- | C] () -- C:\Users/****\AppData\Local\2433f433 [2013.07.13 19:37:25 | 001,084,699 | ---- | C] () -- C:\Users\*****\AppData\Roaming\2433f433 [2013.07.13 19:37:25 | 001,084,655 | ---- | C] () -- C:\ProgramData\2433f433 [2013.07.13 14:50:39 | 000,001,196 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.5-updater.job [2013.07.13 14:50:37 | 000,001,100 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.5-enabler.job [2013.07.13 14:50:35 | 000,001,200 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.5-codedownloader.job [2013.07.13 14:50:21 | 000,001,906 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.5-chromeinstaller.job [2013.07.13 14:49:55 | 000,001,228 | ---- | C] () -- C:\Users\****\Desktop\Create Amazing Presentations.lnk [2013.07.13 14:49:55 | 000,001,228 | ---- | C] () -- C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk [2013.07.13 14:48:57 | 000,000,000 | ---- | C] () -- C:\extensions.sqlite [2013.07.07 10:51:21 | 000,002,096 | ---- | C] () -- C:\Users\****\Desktop\GrampsAIO32 3.4.5-1 Console.lnk [2013.07.07 10:51:21 | 000,002,093 | ---- | C] () -- C:\Users\****\Desktop\GrampsAIO32 3.4.5-1.lnk [2013.07.07 10:47:14 | 000,121,856 | ---- | C] () -- C:\Windows\SysNative\GFilterSvc0.exe [2013.07.07 10:47:14 | 000,121,856 | ---- | C] () -- C:\Windows\SysNative\GFilterSvc.exe [2013.07.07 10:47:14 | 000,117,760 | ---- | C] () -- C:\Windows\SysNative\provuhrd.exe [2013.07.07 10:45:56 | 000,002,155 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.07.04 12:07:56 | 015,081,830 | ---- | C] () -- C:\Users\****\Desktop\Unbenannt.png [2013.06.10 10:44:29 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI [2013.06.10 10:44:29 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD2030.DAT [2012.12.17 23:15:19 | 000,000,791 | ---- | C] () -- C:\Windows\wininit.ini [2012.10.12 21:06:54 | 083,023,306 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad [2012.05.19 12:11:44 | 000,000,460 | ---- | C] () -- C:\Windows\iScreensaver.ini [2012.03.03 14:34:32 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2012.01.29 13:17:27 | 000,000,172 | ---- | C] () -- C:\Windows\PhEdit.INI [2012.01.29 12:15:16 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat [2012.01.29 12:15:16 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat [2012.01.29 12:15:16 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat [2012.01.29 12:15:16 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat [2012.01.29 12:15:16 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat [2012.01.29 12:15:16 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat [2012.01.29 12:15:16 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat [2012.01.29 12:15:16 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat [2012.01.29 12:15:16 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat [2012.01.29 12:15:16 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat [2012.01.29 12:15:16 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat [2012.01.29 12:15:16 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat [2012.01.29 12:15:16 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat [2012.01.29 12:15:16 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat [2012.01.29 12:15:16 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat [2012.01.29 12:15:16 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat [2012.01.29 12:15:16 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat [2012.01.29 12:15:16 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat [2012.01.29 12:15:16 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini [2011.12.05 23:14:32 | 000,225,911 | ---- | C] () -- C:\Windows\hpoins39.dat [2011.08.30 17:36:46 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib [2011.08.29 13:18:13 | 001,592,818 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.08.26 15:21:19 | 000,001,332 | ---- | C] () -- C:\Users\****\AppData\Local\36234BF3.il [2011.08.26 15:21:19 | 000,000,240 | ---- | C] () -- C:\Users\****\AppData\Local\IndexIE_36234BF3.il ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > Code:
ATTFilter OTL Extras logfile created on: 24.07.2013 11:18:23 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,68 Gb Total Physical Memory | 1,61 Gb Available Physical Memory | 43,84% Memory free
7,36 Gb Paging File | 4,93 Gb Available in Paging File | 66,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284,99 Gb Total Space | 207,07 Gb Free Space | 72,66% Space Free | Partition Type: NTFS
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04638FC2-2BB2-4C04-B986-75A6B2EE1D37}" = lport=445 | protocol=6 | dir=in | app=system |
"{05FAF969-AC93-48D7-A058-B163AB21F0CA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{14345213-3E3B-4D78-827D-C82C8DB9D5F6}" = lport=139 | protocol=6 | dir=in | app=system |
"{1A307C32-545A-42C5-BDDD-F2DAC804ABB5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2CE0DDB3-F951-42A3-89B0-0A7499393998}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3933E8CC-E9FC-4A3C-ABBB-05937A1EC83F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3AE327AE-973F-4F23-878C-40F5A95CAB01}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{628AD164-FC57-45D2-AEEC-EEBCAEE6DA78}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{632A67E4-2CAF-43B7-AAC2-4C4B7292FBE5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{63D0CE95-BE3C-465A-87CC-35FCB65347A3}" = rport=138 | protocol=17 | dir=out | app=system |
"{6F9510D0-18D2-4992-8C56-5E3D2D4DC017}" = rport=10243 | protocol=6 | dir=out | app=system |
"{88B81C73-8A67-4145-9C78-DB8D40381D9D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9EC72300-25AA-4D5F-A0A8-D56405CE8864}" = rport=445 | protocol=6 | dir=out | app=system |
"{A4960369-2D2C-4B26-BD09-69D704B5D35D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A87460AA-6F43-444C-A752-9F4BCEA27B84}" = rport=137 | protocol=17 | dir=out | app=system |
"{AAA89FC5-DA2E-4989-B9E4-FF080A2C7536}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B0716595-6637-410C-8916-A6A07EF06B65}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B850AA39-365D-4691-A898-F130AEE191CB}" = lport=138 | protocol=17 | dir=in | app=system |
"{C205897D-EBF2-4C32-A2BA-A5DA93226E41}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C4901D25-73EA-47A3-B432-EA35C7010B7A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C73DDFDE-F8E2-4562-A2C5-CB05417FCFAE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C8FBCEF1-065C-4A84-85E6-B2B73B65815C}" = rport=139 | protocol=6 | dir=out | app=system |
"{D4023FE9-BE5B-41BD-8C77-0143983C30DB}" = lport=137 | protocol=17 | dir=in | app=system |
"{D67B86E7-8B23-4B60-9907-A5C527C39D2C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E2E03B9B-4A7C-400B-BE6F-7BA8A747CD57}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0517CCBA-8EBD-4F8B-9C68-551788DD904B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0B49C3FB-DC7F-4A23-8EB4-1E4D5CEA8C51}" = dir=in | app=c:\program files (x86)\iminent\iminent.exe |
"{1701F61A-0501-4924-9D49-981A699D69C2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{174022C1-1846-4D9C-8818-36A0D283EB43}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{23C34849-2D06-4621-9209-9AE947A70823}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{2D414E05-FD26-4986-8C8E-A91966BABCE7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{2D8FF3E7-4DDF-4037-9043-0634B35E5410}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3F75363D-2675-46B4-AEA0-89E9352946FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4961FF8B-3039-42A5-B89E-AF52E6258A2A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4CDDD92B-5966-4D85-B2EE-FC099F21E691}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5EC3F547-A5BC-4F96-A4C1-EFA444EB7E7A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{69ECAD8B-9D85-44D4-BE6F-980ADDF7DDD6}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{6BAEB539-77B8-408B-B41E-828457BDA41D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{71677C97-B407-4129-AB17-3E1635F7AE85}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{71FA82FC-7FF1-4211-BD60-1F707FF99C62}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{72C8F26D-A923-49CA-8F3A-C0109DC3DE53}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7424B53D-5099-4D9F-AF0B-610058C9D759}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7CB80DC1-EB4F-4F47-B7B3-EF0C66F204A3}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{868F67C3-B5FC-4E6B-BEB1-D2316929D34B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8F5FE122-2D11-4993-9A1A-AF945CAE60E8}" = dir=in | app=c:\program files (x86)\iminent\iminent.messengers.exe |
"{938793E7-C71D-45EF-B212-4709501793CB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{94086AD1-8788-48A1-8587-B2B12A7C962D}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{9FFA1926-C5D0-4C4B-BC92-09F7AFA95A35}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{A5149227-6265-4A7B-A3D1-DC12A73F3C56}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A707B28E-6D0E-4EC3-820F-CBEBEE011A94}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{AA75B322-0E1B-43C9-81EE-2CB42CCD576F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{AAA7C5F5-90AD-4425-B095-97D53BE39C0E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B5057339-ADB8-4AAA-A6F3-32E4D1CCBEC3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{BBBB4ABF-AED3-4C54-A11D-AA5F3EEF9566}" = protocol=6 | dir=out | app=system |
"{D1243AF1-6F05-4578-AAC1-3B0D0346FC2D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{DC3559DC-E0A3-4F2B-A1C1-77AF6190453B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DCFDBE2E-58DE-4609-8797-6C247BF3284A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E6436D64-7D65-4640-9C80-BE409BC222D3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E673C3A2-FAF4-4311-AE5A-8983BD7A1BF2}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EF38BE27-3027-4260-BA2C-24FFFFBF0185}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{F004071B-0137-4010-80EE-CE841B11C137}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{F6688968-659F-4F66-A416-F6F09DD53291}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{FB4F7EAC-41D3-43E8-98C6-F4EBBED672A0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{FBF41532-827E-4475-9114-8375DF501842}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{FEA05E82-AA1F-4D1A-9BAD-D9122FDC7D70}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{7DFCE8BD-ED5A-4434-B165-07C187EF2D5F}C:\program files (x86)\adobe\elements organizer 8.0\adobephotoshopelementsmediaserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\elements organizer 8.0\adobephotoshopelementsmediaserver.exe |
"UDP Query User{C590A0DD-A5B5-43BC-BAE3-A14C73E2D88E}C:\program files (x86)\adobe\elements organizer 8.0\adobephotoshopelementsmediaserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\elements organizer 8.0\adobephotoshopelementsmediaserver.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4808" = CanoScan 5600F Scanner Driver
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Überwachungstool für die Intel® Turbo-Boost-Technik
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{722B4A13-F24D-43AE-8813-5DB82C0B23C2}" = HP Photosmart Wireless B109n-z All-In-One Driver Software 13.0 Rel .6
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
"{CFFF260C-F510-45BB-8F8E-1D4AC1232786}" = Adobe Photoshop Lightroom 3.3 64-bit
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"DesktopIconAmazon" = Desktop Icon für Amazon
"Elantech" = ETDWare PS/2-x64 7.0.6.5_WHQL
"GIMP-2_is1" = GIMP 2.8.2
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SearchAnonymizer" = SearchAnonymizer
"Shop for HP Supplies" = Shop for HP Supplies
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0A04086B-0B71-43C3-95EF-FDFC4C18D161}" = SILKYPIX Developer Studio 3.1 SE
"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{134EE273-0F1C-4A5B-817D-13111DB75B14}" = B109n-z
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BrowserDefender
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{297ACAAE-FAAC-4817-A3BE-336F63399DA3}_is1" = Calme Version 2012
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Packard Bell Power Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5CDCDBCD-119A-4AE1-9C55-B816DBBE4245}" = Iminent
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D9021DC-CF1B-4148-8C80-6D8E8A8A33EB}" = Video Web Camera
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-packardbell" = WildTangent Games App (Packard Bell Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8466940C-84D8-484C-B1E3-C2E4D73FD5DD}" = PS_AIO_06_B109n-z_SW_Min
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8C1D4735-84E4-41E2-A1DB-70EADE27633C}" = Adobe Photoshop Lightroom 3.3
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{90170407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{903B0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Project Professional 2003
"{90510407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{90A10407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office OneNote 2003
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{959282E3-55A9-49D8-B885-D27CF8A2FD82}" = PHOTOfunSTUDIO 5.0 HD Edition
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.2 MUI
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}" = AAVUpdateManager
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{c501e4e7-4c77-46aa-8cc5-173e31f062eb}" = Nero 9 Essentials
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CA442686-3F97-4395-860D-82B23D5316D5}" = DVD-Verwaltung V3
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DFEBE2C2-A83E-46B7-815A-7035615C5266}" = steuern sparen 2012
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{ED8EF3C2-FA5B-4A1E-950D-5A0227161F97}" = ArcSoft PhotoStudio 6
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F18E0993-B30A-4977-A9F4-7BEDDEED2BC2}" = Meine Homepage 3
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0
"AOL Deutschland Toolbar" = AOL Deutschland Toolbar
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CloneDVD2" = CloneDVD2
"delta" = Delta toolbar
"Delta Chrome Toolbar" = Delta Chrome Toolbar
"Desk 365" = Desk 365
"D'Fusion @Home Web Plug-In" = Total Immersion D'Fusion @Home Web Plug-In
"DMUninstaller" = DMUninstaller
"Feven" = Feven
"fileopenerpro" = File Opener Pro
"Google Chrome" = Google Chrome
"GrampsAIO32" = GrampsAIO32
"Identity Card" = Identity Card
"Incomedia WebSite X5 v8 - Express" = Incomedia WebSite X5 v8 - Express
"InstallShield_{0A04086B-0B71-43C3-95EF-FDFC4C18D161}" = SILKYPIX Developer Studio 3.1 SE
"InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Packard Bell MyBackup
"InstallShield_{F18E0993-B30A-4977-A9F4-7BEDDEED2BC2}" = DATA BECKER Meine Homepage 3
"Kegelbuch_is1" = Kegelbuch V2.0
"LManager" = Launch Manager
"Mozilla Thunderbird 17.0.6 (x86 de)" = Mozilla Thunderbird 17.0.6 (x86 de)
"Mozilla Thunderbird 17.0.7 (x86 de)" = Mozilla Thunderbird 17.0.7 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"NIS" = Norton Internet Security
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Packard Bell InfoCentre" = Packard Bell InfoCentre
"Packard Bell Registration" = Packard Bell Registration
"Packard Bell Screensaver" = Packard Bell ScreenSaver
"Packard Bell Welcome Center" = Welcome Center
"Plus-HD-2.5" = Plus-HD-2.5
"SearchProtect" = Search Protect by conduit
"SoftwareUpdUtility" = Download Updater (AOL Inc.)
"Thumb Studio_is1" = Arclab Thumb Studio 2.11
"Wajam" = Wajam
"WildTangent packardbell Master Uninstall" = Packard Bell Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-Bit)
"WT088216" = Agatha Christie - Death on the Nile
"WT088226" = Bejeweled 2 Deluxe
"WT088228" = Build-a-lot 2
"WT088235" = Chuzzle Deluxe
"WT088238" = Diner Dash 2 Restaurant Rescue
"WT088260" = Farm Frenzy
"WT088268" = Insaniquarium Deluxe
"WT088269" = Jewel Quest Solitaire 2
"WT088283" = Plants vs. Zombies
"WT088292" = Zuma Deluxe
"WT088416" = FATE
"WT088420" = Final Drive Nitro
"WT088448" = John Deere Drive Green
"WT088452" = Penguins!
"WT088456" = Polar Bowler
"WT088460" = Polar Golfer
"WT088508" = Virtual Villagers 4 - The Tree of Life
"WT088531" = Zuma's Revenge
"Yahoo! Companion" = Yahoo! Toolbar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{206a7328-437f-4bd9-b53e-12bfee24d588}" = G-Filter
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"AOL Deutschland Toolbar" = AOL Deutschland Toolbar
"JNLP" = JNLP
"Torch" = Torch
"VisualBee for Microsoft PowerPoint" = VisualBee for Microsoft PowerPoint
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 23.07.2013 10:28:09 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16635,
Zeitstempel: 0x51b7a921 Name des fehlerhaften Moduls: Plus-HD-2.5-bho.dll_unloaded,
Version: 0.0.0.0, Zeitstempel: 0x519b6ea8 Ausnahmecode: 0xc0000005 Fehleroffset:
0x08150a3e ID des fehlerhaften Prozesses: 0x1bf0 Startzeit der fehlerhaften Anwendung:
0x01ce87b0bc2a72aa Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Internet
Explorer\IEXPLORE.EXE Pfad des fehlerhaften Moduls: Plus-HD-2.5-bho.dll Berichtskennung:
182d23d2-f3a4-11e2-8616-1c7508269fd0
Error - 23.07.2013 10:31:04 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16635,
Zeitstempel: 0x51b7a921 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc00000fd Fehleroffset: 0x73d9e2d4 ID des fehlerhaften
Prozesses: 0x1ba0 Startzeit der fehlerhaften Anwendung: 0x01ce87b11c34feb0 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 80dca0de-f3a4-11e2-8616-1c7508269fd0
Error - 23.07.2013 10:42:42 | Computer Name = ****| Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: provuhrd.exe, Version: 0.0.0.0, Zeitstempel:
0x51b9cb75 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000956f01 ID des fehlerhaften
Prozesses: 0x858 Startzeit der fehlerhaften Anwendung: 0x01ce877f0c4f0248 Pfad der
fehlerhaften Anwendung: C:\Windows\system32\provuhrd.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: 210927df-f3a6-11e2-8616-1c7508269fd0
Error - 23.07.2013 13:19:03 | Computer Name = *** | Source = System Restore | ID = 8193
Description =
Error - 23.07.2013 14:15:23 | Computer Name = ***| Source = MsiInstaller | ID = 11706
Description =
Error - 23.07.2013 14:23:51 | Computer Name = ***C | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: provuhrd.exe, Version: 0.0.0.0, Zeitstempel:
0x51b9cb75 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000336f01 ID des fehlerhaften
Prozesses: 0xa00 Startzeit der fehlerhaften Anwendung: 0x01ce87cfe00127ae Pfad der
fehlerhaften Anwendung: C:\Windows\system32\provuhrd.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: 05851350-f3c5-11e2-8136-1c7508269fd0
Error - 24.07.2013 03:55:39 | Computer Name = ***| Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16635,
Zeitstempel: 0x51b7a921 Name des fehlerhaften Moduls: Feven-bho.dll_unloaded, Version:
0.0.0.0, Zeitstempel: 0x519b6ea8 Ausnahmecode: 0xc0000005 Fehleroffset: 0x08be0a3e
ID
des fehlerhaften Prozesses: 0x76c Startzeit der fehlerhaften Anwendung: 0x01ce88424dfd8c5e
Pfad
der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Pfad
des fehlerhaften Moduls: Feven-bho.dll Berichtskennung: 6dc81ea6-f436-11e2-8136-1c7508269fd0
Error - 24.07.2013 04:50:30 | Computer Name = *** | Source = System Restore | ID = 8204
Description =
Error - 24.07.2013 05:02:12 | Computer Name = ***| Source = System Restore | ID = 8204
Description =
Error - 24.07.2013 05:16:18 | Computer Name = *** | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 13e4 Startzeit:
01ce884dc7ab07cc Endzeit: 0 Anwendungspfad: C:\Users\***\Downloads\OTL.exe Berichts-ID:
a5f50de6-f441-11e2-a1d2-1c7508269fd0
[ Media Center Events ]
Error - 07.03.2012 05:29:06 | Computer Name = ***| Source = MCUpdate | ID = 0
Description = 10:29:04 - Fehler beim Herstellen der Internetverbindung. 10:29:06
- Serververbindung konnte nicht hergestellt werden..
Error - 07.03.2012 05:32:28 | Computer Name =***| Source = MCUpdate | ID = 0
Description = 10:29:17 - Fehler beim Herstellen der Internetverbindung. 10:29:17
- Serververbindung konnte nicht hergestellt werden..
Error - 26.06.2013 03:40:31 | Computer Name = ***| Source = MCUpdate | ID = 0
Description = 09:40:31 - Fehler beim Herstellen der Internetverbindung. 09:40:31
- Serververbindung konnte nicht hergestellt werden..
Error - 26.06.2013 03:40:41 | Computer Name = *** | Source = MCUpdate | ID = 0
Description = 09:40:36 - Fehler beim Herstellen der Internetverbindung. 09:40:36
- Serververbindung konnte nicht hergestellt werden..
Error - 27.06.2013 13:46:17 | Computer Name = *** | Source = MCUpdate | ID = 0
Description = 19:46:17 - Fehler beim Herstellen der Internetverbindung. 19:46:17
- Serververbindung konnte nicht hergestellt werden..
Error - 27.06.2013 13:46:26 | Computer Name = ****| Source = MCUpdate | ID = 0
Description = 19:46:22 - Fehler beim Herstellen der Internetverbindung. 19:46:22
- Serververbindung konnte nicht hergestellt werden..
Error - 12.07.2013 11:01:36 | Computer Name = *** | Source = MCUpdate | ID = 0
Description = 17:01:36 - Directory konnte nicht abgerufen werden (Fehler: Die Verbindung
mit dem Remoteserver kann nicht hergestellt werden.)
Error - 12.07.2013 11:01:39 | Computer Name = ***| Source = MCUpdate | ID = 0
Description = 17:01:38 - MCESpotlight konnte nicht abgerufen werden (Fehler: Die
Verbindung mit dem Remoteserver kann nicht hergestellt werden.)
Error - 12.07.2013 11:01:41 | Computer Name = ***| Source = MCUpdate | ID = 0
Description = 17:01:40 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die
Verbindung mit dem Remoteserver kann nicht hergestellt werden.)
Error - 12.07.2013 11:03:13 | Computer Name =***| Source = MCUpdate | ID = 0
Description = 17:01:42 - Broadband konnte nicht abgerufen werden (Fehler: Die Verbindung
mit dem Remoteserver kann nicht hergestellt werden.)
[ System Events ]
Error - 24.07.2013 04:51:37 | Computer Name = ***| Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Windows Media Player-Netzwerkfreigabedienst erreicht.
Error - 24.07.2013 04:51:37 | Computer Name =***| Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund
folgenden Fehlers nicht gestartet: %%1053
Error - 24.07.2013 04:52:18 | Computer Name = ***| Source = WMPNetworkSvc | ID = 866300
Description =
Error - 24.07.2013 04:53:04 | Computer Name = ****| Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht.
Error - 24.07.2013 04:54:48 | Computer Name = ***
Error - 24.07.2013 04:59:56 | Computer Name = ***| Source = BugCheck | ID = 1001
Description =
Error - 24.07.2013 05:00:56 | Computer Name = ***| Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
SearchAnonymizer erreicht.
Error - 24.07.2013 05:00:56 | Computer Name = **** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SearchAnonymizer" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 24.07.2013 05:02:59 | Computer Name = ***| Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Windows Media Player-Netzwerkfreigabedienst erreicht.
Error - 24.07.2013 05:02:59 | Computer Name = ****| Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund
folgenden Fehlers nicht gestartet: %%1053
< End of report >
das kommt mir übrigens auch viel länger vor als so manche andere die ich mir hier angeschaut habe, kann sein dass ich mehrere Viren habe.. hab meinen Laptop meinem Freund ne Zeit lang überlassen und der verbringt gerne Zeit auf Seiten wie kinox und hat irgendein Programm runtergeladen um Musikvideos runterzuladen und so weiter.. Danke für die Hilfe! Geändert von pizzaforever (24.07.2013 um 11:58 Uhr) |
|
24.07.2013, 11:31
| #2 |
| /// Malwareteam   | TR/Ransom.Blocker mein OTL-Log Hallo und
__________________ Ich bin Christoph alias DerJazzer. Ich werde dich durch die Bereinigung begleiten und bin währenddessen dein Ansprechpartner für dieses Thema. Je nach Art der vorliegenden Infektion kann viel Arbeit und ein großer Zeiteinsatz auf dich (und auf mich) zukommen. Ein Neuaufsetzen ist damit meist als der schnellere, aber immer als der sicherere Weg zu betrachten. Für den Erfolg der Bereinigung gilt: Ich kann dir zu keinem Zeitpunkt garantieren, dass der PC nach der Bereinigung auch wirklich frei von Malware ist! Wenn du das akzeptierst, bitte ich dich, hier so lange mitzuarbeiten, bis ich dir sage, dass der PC aus meiner Sicht malwarefrei ist. Um die Bereinigung so effektiv und nervenschonend wie möglich zu gestalten, bitte ich dich, folgende Punkte ebenfalls zu beachten:
Um mir das Auswerten deiner Logs (Berichte der verwendeten Programme) zu erleichtern, bitte ich dich, diese zwischen Code-Tags zu posten. Dazu drückst du einfach den #-Button im Antwortfenster und fügst dort zwischen den eckigen Klammern dein Log ein. Das sieht dann so aus: [CODE] eingefügtes Log [/CODE] Vista und Win7 User Alle Tools mit Rechtsklick "als Administrator ausführen" starten. Da ist aber viel Müll drauf wenn ich das mal so anmerken darf... Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 3 Scan mit Combofix
Schritt 4 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Bitte poste in deiner nächsten Antwort
__________________ |
|
25.07.2013, 21:48
| #3 |
| | TR/Ransom.Blocker mein OTL-Log Danke für die schnelle Antwort! Ich werde mir nach der Arbeit die Zeit nehmen und die nächsten Schritte durchführen.
__________________Danke dass du dir die Zeit nehmen wirst, das ist echt nicht selbstverständlich. Dass hier viel Müll drauf ist war mir bewusst, das ist eigentlich der Laptop von meiner Mutter, ich freue mich schon drauf mir nächsten oder übernächsten Monat einen eigenen leisten zu können, dann passiert so etwas hoffentlich nicht mehr. Liebe Grüße! oh man ich hab jetzt eine stunde lang die antwort mit den codes geschrieben und dann war ich ausgeloggt  ich werde es morgen nochmal machen endlich zu hause, hier die logs: Adw Code:
ATTFilter # AdwCleaner v2.306 - Datei am 24/07/2013 um 19:36:57 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : *** - ***
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
Gestoppt & Gelöscht : GFilterSvc
Gestoppt & Gelöscht : SearchAnonymizer
Gestoppt & Gelöscht : SProtection
Gestoppt & Gelöscht : WajamUpdater
Gestoppt & Gelöscht : WebCake Desktop Updater
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Public\Desktop\eBay.lnk
Datei Gelöscht : C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Datei Gelöscht : C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
Datei Gelöscht : C:\Windows\Tasks\EPUpdater.job
Gelöscht mit Neustart : C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkoahcaobjbihehldfimhblmhgalcipm
Ordner Gelöscht : C:\Program Files (x86)\Ask.com
Ordner Gelöscht : C:\Program Files (x86)\Common Files\337
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Software Update Utility
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Umbrella
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\delta
Ordner Gelöscht : C:\Program Files (x86)\Desk 365
Ordner Gelöscht : C:\Program Files (x86)\Iminent
Ordner Gelöscht : C:\Program Files (x86)\SearchProtect
Ordner Gelöscht : C:\Program Files (x86)\Wajam
Ordner Gelöscht : C:\Program Files (x86)\WebCake
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Browser Manager
Ordner Gelöscht : C:\ProgramData\BrowserDefender
Ordner Gelöscht : C:\ProgramData\Conduit
Ordner Gelöscht : C:\ProgramData\Iminent
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\visualbee
Ordner Gelöscht : C:\Users\****\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Ordner Gelöscht : C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkoahcaobjbihehldfimhblmhgalcipm
Ordner Gelöscht : C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Ordner Gelöscht : C:\Users\***\AppData\Local\Ilivid
Ordner Gelöscht : C:\Users\***\AppData\Local\Temp\Desk365
Ordner Gelöscht : C:\Users\***\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\***\AppData\Local\Temp\Smartbar
Ordner Gelöscht : C:\Users\***\AppData\Local\visualbeeexe
Ordner Gelöscht : C:\Users\***\AppData\Local\Wajam
Ordner Gelöscht : C:\Users\***\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\***\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\***\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\***\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\***\AppData\Roaming\delta
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Desk 365
Ordner Gelöscht : C:\Users\***\AppData\Roaming\DesktopIconForAmazon
Ordner Gelöscht : C:\Users\***\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Iminent
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Ordner Gelöscht : C:\Users\***\AppData\Roaming\OCS
Ordner Gelöscht : C:\Users\***\AppData\Roaming\SearchProtect
Ordner Gelöscht : C:\Users\***\AppData\Roaming\WebCake
Ordner Gelöscht : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\hkoahcaobjbihehldfimhblmhgalcipm
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311151154}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311341138}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311151154}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311341138}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{206a7328-437f-4bd9-b53e-12bfee24d588}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\SearchProtect
Schlüssel Gelöscht : HKCU\Software\Wajam
Schlüssel Gelöscht : HKCU\Software\5a53d98ce668ea12
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0031554.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0031554.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0031554.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0031554.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0033438.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0033438.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0033438.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0033438.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dnUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3297265
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344344438}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\Desksvc
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\MapsGalaxy_39EI
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311151154}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311341138}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\Software\SearchProtect
Schlüssel Gelöscht : HKLM\Software\Umbrella
Schlüssel Gelöscht : HKLM\Software\V9
Schlüssel Gelöscht : HKLM\Software\Wajam
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\5a53d98ce668ea12
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110311151154}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110311341138}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220322342238}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{55555555-5555-5555-5555-550355345538}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660366346638}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hkoahcaobjbihehldfimhblmhgalcipm
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311151154}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341138}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Desk 365
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355345538}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366346638}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchAnonymizer
Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer
Schlüssel Gelöscht : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Desk 365]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [searchprotect]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WebCake Desktop]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtectAll]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16635
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com/?ctid=CT3297265&octid=CT3297265&SearchSource=61&CUI=UN24652495911641414&UM=2&UP=SP9EBFC968-E412-4D30-B7CB-557515C2C7D7 --> hxxp://www.google.com
-\\ Google Chrome v28.0.1500.72
Datei : C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [436 octets] - [24/07/2013 19:36:43]
AdwCleaner[S2].txt - [45901 octets] - [24/07/2013 19:36:57]
########## EOF - C:\AdwCleaner[S2].txt - [45962 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.2 (07.22.2013:2)
OS: Windows 7 Home Premium x64
Ran by *** on 24.07.2013 at 21:21:02,99
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?
Value Name Type Value Data
========================================================================================
NTRedirect REG_SZ C:\Windows\SysWOW64\rundll32.exe "C:\Users\****\AppData\Roaming\BabSolution\Shared\NTRedirect.dll",Run
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{f511afdb-726e-4458-90e7-1ecb97406544}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\clsid\{fb684d26-01f4-4d9d-87cb-f486beba56dc}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\clsid\{fb684d26-01f4-4d9d-87cb-f486beba56dc}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\torch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\visualbee
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\visualbee
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322152254}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355155554}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366156654}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322152254}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550355155554}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366156654}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355155554}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366156654}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550355155554}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366156654}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2059CF48-25F3-40d7-9D37-24A3142FD20B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3EEA657D-134D-4F52-AFA1-29D58E5955FD}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6FA1E689-BEE7-407B-8AF1-6AD885CB1998}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2059CF48-25F3-40d7-9D37-24A3142FD20B}
~~~ Files
Successfully deleted: [File] C:\Windows\syswow64\shoAC3F.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoADEA.tmp
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\datamngr"
Successfully deleted: [Folder] "C:\Users\***\appdata\local\torch"
Successfully deleted: [Folder] "C:\Users\***\appdata\local\visualbeeclient"
Successfully deleted: [Folder] "C:\Program Files (x86)\pc speed up"
~~~ Chrome
Successfully deleted: [Folder] C:\Users\***\appdata\local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Successfully deleted: [Folder] C:\Users\***\appdata\local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.07.2013 at 21:25:38,60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter ComboFix 13-07-24.03 - *** 24.07.2013 21:34:09.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3767.2235 [GMT 2:00]
ausgeführt von:: c:\users\***\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Windows Live\Messenger\msacm32.dll
c:\programdata\2433f433
c:\programdata\dsgsdgdsgdsgw.pad
c:\users\***\4.0
c:\users\***\AppData\Roaming\2433f433
c:\users\***\dxfaotdp.exe
c:\windows\wininit.ini
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-06-24 bis 2013-07-24 ))))))))))))))))))))))))))))))
.
.
2013-07-24 19:48 . 2013-07-24 19:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-24 19:19 . 2013-07-24 19:19 -------- d-----w- c:\windows\ERUNT
2013-07-24 17:35 . 2013-07-24 17:35 -------- d-----w- c:\users\***\Qtrax
2013-07-24 17:31 . 2013-07-24 17:31 -------- d-----w- c:\users\***\AppData\Roaming\Zip Opener Packages
2013-07-23 17:35 . 2013-07-23 17:38 -------- d-----w- c:\windows\system32\MRT
2013-07-23 00:26 . 2013-07-23 00:26 -------- d-----w- c:\program files\Uninstaller
2013-07-23 00:25 . 2013-07-24 09:13 -------- d-----w- c:\users\***\AppData\Roaming\player
2013-07-23 00:25 . 2013-07-23 00:25 -------- d-----w- c:\program files (x86)\Tuguu SL
2013-07-23 00:19 . 2013-07-23 00:53 -------- d-----w- c:\program files\DivX
2013-07-23 00:18 . 2013-07-23 01:16 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared
2013-07-23 00:15 . 2013-07-23 00:15 -------- d-----w- c:\users\***\AppData\Local\CRE
2013-07-23 00:14 . 2013-07-23 00:14 81768 ----a-w- C:\ministub.exe
2013-07-23 00:14 . 2013-07-23 00:54 -------- d-----w- c:\program files (x86)\DivX
2013-07-23 00:13 . 2013-07-23 00:15 -------- d-----w- c:\program files (x86)\Feven
2013-07-23 00:11 . 2013-07-23 00:54 -------- d-----w- c:\programdata\DivX
2013-07-22 12:17 . 2013-07-22 21:25 -------- d-----w- c:\windows\system32\drivers\NISx64\1207020.003
2013-07-21 16:29 . 2013-07-21 16:29 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2013-07-21 16:11 . 2013-07-21 16:11 -------- d-----w- c:\users\***\AppData\Roaming\Tific
2013-07-21 16:11 . 2013-07-21 16:11 -------- d-----w- c:\users\***\AppData\Local\Symantec
2013-07-21 16:11 . 2013-07-24 17:36 -------- d-----w- c:\users\***\AppData\Local\CrashDumps
2013-07-21 16:09 . 2013-07-21 16:28 -------- d-----w- c:\program files\Symantec
2013-07-21 16:09 . 2013-07-21 16:09 173616 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-07-21 16:09 . 2013-07-21 16:09 -------- d-----w- c:\program files\Common Files\Symantec Shared
2013-07-16 20:08 . 2013-07-22 22:21 -------- d-----w- c:\users\Ulrike\AppData\Roaming\vlc
2013-07-16 20:02 . 2013-07-16 20:02 -------- d-----w- c:\programdata\TorchCrashHandler
2013-07-15 09:14 . 2013-07-23 00:20 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2013-07-13 18:12 . 2013-07-13 18:12 -------- d-----w- C:\found.000
2013-07-13 13:05 . 2013-07-13 13:05 -------- d-----w- C:\Lxk2200
2013-07-13 12:52 . 2013-07-13 12:52 -------- d-----w- c:\program files (x86)\FileOpenerPro
2013-07-13 12:50 . 2013-07-13 12:50 -------- d-----w- c:\users\***\AppData\Local\AOL Deutschland Toolbar
2013-07-13 12:50 . 2013-07-13 12:50 -------- d-----w- c:\program files (x86)\Plus-HD-2.5
2013-07-13 12:49 . 2013-07-13 12:49 -------- d-----w- c:\users\****\AppData\Local\emaze
2013-07-13 12:49 . 2013-07-13 12:49 -------- d-----w- c:\program files (x86)\AOL Deutschland Toolbar
2013-07-13 12:49 . 2013-07-13 12:49 -------- d-----w- c:\programdata\AOL Deutschland Toolbar
2013-07-12 17:11 . 2013-07-12 17:11 -------- d-----w- c:\windows\SysWow64\searchplugins
2013-07-12 17:11 . 2013-07-12 17:11 -------- d-----w- c:\windows\SysWow64\Extensions
2013-07-12 15:02 . 2006-12-14 12:42 69120 ----a-r- c:\windows\SysWow64\avmadd32.dll
2013-07-12 15:01 . 2006-05-29 01:00 16384 ----a-r- c:\windows\SysWow64\avmprmon.dll
2013-07-12 15:01 . 2013-07-12 15:02 -------- d-----w- c:\program files (x86)\FRITZ!Box
2013-07-07 08:52 . 2013-07-07 08:52 -------- d-----w- c:\users\***\AppData\Roaming\gramps
2013-07-07 08:49 . 2013-07-07 08:51 -------- d-----w- c:\program files (x86)\GrampsAIO32
2013-07-07 08:47 . 2013-07-10 07:31 117760 ----a-w- c:\windows\system32\provuhrd.exe
2013-07-07 08:47 . 2013-07-07 08:47 121856 ----a-w- c:\windows\system32\GFilterSvc0.exe
2013-07-07 08:47 . 2013-07-07 08:47 121856 ----a-w- c:\windows\system32\GFilterSvc.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-12 19:17 . 2011-08-26 12:00 893552 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-07-12 19:17 . 2011-08-26 11:50 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-07-12 19:17 . 2011-08-26 11:50 1236816 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-07-03 17:31 . 2012-03-04 08:21 893552 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-07-03 17:31 . 2012-03-04 08:21 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-06-27 13:36 . 2013-05-08 10:22 83672 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-06-26 08:41 . 2011-10-11 12:07 1236816 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-06-12 11:03 . 2012-06-22 22:26 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 11:03 . 2012-06-22 22:26 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-13 05:51 . 2013-06-12 21:02 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-12 21:02 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-12 21:02 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-12 21:02 52224 ----a-w- c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-12 21:02 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-12 21:02 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-12 21:02 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-12 21:02 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-12 21:02 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-12 21:02 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-05-10 05:49 . 2013-06-12 21:02 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-05-10 03:20 . 2013-06-12 21:02 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-05-08 10:25 . 2013-05-08 10:25 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-05-08 10:25 . 2013-05-08 10:25 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-05-08 10:25 . 2013-05-08 10:25 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-05-08 10:25 . 2013-05-08 10:25 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-05-08 10:25 . 2013-05-08 10:25 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-05-08 10:25 . 2013-05-08 10:25 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-08 10:25 . 2013-05-08 10:25 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-08 10:25 . 2013-05-08 10:25 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-05-08 10:25 . 2013-05-08 10:25 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-05-08 10:25 . 2013-05-08 10:25 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-05-08 10:25 . 2013-05-08 10:25 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-05-08 10:25 . 2013-05-08 10:25 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-05-08 10:25 . 2013-05-08 10:25 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-05-08 10:25 . 2013-05-08 10:25 216064 ----a-w- c:\windows\system32\msls31.dll
2013-05-08 10:25 . 2013-05-08 10:25 197120 ----a-w- c:\windows\system32\msrating.dll
2013-05-08 10:25 . 2013-05-08 10:25 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-05-08 10:25 . 2013-05-08 10:25 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-05-08 10:25 . 2013-05-08 10:25 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-05-08 10:25 . 2013-05-08 10:25 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-05-08 10:25 . 2013-05-08 10:25 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-05-08 10:25 . 2013-05-08 10:25 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-05-08 10:25 . 2013-05-08 10:25 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-05-08 10:25 . 2013-05-08 10:25 81408 ----a-w- c:\windows\system32\icardie.dll
2013-05-08 10:25 . 2013-05-08 10:25 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-05-08 10:25 . 2013-05-08 10:25 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-05-08 10:25 . 2013-05-08 10:25 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-05-08 10:25 . 2013-05-08 10:25 441856 ----a-w- c:\windows\system32\html.iec
2013-05-08 10:25 . 2013-05-08 10:25 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-05-08 10:25 . 2013-05-08 10:25 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-08 10:25 . 2013-05-08 10:25 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-05-08 10:25 . 2013-05-08 10:25 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-05-08 10:25 . 2013-05-08 10:25 235008 ----a-w- c:\windows\system32\url.dll
2013-05-08 10:25 . 2013-05-08 10:25 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-05-08 10:25 . 2013-05-08 10:25 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-05-08 10:25 . 2013-05-08 10:25 144896 ----a-w- c:\windows\system32\wextract.exe
2013-05-08 10:25 . 2013-05-08 10:25 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-05-08 10:25 . 2013-05-08 10:25 102912 ----a-w- c:\windows\system32\inseng.dll
2013-05-08 10:25 . 2013-05-08 10:25 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-05-08 10:25 . 2013-05-08 10:25 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-05-08 10:25 . 2013-05-08 10:25 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-05-08 10:25 . 2013-05-08 10:25 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-05-08 10:25 . 2013-05-08 10:25 149504 ----a-w- c:\windows\system32\occache.dll
2013-05-08 10:25 . 2013-05-08 10:25 13824 ----a-w- c:\windows\system32\mshta.exe
2013-05-08 10:25 . 2013-05-08 10:25 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-05-08 10:25 . 2013-05-08 10:25 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-05-08 10:25 . 2013-05-08 10:25 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-05-08 10:25 . 2013-05-08 10:25 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-05-08 10:25 . 2013-05-08 10:25 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-05-08 10:25 . 2013-05-08 10:25 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-05-08 10:24 . 2013-05-08 10:24 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-05-08 10:24 . 2013-05-08 10:24 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-05-08 10:24 . 2013-05-08 10:24 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-05-08 10:24 . 2013-05-08 10:24 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-05-08 10:24 . 2013-05-08 10:24 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-05-08 10:24 . 2013-05-08 10:24 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-05-08 10:24 . 2013-05-08 10:24 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-05-08 10:24 . 2013-05-08 10:24 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-05-08 10:24 . 2013-05-08 10:24 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-05-08 10:24 . 2013-05-08 10:24 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-05-08 10:24 . 2013-05-08 10:24 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-05-08 10:24 . 2013-05-08 10:24 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{9B6B03F1-16CF-4491-BBBB-E872802DD717}]
2013-02-15 16:52 138752 ----a-w- c:\programdata\DNSErrorHelper\bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" [2010-06-28 263936]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"VideoWebCamera"="c:\program files (x86)\VideoWebCamera\VideoWebCamera.exe" [2010-05-26 1545568]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-06-27 345144]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
Microsoft Office OneNote 2003 Schnellstart.lnk - c:\program files (x86)\Microsoft Office\OFFICE11\ONENOTEM.EXE /tsr [2007-4-19 64864]
PHOTOfunSTUDIO 5.0 HD Edition.lnk - c:\program files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe -e "c:\program files (x86)\Panasonic\PHOTOfunSTUDIO 5.0 HD\PHOTOfunSTUDIO.exe" [2012-1-29 170480]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1207020.003\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1207020.003\SYMEFA64.SYS [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20130715.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20130723.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20130723.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1207020.003\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1207020.003\SYMNETS.SYS [x]
S2 AAV UpdateService;AAV UpdateService;c:\program files (x86)\AAVUpdateManager\aavus.exe;c:\program files (x86)\AAVUpdateManager\aavus.exe [x]
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 dfrgui32;Windows-Ereignisprotokoll System Windows;c:\windows\system32\provuhrd.exe;c:\windows\SYSNATIVE\provuhrd.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-13 03:54 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-22 11:03]
.
2013-07-23 c:\windows\Tasks\Feven-chromeinstaller.job
- c:\program files (x86)\Feven\Feven-chromeinstaller.exe [2013-07-23 00:13]
.
2013-07-23 c:\windows\Tasks\Feven-codedownloader.job
- c:\program files (x86)\Feven\Feven-codedownloader.exe [2013-07-23 00:13]
.
2013-07-23 c:\windows\Tasks\Feven-enabler.job
- c:\program files (x86)\Feven\Feven-enabler.exe [2013-07-23 00:14]
.
2013-07-23 c:\windows\Tasks\Feven-updater.job
- c:\program files (x86)\Feven\Feven-updater.exe [2013-07-23 00:14]
.
2013-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-22 22:26]
.
2013-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-22 22:26]
.
2013-07-24 c:\windows\Tasks\Plus-HD-2.5-chromeinstaller.job
- c:\program files (x86)\Plus-HD-2.5\Plus-HD-2.5-chromeinstaller.exe [2013-07-13 12:50]
.
2013-07-24 c:\windows\Tasks\Plus-HD-2.5-codedownloader.job
- c:\program files (x86)\Plus-HD-2.5\Plus-HD-2.5-codedownloader.exe [2013-07-13 12:50]
.
2013-07-24 c:\windows\Tasks\Plus-HD-2.5-enabler.job
- c:\program files (x86)\Plus-HD-2.5\Plus-HD-2.5-enabler.exe [2013-07-13 12:50]
.
2013-07-24 c:\windows\Tasks\Plus-HD-2.5-updater.job
- c:\program files (x86)\Plus-HD-2.5\Plus-HD-2.5-updater.exe [2013-07-13 12:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-23 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-23 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-23 415256]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-06-09 206208]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2010-06-11 861216]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-11 689488]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-NTRedirect - c:\users\***\AppData\Roaming\BabSolution\Shared\NTRedirect.dll
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-DivXMediaServer - c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
HKLM-Run-Ocs_SM - c:\users\***\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
AddRemove-Incomedia WebSite X5 v8 - Express - c:\windows\system32\iwpsetup.exe
AddRemove-DSite - c:\users\****ta\Roaming\DSite\UpdateProc\UpdateTask.exe
AddRemove-JNLP - c:\windows\system32\javaws.exe
AddRemove-VisualBee for Microsoft PowerPoint - c:\users\Ulrike\AppData\Local\VisualBeeExe\uninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\diMaster.dll\" /prefetch:1"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\SecuROM\License information*]
"datasecu"=hex:f1,ae,b4,eb,6a,67,78,c9,02,84,f2,08,97,a1,7f,78,fb,5f,a6,a6,bb,
f9,0c,25,d3,8b,4e,f3,6f,6a,cb,84,ce,8a,db,1e,0f,f6,24,19,70,e5,5e,f6,b6,0c,\
"rkeysecu"=hex:0c,3f,b6,0e,01,a6,ec,6e,1c,e6,bb,93,33,49,d6,b5
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-07-24 22:03:11
ComboFix-quarantined-files.txt 2013-07-24 20:03
.
Vor Suchlauf: 10 Verzeichnis(se), 222.605.205.504 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 223.904.317.440 Bytes frei
.
- - End Of File - - 4C33DC74C23C69F5934640F41267ACA7
D41D8CD98F00B204E9800998ECF8427E
|
|
25.07.2013, 21:50
| #4 |
| | TR/Ransom.Blocker mein OTL-Log FRST FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2013
Ran by *** (administrator) on 24-07-2013 22:11:41
Running from C:\Users\***\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\AAVUpdateManager\aavus.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Adobe Systems Incorporated) c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(B.H.A Corporation) C:\Windows\SysWOW64\bgsvcgen.exe
() C:\Windows\system32\provuhrd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Panasonic Corporation) C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
(Suyin) C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [206208 2010-06-09] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-11] (CANON INC.)
HKLM\...\Run: [Ocs_SM] - C:\Users\***\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [x]
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [BackupManagerTray] - "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k [263936 2010-06-29] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [35696 2009-10-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VideoWebCamera] - "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a [1545568 2010-05-26] (Suyin)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [935288 2009-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Schnellstart.lnk
ShortcutTarget: Microsoft Office OneNote 2003 Schnellstart.lnk -> C:\Program Files (x86)\Microsoft Office\OFFICE11\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 5.0 HD Edition.lnk
ShortcutTarget: PHOTOfunSTUDIO 5.0 HD Edition.lnk -> C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: (No Name) - {66a449dc-6b1d-4187-a4f1-b335d3da5365} - No File
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
SearchScopes: HKLM-x32 - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197&type=ds2se&d
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {07A64CD7-7415-43A8-963F-DF9ABF56354C} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=178b965e-f61b-44d0-8390-e5f443f82baa&pid=winsoftware&mode=bounce&k=0
SearchScopes: HKCU - {44A7C8CF-3553-4A05-B004-2822F1E00BCB} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=178b965e-f61b-44d0-8390-e5f443f82baa&pid=winsoftware&mode=bounce&k=0
SearchScopes: HKCU - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197&type=ds2se&d
SearchScopes: HKCU - {7D2283C1-8D84-4FA8-865E-AF6E1A9C04F0} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=178b965e-f61b-44d0-8390-e5f443f82baa&pid=winsoftware&mode=bounce&k=0
SearchScopes: HKCU - {95B2B476-0BA4-429D-A79E-2E729F0A2EE4} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=178b965e-f61b-44d0-8390-e5f443f82baa&pid=winsoftware&mode=bounce&k=0
SearchScopes: HKCU - {9AB71EB6-8F10-46F3-84E8-B877B9BDBC73} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=178b965e-f61b-44d0-8390-e5f443f82baa&pid=winsoftware&mode=bounce&k=0
SearchScopes: HKCU - {9B0BA1C1-9ECE-4BBA-8160-F2A63DA6C3AE} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=178b965e-f61b-44d0-8390-e5f443f82baa&pid=winsoftware&mode=bounce&k=0
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: AOL Deutschland Toolbar Loader - {2d3b1910-86c2-4d4b-b1db-124b3ea35bef} - C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: DNS Error Helper - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll ()
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - AOL Deutschland Toolbar - {567d4d94-8077-4682-b887-945f3d644116} - C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {567D4D94-8077-4682-B887-945F3D644116} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: msdaipp - No CLSID Value -
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msdaipp - No CLSID Value -
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Chrome:
=======
CHR Extension: (Feven) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0
CHR Extension: (Plus-HD-2.5) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.23.8_0
==================== Services (Whitelisted) =================
R2 AAV UpdateService; C:\Program Files (x86)\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 dfrgui32; C:\Windows\system32\provuhrd.exe [117760 2013-07-10] ()
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [868896 2010-06-11] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-17] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [255744 2010-06-29] (NewTech Infosystems, Inc.)
S2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-04-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-04-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-04-05] (Avira Operations GmbH & Co. KG)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-07-15] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-07-15] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-07-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-07-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-07-21] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20130723.001\IDSvia64.sys [513184 2013-07-19] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20130723.001\IDSvia64.sys [513184 2013-07-19] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20130724.003\ENG64.SYS [126040 2013-07-21] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20130724.003\ENG64.SYS [126040 2013-07-21] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20130724.003\EX64.SYS [2098776 2013-07-21] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20130724.003\EX64.SYS [2098776 2013-07-21] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-15] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [173616 2013-07-21] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-21] (Symantec Corporation)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
U3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-24 22:11 - 2013-07-24 22:11 - 00000000 ____D C:\FRST
2013-07-24 22:10 - 2013-07-24 22:10 - 01779761 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-07-24 22:03 - 2013-07-24 22:03 - 00034506 _____ C:\ComboFix.txt
2013-07-24 21:32 - 2013-07-24 22:03 - 00000000 ____D C:\ComboFix
2013-07-24 21:32 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-24 21:32 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-24 21:32 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-24 21:32 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-24 21:32 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-24 21:32 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-24 21:32 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-24 21:32 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-24 21:29 - 2013-07-24 22:03 - 00000000 ____D C:\Qoobox
2013-07-24 21:28 - 2013-07-24 21:59 - 00000000 ____D C:\Windows\erdnt
2013-07-24 21:28 - 2013-07-24 21:28 - 05094311 ____R (Swearware) C:\Users\***\Desktop\ComboFix.exe
2013-07-24 21:25 - 2013-07-24 21:25 - 00004328 _____ C:\Users\***\Desktop\JRT.txt
2013-07-24 21:19 - 2013-07-24 21:19 - 00000000 ____D C:\Windows\ERUNT
2013-07-24 21:18 - 2013-07-24 21:18 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\***\Desktop\JRT.exe
2013-07-24 21:10 - 2013-07-24 21:10 - 00045882 _____ C:\Users\***\Desktop\AdwCleaner[S2].txt
2013-07-24 19:36 - 2013-07-24 19:37 - 00045882 _____ C:\AdwCleaner[S2].txt
2013-07-24 19:36 - 2013-07-24 19:36 - 00000436 _____ C:\AdwCleaner[S1].txt
2013-07-24 19:35 - 2013-07-24 19:35 - 00000000 ____D C:\Users\***\Qtrax
2013-07-24 19:34 - 2013-07-24 19:34 - 00666633 _____ C:\Users\***\Downloads\adwcleaner.exe
2013-07-24 19:34 - 2013-07-24 19:34 - 00666633 _____ C:\Users\***\Desktop\adwcleaner.exe
2013-07-24 19:31 - 2013-07-24 19:31 - 00000000 ____D C:\Users\***\AppData\Roaming\Zip Opener Packages
2013-07-24 14:40 - 2013-07-24 14:40 - 00593434 _____ C:\Users\***\Downloads\36704.txt
2013-07-24 11:29 - 2013-07-24 11:29 - 00131554 _____ C:\Users\**\Desktop\OTL.Txt
2013-07-24 11:29 - 2013-07-24 11:29 - 00075032 _____ C:\Users\****\Desktop\Extras.Txt
2013-07-24 11:16 - 2013-07-24 11:16 - 00602112 _____ (OldTimer Tools) C:\Users\**\Desktop\OTL.exe
2013-07-24 11:11 - 2013-07-24 11:11 - 00602112 _____ (OldTimer Tools) C:\Users\**\Downloads\OTL.exe
2013-07-24 10:59 - 2013-07-24 10:59 - 00279024 _____ C:\Windows\Minidump\072413-104676-01.dmp
2013-07-24 10:47 - 2013-07-24 10:47 - 00271040 _____ C:\Windows\Minidump\072413-102321-01.dmp
2013-07-24 10:42 - 2013-07-24 10:59 - 00000000 ____D C:\Windows\Minidump
2013-07-24 10:42 - 2013-07-24 10:58 - 631716993 _____ C:\Windows\MEMORY.DMP
2013-07-24 10:42 - 2013-07-24 10:43 - 00279024 _____ C:\Windows\Minidump\072413-35443-01.dmp
2013-07-23 19:35 - 2013-07-23 19:38 - 00000000 ____D C:\Windows\system32\MRT
2013-07-23 12:46 - 2013-07-23 12:47 - 88425338 _____ C:\Users\***\Desktop\splash! Mag präsentiert_The Notorious H.A.F.T (1).rar
2013-07-23 11:59 - 2013-07-23 11:59 - 00000875 _____ C:\Users\**\AppData\Local\recently-used.xbel
2013-07-23 02:25 - 2013-07-24 11:13 - 00000000 ____D C:\Users\**\AppData\Roaming\player
2013-07-23 02:25 - 2013-07-23 02:25 - 00000000 ____D C:\Program Files (x86)\Tuguu SL
2013-07-23 02:19 - 2013-07-23 02:53 - 00000000 ____D C:\Program Files\DivX
2013-07-23 02:19 - 2013-07-23 02:19 - 00000544 _____ C:\Windows\KB893803v2.log
2013-07-23 02:15 - 2013-07-23 02:15 - 00000000 ____D C:\Users\***\AppData\Local\CRE
2013-07-23 02:14 - 2013-07-23 20:14 - 00001164 _____ C:\Windows\Tasks\Feven-codedownloader.job
2013-07-23 02:14 - 2013-07-23 20:14 - 00001160 _____ C:\Windows\Tasks\Feven-updater.job
2013-07-23 02:14 - 2013-07-23 20:14 - 00001064 _____ C:\Windows\Tasks\Feven-enabler.job
2013-07-23 02:14 - 2013-07-23 02:54 - 00000000 ____D C:\Program Files (x86)\DivX
2013-07-23 02:14 - 2013-07-23 02:15 - 00004190 _____ C:\Windows\System32\Tasks\Feven-updater
2013-07-23 02:14 - 2013-07-23 02:14 - 00081768 _____ (Conduit) C:\ministub.exe
2013-07-23 02:14 - 2013-07-23 02:14 - 00004194 _____ C:\Windows\System32\Tasks\Feven-codedownloader
2013-07-23 02:14 - 2013-07-23 02:14 - 00004094 _____ C:\Windows\System32\Tasks\Feven-enabler
2013-07-23 02:13 - 2013-07-23 20:13 - 00001860 _____ C:\Windows\Tasks\Feven-chromeinstaller.job
2013-07-23 02:13 - 2013-07-23 02:15 - 00000000 ____D C:\Program Files (x86)\Feven
2013-07-23 02:11 - 2013-07-23 02:54 - 00000000 ____D C:\ProgramData\DivX
2013-07-22 23:37 - 2013-07-22 23:37 - 00000000 ____D C:\Windows\System32\Tasks\Symantec
2013-07-21 18:11 - 2013-07-24 19:36 - 00000000 ____D C:\Users\**\AppData\Local\CrashDumps
2013-07-21 18:11 - 2013-07-21 18:11 - 00000000 ____D C:\Users\**\AppData\Roaming\Tific
2013-07-21 18:11 - 2013-07-21 18:11 - 00000000 ____D C:\Users\**\AppData\Local\Symantec
2013-07-21 18:09 - 2013-07-21 18:28 - 00000000 ____D C:\Program Files\Symantec
2013-07-21 18:09 - 2013-07-21 18:09 - 00173616 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2013-07-21 18:09 - 2013-07-21 18:09 - 00007440 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2013-07-21 18:09 - 2013-07-21 18:09 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-07-20 21:40 - 2013-07-20 21:40 - 00003436 _____ C:\Windows\System32\Tasks\BrowserDefendert
2013-07-16 22:08 - 2013-07-23 00:21 - 00000000 ____D C:\Users\**\AppData\Roaming\vlc
2013-07-16 22:02 - 2013-07-16 22:03 - 00001396 _____ C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
2013-07-16 22:02 - 2013-07-16 22:02 - 00000000 ____D C:\ProgramData\TorchCrashHandler
2013-07-15 11:14 - 2013-07-23 02:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-07-14 14:18 - 2013-07-14 14:18 - 00000982 _____ C:\Users\**\Desktop\FRITZ!Box Benutzeroberfläche.lnk
2013-07-14 01:34 - 2013-06-24 00:57 - 78277128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-13 20:12 - 2013-07-13 20:12 - 00000000 ____D C:\found.000
2013-07-13 19:37 - 2013-07-13 19:37 - 01084727 _____ C:\Users\***\AppData\Local\2433f433
2013-07-13 15:05 - 2013-07-13 15:05 - 00000000 ____D C:\Lxk2200
2013-07-13 14:52 - 2013-07-13 14:52 - 00000000 ____D C:\Program Files (x86)\FileOpenerPro
2013-07-13 14:50 - 2013-07-24 09:29 - 00001906 _____ C:\Windows\Tasks\Plus-HD-2.5-chromeinstaller.job
2013-07-13 14:50 - 2013-07-24 09:28 - 00001200 _____ C:\Windows\Tasks\Plus-HD-2.5-codedownloader.job
2013-07-13 14:50 - 2013-07-24 09:28 - 00001196 _____ C:\Windows\Tasks\Plus-HD-2.5-updater.job
2013-07-13 14:50 - 2013-07-24 09:28 - 00001100 _____ C:\Windows\Tasks\Plus-HD-2.5-enabler.job
2013-07-13 14:50 - 2013-07-13 14:50 - 00004230 _____ C:\Windows\System32\Tasks\Plus-HD-2.5-codedownloader
2013-07-13 14:50 - 2013-07-13 14:50 - 00004226 _____ C:\Windows\System32\Tasks\Plus-HD-2.5-updater
2013-07-13 14:50 - 2013-07-13 14:50 - 00004130 _____ C:\Windows\System32\Tasks\Plus-HD-2.5-enabler
2013-07-13 14:50 - 2013-07-13 14:50 - 00000000 ____D C:\Users\**\AppData\Local\AOL Deutschland Toolbar
2013-07-13 14:50 - 2013-07-13 14:50 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.5
2013-07-13 14:49 - 2013-07-13 14:49 - 00001228 _____ C:\Users\**\Desktop\Create Amazing Presentations.lnk
2013-07-13 14:49 - 2013-07-13 14:49 - 00001228 _____ C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk
2013-07-13 14:49 - 2013-07-13 14:49 - 00000000 ____D C:\Users\***\AppData\Local\emaze
2013-07-13 14:49 - 2013-07-13 14:49 - 00000000 ____D C:\ProgramData\AOL Deutschland Toolbar
2013-07-13 14:49 - 2013-07-13 14:49 - 00000000 ____D C:\Program Files (x86)\AOL Deutschland Toolbar
2013-07-13 14:48 - 2013-07-13 14:48 - 00000000 _____ C:\extensions.sqlite
2013-07-12 19:11 - 2013-07-12 19:11 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-12 19:11 - 2013-07-12 19:11 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-12 17:02 - 2006-12-14 14:42 - 00069120 ____R (AVM Berlin) C:\Windows\SysWOW64\avmadd32.dll
2013-07-12 17:01 - 2013-07-12 17:02 - 00002975 _____ C:\Windows\avmadd32.log
2013-07-12 17:01 - 2013-07-12 17:02 - 00002492 _____ C:\Windows\avmadd321.log
2013-07-12 17:01 - 2013-07-12 17:02 - 00000000 ____D C:\Program Files (x86)\FRITZ!Box
2013-07-12 17:01 - 2013-07-12 17:01 - 00000000 ____D C:\Program Files (x86)\FRITZ!BoxPrint
2013-07-12 17:01 - 2006-05-29 03:00 - 00016384 ____R (AVM Berlin GmbH) C:\Windows\SysWOW64\avmprmon.dll
2013-07-10 19:11 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 19:11 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 19:11 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 19:11 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 19:11 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 19:11 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 19:11 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-10 19:11 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 19:11 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 19:11 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-10 19:11 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-10 19:11 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-10 19:11 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-10 19:11 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 19:11 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 19:11 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 19:11 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 19:11 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 19:11 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 19:11 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 19:11 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 19:11 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 19:11 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-10 19:11 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-10 19:11 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-10 19:11 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-10 19:11 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-10 19:11 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-10 19:11 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-10 19:11 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-10 19:11 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-10 15:38 - 2013-07-10 15:38 - 51187712 _____ C:\Users\**\Downloads\wz175-32gev.msi
2013-07-10 15:34 - 2013-07-10 15:35 - 00000000 ____D C:\Users\***\AppData\Roaming\WinRAR
2013-07-10 15:34 - 2013-07-10 15:34 - 00000000 ____D C:\Users\**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-10 15:34 - 2013-07-10 15:34 - 00000000 ____D C:\Program Files (x86)\WinRAR
2013-07-10 11:10 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 11:10 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 11:10 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 11:10 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 11:10 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 11:10 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 11:10 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-07 10:52 - 2013-07-07 10:52 - 00000000 ____D C:\Users\**\AppData\Roaming\gramps
2013-07-07 10:51 - 2013-07-07 10:51 - 00002096 _____ C:\Users\***\Desktop\GrampsAIO32 3.4.5-1 Console.lnk
2013-07-07 10:51 - 2013-07-07 10:51 - 00002093 _____ C:\Users\**\Desktop\GrampsAIO32 3.4.5-1.lnk
2013-07-07 10:51 - 2013-07-07 10:51 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GrampsAIO
2013-07-07 10:49 - 2013-07-07 10:51 - 00000000 ____D C:\Program Files (x86)\GrampsAIO32
2013-07-07 10:47 - 2013-07-23 02:13 - 00003394 _____ C:\Windows\System32\Tasks\EPUpdater
2013-07-07 10:47 - 2013-07-10 09:31 - 00117760 _____ C:\Windows\system32\provuhrd.exe
2013-07-07 10:47 - 2013-07-07 10:47 - 00121856 _____ C:\Windows\system32\GFilterSvc0.exe
2013-07-07 10:47 - 2013-07-07 10:47 - 00121856 _____ C:\Windows\system32\GFilterSvc.exe
2013-07-07 10:47 - 2013-07-07 10:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-07 10:45 - 2013-07-13 05:56 - 00002155 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-07 10:41 - 2013-07-07 10:41 - 00301552 _____ C:\Users****Downloads\MapsGalaxy.exe
==================== One Month Modified Files and Folders =======
2013-07-24 22:11 - 2013-07-24 22:11 - 00000000 ____D C:\FRST
2013-07-24 22:10 - 2013-07-24 22:10 - 01779761 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-07-24 22:03 - 2013-07-24 22:03 - 00034506 _____ C:\ComboFix.txt
2013-07-24 22:03 - 2013-07-24 21:32 - 00000000 ____D C:\ComboFix
2013-07-24 22:03 - 2013-07-24 21:29 - 00000000 ____D C:\Qoobox
2013-07-24 22:03 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-07-24 21:59 - 2013-07-24 21:28 - 00000000 ____D C:\Windows\erdnt
2013-07-24 21:49 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-07-24 21:45 - 2011-08-26 13:36 - 00000000 ____D C:\Users\***
2013-07-24 21:28 - 2013-07-24 21:28 - 05094311 ____R (Swearware) C:\Users\***\Desktop\ComboFix.exe
2013-07-24 21:25 - 2013-07-24 21:25 - 00004328 _____ C:\Users\***\Desktop\JRT.txt
2013-07-24 21:19 - 2013-07-24 21:19 - 00000000 ____D C:\Windows\ERUNT
2013-07-24 21:18 - 2013-07-24 21:18 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\***\Desktop\JRT.exe
2013-07-24 21:14 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-24 21:14 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-24 21:10 - 2013-07-24 21:10 - 00045882 _____ C:\Users\***\Desktop\AdwCleaner[S2].txt
2013-07-24 21:07 - 2011-09-21 22:24 - 00000000 ____D C:\Users\***\Tracing
2013-07-24 21:03 - 2009-07-14 06:51 - 00113951 _____ C:\Windows\setupact.log
2013-07-24 19:39 - 2010-10-29 17:33 - 02056166 _____ C:\Windows\WindowsUpdate.log
2013-07-24 19:37 - 2013-07-24 19:36 - 00045882 _____ C:\AdwCleaner[S2].txt
2013-07-24 19:36 - 2013-07-24 19:36 - 00000436 _____ C:\AdwCleaner[S1].txt
2013-07-24 19:36 - 2013-07-21 18:11 - 00000000 ____D C:\Users\***\AppData\Local\CrashDumps
2013-07-24 19:35 - 2013-07-24 19:35 - 00000000 ____D C:\Users\***\Qtrax
2013-07-24 19:34 - 2013-07-24 19:34 - 00666633 _____ C:\Users\***\Downloads\adwcleaner.exe
2013-07-24 19:34 - 2013-07-24 19:34 - 00666633 _____ C:\Users\***\Desktop\adwcleaner.exe
2013-07-24 19:31 - 2013-07-24 19:31 - 00000000 ____D C:\Users\***\AppData\Roaming\Zip Opener Packages
2013-07-24 14:54 - 2013-06-12 14:06 - 00000000 ____D C:\Users\***\Desktop\mpm
2013-07-24 14:40 - 2013-07-24 14:40 - 00593434 _____ C:\Users\***\Downloads\36704.txt
2013-07-24 11:29 - 2013-07-24 11:29 - 00131554 _____ C:\Users\***\Desktop\OTL.Txt
2013-07-24 11:29 - 2013-07-24 11:29 - 00075032 _____ C:\Users\***\Desktop\Extras.Txt
2013-07-24 11:16 - 2013-07-24 11:16 - 00602112 _____ (OldTimer Tools) C:\Users\***\Desktop\OTL.exe
2013-07-24 11:13 - 2013-07-23 02:25 - 00000000 ____D C:\Users\***\AppData\Roaming\player
2013-07-24 11:11 - 2013-07-24 11:11 - 00602112 _____ (OldTimer Tools) C:\Users\****\Downloads\OTL.exe
2013-07-24 10:59 - 2013-07-24 10:59 - 00279024 _____ C:\Windows\Minidump\072413-104676-01.dmp
2013-07-24 10:59 - 2013-07-24 10:42 - 00000000 ____D C:\Windows\Minidump
2013-07-24 10:58 - 2013-07-24 10:42 - 631716993 _____ C:\Windows\MEMORY.DMP
2013-07-24 10:47 - 2013-07-24 10:47 - 00271040 _____ C:\Windows\Minidump\072413-102321-01.dmp
2013-07-24 10:46 - 2012-06-24 12:20 - 00106054 _____ C:\Windows\PFRO.log
2013-07-24 10:43 - 2013-07-24 10:42 - 00279024 _____ C:\Windows\Minidump\072413-35443-01.dmp
2013-07-24 10:03 - 2012-06-23 00:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-24 10:01 - 2012-06-23 00:26 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-24 09:29 - 2013-07-13 14:50 - 00001906 _____ C:\Windows\Tasks\Plus-HD-2.5-chromeinstaller.job
2013-07-24 09:28 - 2013-07-13 14:50 - 00001200 _____ C:\Windows\Tasks\Plus-HD-2.5-codedownloader.job
2013-07-24 09:28 - 2013-07-13 14:50 - 00001196 _____ C:\Windows\Tasks\Plus-HD-2.5-updater.job
2013-07-24 09:28 - 2013-07-13 14:50 - 00001100 _____ C:\Windows\Tasks\Plus-HD-2.5-enabler.job
2013-07-23 20:14 - 2013-07-23 02:14 - 00001164 _____ C:\Windows\Tasks\Feven-codedownloader.job
2013-07-23 20:14 - 2013-07-23 02:14 - 00001160 _____ C:\Windows\Tasks\Feven-updater.job
2013-07-23 20:14 - 2013-07-23 02:14 - 00001064 _____ C:\Windows\Tasks\Feven-enabler.job
2013-07-23 20:13 - 2013-07-23 02:13 - 00001860 _____ C:\Windows\Tasks\Feven-chromeinstaller.job
2013-07-23 20:09 - 2012-06-23 00:26 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-23 20:09 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-23 19:38 - 2013-07-23 19:35 - 00000000 ____D C:\Windows\system32\MRT
2013-07-23 19:35 - 2011-08-29 13:18 - 01592818 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-07-23 19:35 - 2010-10-30 03:24 - 00697542 _____ C:\Windows\system32\perfh007.dat
2013-07-23 19:35 - 2010-10-30 03:24 - 00148548 _____ C:\Windows\system32\perfc007.dat
2013-07-23 19:35 - 2009-07-14 07:13 - 01592818 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-23 17:10 - 2011-08-29 13:18 - 00000000 ____D C:\Users\***\AppData\Roaming\SoftGrid Client
2013-07-23 12:47 - 2013-07-23 12:46 - 88425338 _____ C:\Users\***\Desktop\splash! Mag präsentiert_The Notorious H.A.F.T (1).rar
2013-07-23 12:00 - 2012-11-23 20:47 - 00000000 ____D C:\Users\***\.gimp-2.8
2013-07-23 11:59 - 2013-07-23 11:59 - 00000875 _____ C:\Users\***\AppData\Local\recently-used.xbel
2013-07-23 11:50 - 2011-08-26 13:40 - 00000000 ____D C:\Users\***\AppData\Roaming\Adobe
2013-07-23 03:19 - 2009-07-14 06:45 - 00379448 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-23 02:54 - 2013-07-23 02:14 - 00000000 ____D C:\Program Files (x86)\DivX
2013-07-23 02:54 - 2013-07-23 02:11 - 00000000 ____D C:\ProgramData\DivX
2013-07-23 02:53 - 2013-07-23 02:19 - 00000000 ____D C:\Program Files\DivX
2013-07-23 02:25 - 2013-07-23 02:25 - 00000000 ____D C:\Program Files (x86)\Tuguu SL
2013-07-23 02:25 - 2011-08-26 13:37 - 00092456 _____ C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-23 02:20 - 2013-07-15 11:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-07-23 02:19 - 2013-07-23 02:19 - 00000544 _____ C:\Windows\KB893803v2.log
2013-07-23 02:15 - 2013-07-23 02:15 - 00000000 ____D C:\Users\***\AppData\Local\CRE
2013-07-23 02:15 - 2013-07-23 02:14 - 00004190 _____ C:\Windows\System32\Tasks\Feven-updater
2013-07-23 02:15 - 2013-07-23 02:13 - 00000000 ____D C:\Program Files (x86)\Feven
2013-07-23 02:14 - 2013-07-23 02:14 - 00081768 _____ (Conduit) C:\ministub.exe
2013-07-23 02:14 - 2013-07-23 02:14 - 00004194 _____ C:\Windows\System32\Tasks\Feven-codedownloader
2013-07-23 02:14 - 2013-07-23 02:14 - 00004094 _____ C:\Windows\System32\Tasks\Feven-enabler
2013-07-23 02:13 - 2013-07-07 10:47 - 00003394 _____ C:\Windows\System32\Tasks\EPUpdater
2013-07-23 00:21 - 2013-07-16 22:08 - 00000000 ____D C:\Users\***\AppData\Roaming\vlc
2013-07-22 23:43 - 2013-05-28 22:04 - 00000000 ____D C:\Users\***\Desktop\Paul Bewerbungen
2013-07-22 23:37 - 2013-07-22 23:37 - 00000000 ____D C:\Windows\System32\Tasks\Symantec
2013-07-22 23:32 - 2010-09-13 10:20 - 00000000 ____D C:\Windows\system32\Drivers\NISx64
2013-07-21 18:28 - 2013-07-21 18:09 - 00000000 ____D C:\Program Files\Symantec
2013-07-21 18:11 - 2013-07-21 18:11 - 00000000 ____D C:\Users\***\AppData\Roaming\Tific
2013-07-21 18:11 - 2013-07-21 18:11 - 00000000 ____D C:\Users\***\AppData\Local\Symantec
2013-07-21 18:10 - 2010-09-13 10:20 - 00000000 ____D C:\ProgramData\Norton
2013-07-21 18:09 - 2013-07-21 18:09 - 00173616 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2013-07-21 18:09 - 2013-07-21 18:09 - 00007440 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2013-07-21 18:09 - 2013-07-21 18:09 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-07-20 21:40 - 2013-07-20 21:40 - 00003436 _____ C:\Windows\System32\Tasks\BrowserDefendert
2013-07-19 15:51 - 2013-06-10 10:44 - 00000432 _____ C:\Windows\BRWMARK.INI
2013-07-17 20:58 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-16 22:03 - 2013-07-16 22:02 - 00001396 _____ C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
2013-07-16 22:02 - 2013-07-16 22:02 - 00000000 ____D C:\ProgramData\TorchCrashHandler
2013-07-15 22:56 - 2012-06-23 00:26 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-15 22:56 - 2012-06-23 00:26 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-14 14:18 - 2013-07-14 14:18 - 00000982 _____ C:\Users\***\Desktop\FRITZ!Box Benutzeroberfläche.lnk
2013-07-13 23:49 - 2013-03-13 18:56 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-13 23:49 - 2013-03-13 18:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-13 23:49 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-13 23:49 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-13 21:28 - 2012-03-03 14:37 - 00000039 _____ C:\Windows\vbaddin.ini
2013-07-13 21:27 - 2009-07-14 04:34 - 00000534 _____ C:\Windows\win.ini
2013-07-13 21:20 - 2009-07-14 09:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-13 20:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-07-13 20:59 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-07-13 20:58 - 2012-07-03 20:05 - 00000000 ____D C:\ProgramData\Real
2013-07-13 20:12 - 2013-07-13 20:12 - 00000000 ____D C:\found.000
2013-07-13 19:37 - 2013-07-13 19:37 - 01084727 _____ C:\Users\***\AppData\Local\2433f433
2013-07-13 16:05 - 2013-06-10 10:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-13 15:05 - 2013-07-13 15:05 - 00000000 ____D C:\Lxk2200
2013-07-13 14:54 - 2013-06-10 10:16 - 00002058 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-07-13 14:52 - 2013-07-13 14:52 - 00000000 ____D C:\Program Files (x86)\FileOpenerPro
2013-07-13 14:50 - 2013-07-13 14:50 - 00004230 _____ C:\Windows\System32\Tasks\Plus-HD-2.5-codedownloader
2013-07-13 14:50 - 2013-07-13 14:50 - 00004226 _____ C:\Windows\System32\Tasks\Plus-HD-2.5-updater
2013-07-13 14:50 - 2013-07-13 14:50 - 00004130 _____ C:\Windows\System32\Tasks\Plus-HD-2.5-enabler
2013-07-13 14:50 - 2013-07-13 14:50 - 00000000 ____D C:\Users\***\AppData\Local\AOL Deutschland Toolbar
2013-07-13 14:50 - 2013-07-13 14:50 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.5
2013-07-13 14:49 - 2013-07-13 14:49 - 00001228 _____ C:\Users\***\Desktop\Create Amazing Presentations.lnk
2013-07-13 14:49 - 2013-07-13 14:49 - 00001228 _____ C:\Users\**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk
2013-07-13 14:49 - 2013-07-13 14:49 - 00000000 ____D C:\Users\***\AppData\Local\emaze
2013-07-13 14:49 - 2013-07-13 14:49 - 00000000 ____D C:\ProgramData\AOL Deutschland Toolbar
2013-07-13 14:49 - 2013-07-13 14:49 - 00000000 ____D C:\Program Files (x86)\AOL Deutschland Toolbar
2013-07-13 14:48 - 2013-07-13 14:48 - 00000000 _____ C:\extensions.sqlite
2013-07-13 08:48 - 2012-07-03 20:10 - 00000000 ____D C:\Users\***\AppData\Roaming\Real
2013-07-13 08:45 - 2012-07-03 20:11 - 00003344 _____ C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-538976363-1389243005-1723249960-1001
2013-07-13 08:45 - 2012-07-03 20:11 - 00003212 _____ C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-538976363-1389243005-1723249960-1001
2013-07-13 05:56 - 2013-07-07 10:45 - 00002155 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-12 19:11 - 2013-07-12 19:11 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-12 19:11 - 2013-07-12 19:11 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-12 17:02 - 2013-07-12 17:01 - 00002975 _____ C:\Windows\avmadd32.log
2013-07-12 17:02 - 2013-07-12 17:01 - 00002492 _____ C:\Windows\avmadd321.log
2013-07-12 17:02 - 2013-07-12 17:01 - 00000000 ____D C:\Program Files (x86)\FRITZ!Box
2013-07-12 17:01 - 2013-07-12 17:01 - 00000000 ____D C:\Program Files (x86)\FRITZ!BoxPrint
2013-07-10 15:38 - 2013-07-10 15:38 - 51187712 _____ C:\Users\***\Downloads\wz175-32gev.msi
2013-07-10 15:35 - 2013-07-10 15:34 - 00000000 ____D C:\Users\***\AppData\Roaming\WinRAR
2013-07-10 15:34 - 2013-07-10 15:34 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-10 15:34 - 2013-07-10 15:34 - 00000000 ____D C:\Program Files (x86)\WinRAR
2013-07-10 09:31 - 2013-07-07 10:47 - 00117760 _____ C:\Windows\system32\provuhrd.exe
2013-07-07 14:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-07 10:52 - 2013-07-07 10:52 - 00000000 ____D C:\Users\***\AppData\Roaming\gramps
2013-07-07 10:51 - 2013-07-07 10:51 - 00002096 _____ C:\Users\***\Desktop\GrampsAIO32 3.4.5-1 Console.lnk
2013-07-07 10:51 - 2013-07-07 10:51 - 00002093 _____ C:\Users\***\Desktop\GrampsAIO32 3.4.5-1.lnk
2013-07-07 10:51 - 2013-07-07 10:51 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GrampsAIO
2013-07-07 10:51 - 2013-07-07 10:49 - 00000000 ____D C:\Program Files (x86)\GrampsAIO32
2013-07-07 10:49 - 2013-02-15 18:53 - 00001530 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-07-07 10:47 - 2013-07-07 10:47 - 00121856 _____ C:\Windows\system32\GFilterSvc0.exe
2013-07-07 10:47 - 2013-07-07 10:47 - 00121856 _____ C:\Windows\system32\GFilterSvc.exe
2013-07-07 10:47 - 2013-07-07 10:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-07 10:41 - 2013-07-07 10:41 - 00301552 _____ C:\Users\***\Downloads\MapsGalaxy.exe
2013-07-05 20:20 - 2011-08-26 13:54 - 00000000 ____D C:\Users\***\AppData\Local\Microsoft Games
2013-07-02 14:00 - 2012-12-25 14:26 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-06-27 15:36 - 2013-05-08 12:22 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-06-27 09:44 - 2013-06-10 10:16 - 00000000 ____D C:\Users\***\AppData\Local\Thunderbird
2013-06-26 13:31 - 2013-06-10 10:44 - 00000034 _____ C:\Windows\SysWOW64\BD2030.DAT
2013-06-24 00:57 - 2013-07-14 01:34 - 78277128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-15 10:09
==================== End Of Log ============================
--- --- --- Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-07-2013
Ran by *** at 2013-07-24 22:12:57
Running from C:\Users\***\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
64 Bit HP CIO Components Installer (Version: 6.2.1)
AAVUpdateManager (x32 Version: 18.00.0000)
Acrobat.com (x32 Version: 1.6.65)
Adobe AIR (x32 Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Photoshop Elements 8.0 (x32 Version: 8.0)
Adobe Photoshop Lightroom 3.3 (x32 Version: 3.3.1)
Adobe Photoshop Lightroom 3.3 64-bit (Version: 3.3.1)
Adobe Reader 9.2 MUI (x32 Version: 9.2.0)
Advertising Center (x32 Version: 0.0.0.2)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95)
AOL Deutschland Toolbar (HKCU)
AOL Deutschland Toolbar (x32)
Apple Application Support (x32 Version: 2.1.5)
Apple Software Update (x32 Version: 2.1.3.127)
Arclab Thumb Studio 2.11 (x32)
ArcSoft PhotoStudio 6 (x32 Version: 6.0.1.148)
Avira Free Antivirus (x32 Version: 13.0.0.3884)
AVM FRITZ!Box Dokumentation (x32)
AVM FRITZ!Box Druckeranschluss (x32)
B109n-z (x32 Version: 130.0.396.000)
Backup Manager Basic (x32 Version: 2.0.0.68)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95)
Bing Bar (x32 Version: 7.1.361.0)
Broadcom Gigabit NetLink Controller (Version: 14.0.2.3)
BufferChm (x32 Version: 130.0.331.000)
Build-a-lot 2 (x32 Version: 2.2.0.95)
Calme Version 2012 (x32 Version: 2012)
Canon MP Navigator EX 2.0 (x32)
Canon Utilities Solution Menu (x32)
CanoScan 5600F Scanner Driver
Chuzzle Deluxe (x32 Version: 2.2.0.95)
CloneDVD2 (x32 Version: 2.9.3.0)
DATA BECKER Meine Homepage 3 (x32 Version: 3.00.0000)
Destinations (x32 Version: 130.0.0.0)
DeviceDiscovery (x32 Version: 130.0.372.000)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95)
DMUninstaller (x32)
DVD-Verwaltung V3 (x32 Version: 3.60.00)
eBay Worldwide (x32 Version: 2.1.0901)
Farm Frenzy (x32 Version: 2.2.0.95)
FATE (x32 Version: 2.2.0.95)
Feven (x32 Version: 1.27.153.6)
File Opener Pro (x32)
Final Drive Nitro (x32 Version: 2.2.0.95)
GIMP 2.8.2 (Version: 2.8.2)
Google Chrome (x32 Version: 28.0.1500.72)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4209.2358)
Google Update Helper (x32 Version: 1.3.21.153)
GPBaseService2 (x32 Version: 130.0.371.000)
GrampsAIO32 (x32 Version: 3.4.5-1)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Wireless B109n-z All-In-One Driver Software 13.0 Rel .6
HP Print Projects 1.0 (Version: 1.0)
HP Smart Web Printing 4.5 (Version: 4.5)
HP Solution Center 13.0 (Version: 13.0)
HP Update (x32 Version: 4.000.011.006)
HPPhotoGadget (x32 Version: 130.0.282.000)
hpPrintProjects (x32 Version: 130.0.303.000)
HPProductAssistant (x32 Version: 130.0.371.000)
HPSSupply (x32 Version: 130.0.371.000)
hpWLPGInstaller (x32 Version: 130.0.303.000)
Identity Card (x32 Version: 1.00.3003)
ImagXpress (x32 Version: 7.0.74.0)
Iminent (x32 Version: 6.27.21.0)
Incomedia WebSite X5 v8 - Express (x32)
Inkjet Printer/Scanner Extended Survey Program (x32)
Insaniquarium Deluxe (x32 Version: 2.2.0.95)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Graphics Media Accelerator Driver (x32 Version: 8.15.10.2182)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179)
Intel(R) Rapid Storage Technology (x32 Version: 9.6.2.1001)
Internet-TV für Windows Media Center (x32 Version: 4.2.2.0)
Java Auto Updater (x32 Version: 2.0.7.1)
Java(TM) 6 Update 31 (x32 Version: 6.0.310)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95)
John Deere Drive Green (x32 Version: 2.2.0.95)
Junk Mail filter update (x32 Version: 14.0.8117.416)
Kegelbuch V2.0 (x32)
Launch Manager (x32 Version: 4.0.14)
MarketResearch (x32 Version: 130.0.374.000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office FrontPage 2003 (x32 Version: 11.0.8173.0)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office OneNote 2003 (x32 Version: 11.0.8173.0)
Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0)
Microsoft Office Project Professional 2003 (x32 Version: 11.0.8173.0)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000)
Microsoft Office Visio Professional 2003 (x32 Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Maintenance Service (x32 Version: 17.0.6)
Mozilla Thunderbird 17.0.6 (x86 de) (x32 Version: 17.0.6)
Mozilla Thunderbird 17.0.7 (x86 de) (x32 Version: 17.0.7)
MSVCRT (x32 Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Nero 9 Essentials (x32)
Nero ControlCenter (x32 Version: 9.0.0.1)
Nero DiscSpeed (x32 Version: 5.4.13.100)
Nero DiscSpeed Help (x32 Version: 5.4.4.100)
Nero DriveSpeed (x32 Version: 4.4.12.100)
Nero DriveSpeed Help (x32 Version: 4.4.4.100)
Nero Express Help (x32 Version: 9.4.37.100)
Nero InfoTool (x32 Version: 6.4.12.100)
Nero InfoTool Help (x32 Version: 6.4.4.100)
Nero Installer (x32 Version: 4.4.9.0)
Nero Online Upgrade (x32 Version: 1.3.0.0)
Nero StartSmart (x32 Version: 9.4.37.100)
Nero StartSmart Help (x32 Version: 9.4.27.100)
Nero StartSmart OEM (x32 Version: 9.4.10.100)
NeroExpress (x32 Version: 9.4.37.100)
neroxml (x32 Version: 1.0.0)
Network64 (Version: 130.0.572.000)
Norton Internet Security (x32 Version: 18.7.2.3)
Norton Online Backup (x32 Version: 2.1.17869)
Packard Bell Games (x32 Version: 1.0.1.3)
Packard Bell InfoCentre (x32 Version: 3.02.3000)
Packard Bell MyBackup (x32 Version: 2.0.0.68)
Packard Bell Power Management (x32 Version: 5.00.3005)
Packard Bell Recovery Management (x32 Version: 4.05.3013)
Packard Bell Registration (x32 Version: 1.03.3003)
Packard Bell ScreenSaver (x32 Version: 1.1.0806.2010)
Packard Bell Social Networks (x32 Version: 1.0.1901)
Packard Bell Updater (x32 Version: 1.02.3001)
Penguins! (x32 Version: 2.2.0.95)
PHOTOfunSTUDIO 5.0 HD Edition (x32 Version: 5.00.320)
Plants vs. Zombies (x32 Version: 2.2.0.95)
Plus-HD-2.5 (x32 Version: 1.27.153.5)
Polar Bowler (x32 Version: 2.2.0.95)
Polar Golfer (x32 Version: 2.2.0.95)
PS_AIO_06_B109n-z_SW_Min (x32 Version: 130.0.396.000)
QuickTime (x32 Version: 7.71.80.42)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6141)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30122)
RealUpgrade 1.1 (x32 Version: 1.1.0)
Scan (x32 Version: 13.0.0.0)
Shop for HP Supplies (Version: 13.0)
SILKYPIX Developer Studio 3.1 SE (x32 Version: 3)
Skype™ 6.0 (x32 Version: 6.0.126)
SmartWebPrinting (x32 Version: 130.0.373.000)
SolutionCenter (x32 Version: 130.0.373.000)
Status (x32 Version: 130.0.373.000)
steuern sparen 2012 (x32 Version: 17.11)
Toolbox (x32 Version: 130.0.648.000)
Total Immersion D'Fusion @Home Web Plug-In (x32)
TrayApp (x32 Version: 130.0.376.000)
Überwachungstool für die Intel® Turbo-Boost-Technik (Version: 1.0.186.6)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update Installer for WildTangent Games App (x32)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
Video Web Camera (x32 Version: 0.5.37.3)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95)
Ware PS/2-x64 7.0.6.5_WHQL (Version: 7.0.6.5)
WebReg (x32 Version: 130.0.132.017)
Welcome Center (x32 Version: 1.02.3004)
WildTangent Games App (Packard Bell Games) (x32 Version: 4.0.5.31)
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5)
Windows Live Call (x32 Version: 14.0.8117.0416)
Windows Live Communications Platform (x32 Version: 14.0.8117.416)
Windows Live Essentials (x32 Version: 14.0.8117.0416)
Windows Live Essentials (x32 Version: 14.0.8117.416)
Windows Live Fotogalerie (x32 Version: 14.0.8117.416)
Windows Live Mail (x32 Version: 14.0.8117.0416)
Windows Live Messenger (x32 Version: 14.0.8117.0416)
Windows Live Movie Maker (x32 Version: 14.0.8117.0416)
Windows Live Sync (x32 Version: 14.0.8117.416)
Windows Live Writer (x32 Version: 14.0.8117.0416)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)
Windows Media Center Add-in for Silverlight (x32 Version: 4.7.3.0)
WinRAR 4.20 (32-Bit) (x32 Version: 4.20.0)
Yahoo! Toolbar (x32)
Zip Opener Packages (HKCU)
Zuma Deluxe (x32 Version: 2.2.0.95)
Zuma's Revenge (x32 Version: 2.2.0.95)
==================== Restore Points =========================
21-07-2013 19:40:31 Geplanter Prüfpunkt
23-07-2013 01:30:00 Windows Update
24-07-2013 08:38:58 Wiederherstellungsvorgang
24-07-2013 09:12:42 Quitado VAFPlayer
==================== Hosts content: ==========================
2009-07-14 04:34 - 2013-07-24 21:48 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {2803F4A8-C895-412B-8463-8F633CCFB559} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2009-07-14] (Microsoft Corporation)
Task: {2B40CA5C-B1AB-48A9-A52F-7ABB77008458} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-23] (Google Inc.)
Task: {2F6357A3-D1AE-41B7-8A3B-6DA4DCEEABDE} - System32\Tasks\Feven-updater => C:\Program Files (x86)\Feven\Feven-updater.exe [2013-07-23] (Feven)
Task: {3083265C-107C-4222-AD9F-6F019FA56E38} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {40274062-BEB0-4F8C-AD83-2DB8947CA6E4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-23] (Google Inc.)
Task: {46B65791-2C6D-46D6-8879-0377381E4A91} - System32\Tasks\Plus-HD-2.5-updater => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-updater.exe [2013-07-13] (Plus HD)
Task: {484E80F2-2D24-48A4-9553-B704477907F1} - System32\Tasks\Plus-HD-2.5-chromeinstaller => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-chromeinstaller.exe [2013-07-13] (Plus HD)
Task: {660E5618-D371-4D02-9697-03FBCB37230F} - System32\Tasks\Symantec\Norton Error Processor 18.7.2.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-08] (Symantec Corporation)
Task: {6AC9F8DF-2BB7-48C7-9F23-ABBE6C720CA3} - System32\Tasks\Symantec\Norton Error Analyzer 18.7.2.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-08] (Symantec Corporation)
Task: {6B5EFB0D-FD4A-477E-AF7F-64AA988481A8} - System32\Tasks\EPUpdater => C:\Users\Ulrike\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe No File
Task: {73BAF328-D71D-4783-B600-91FC5001D62D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {7B8F51A6-C500-444E-A676-061ED9C27C95} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {8A09202C-4D51-481B-97FD-11DDAF8720F2} - System32\Tasks\Feven-codedownloader => C:\Program Files (x86)\Feven\Feven-codedownloader.exe [2013-07-23] (Feven)
Task: {9D268C70-F400-4B97-9583-2A5EC989D487} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-538976363-1389243005-1723249960-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-06-21] (RealNetworks, Inc.)
Task: {A0337E54-A674-4F4A-9978-E928F7A339F2} - System32\Tasks\Feven-chromeinstaller => C:\Program Files (x86)\Feven\Feven-chromeinstaller.exe [2013-07-23] (Feven)
Task: {A65704D1-D32F-4816-8DC8-FF4D6D53248E} - System32\Tasks\Plus-HD-2.5-codedownloader => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-codedownloader.exe [2013-07-13] (Plus HD)
Task: {B01D21B3-79AA-4997-BDBC-4F0D3A97685C} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe No File
Task: {BFD30FDD-D895-4B60-8F52-242833AA9C7D} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe No File
Task: {D351459C-0936-442E-8B35-973BF70B286A} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-538976363-1389243005-1723249960-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-06-21] (RealNetworks, Inc.)
Task: {D414980A-C6F6-40E3-9FA9-4B9448519819} - System32\Tasks\Feven-enabler => C:\Program Files (x86)\Feven\Feven-enabler.exe [2013-07-23] (Feven)
Task: {EB224426-35EA-430D-B3FD-C264F51AD798} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: {F4E1B981-079B-4BF2-9E24-B277C7BC64BF} - System32\Tasks\Plus-HD-2.5-enabler => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-enabler.exe [2013-07-13] (Plus HD)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Feven-chromeinstaller.job => C:\Program Files (x86)\Feven\Feven-chromeinstaller.exe
Task: C:\Windows\Tasks\Feven-codedownloader.job => C:\Program Files (x86)\Feven\Feven-codedownloader.exe
Task: C:\Windows\Tasks\Feven-enabler.job => C:\Program Files (x86)\Feven\Feven-enabler.exe
Task: C:\Windows\Tasks\Feven-updater.job => C:\Program Files (x86)\Feven\Feven-updater.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Plus-HD-2.5-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-chromeinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-2.5-codedownloader.job => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-codedownloader.exe
Task: C:\Windows\Tasks\Plus-HD-2.5-enabler.job => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-enabler.exe
Task: C:\Windows\Tasks\Plus-HD-2.5-updater.job => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-updater.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (07/24/2013 09:49:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (07/24/2013 09:47:49 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (07/24/2013 09:44:41 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (07/24/2013 09:40:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (07/24/2013 09:29:20 PM) (Source: Service Control Manager) (User: )
Description: Dienst "hpqcxs08" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.
Error: (07/24/2013 09:28:53 PM) (Source: Service Control Manager) (User: )
Description: Dienst "HP CUE DeviceDiscovery Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/24/2013 09:28:53 PM) (Source: Service Control Manager) (User: )
Description: Dienst "hpqcxs08" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-07-24 21:44:41.907
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-07-24 21:44:41.767
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 48%
Total physical RAM: 3766.71 MB
Available physical RAM: 1934.17 MB
Total Pagefile: 7531.61 MB
Available Pagefile: 5707.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Packard Bell) (Fixed) (Total:284.99 GB) (Free:208.29 GB) NTFS (Disk=0 Partition=3)
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: C0EEA96E)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)
==================== End Of Log ============================
DANKE nochmal! |
|
25.07.2013, 22:25
| #5 |
| /// Malwareteam | TR/Ransom.Blocker mein OTL-Log Hi so der größte Müll sollte runter sein  Schritt 1 Combofix-Skript
Und ein neues FRST-log bitte.
__________________ Keep Jazzing!  DerJazzer Imperare sibi maximum imperium est. ©Seneca Wenn du uns unterstützen möchtest | http://www.anaesthesist-werden.de/ |
|
26.07.2013, 09:05
| #6 |
| | TR/Ransom.Blocker mein OTL-Log gemacht. Log: Code:
ATTFilter ComboFix 13-07-25.02 - *** 26.07.2013 0:25.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3767.2451 [GMT 2:00]
ausgeführt von:: c:\users\***\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\***\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\DNSErrorHelper
c:\programdata\DNSErrorHelper\bho.dll
c:\users\Ulrike\AppData\Local\2433f433
c:\windows\system32\provuhrd.exe
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_dfrgui32
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-06-25 bis 2013-07-25 ))))))))))))))))))))))))))))))
.
.
2013-07-25 23:17 . 2013-07-25 23:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-25 23:17 . 2013-07-25 23:17 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-07-24 20:11 . 2013-07-24 20:11 -------- d-----w- C:\FRST
2013-07-24 19:19 . 2013-07-24 19:19 -------- d-----w- c:\windows\ERUNT
2013-07-24 17:35 . 2013-07-24 17:35 -------- d-----w- c:\users\***\Qtrax
2013-07-24 17:31 . 2013-07-24 17:31 -------- d-----w- c:\users\***\AppData\Roaming\Zip Opener Packages
2013-07-23 17:35 . 2013-07-23 17:38 -------- d-----w- c:\windows\system32\MRT
2013-07-23 00:26 . 2013-07-23 00:26 -------- d-----w- c:\program files\Uninstaller
2013-07-23 00:25 . 2013-07-24 09:13 -------- d-----w- c:\users\***\AppData\Roaming\player
2013-07-23 00:25 . 2013-07-23 00:25 -------- d-----w- c:\program files (x86)\Tuguu SL
2013-07-23 00:19 . 2013-07-23 00:53 -------- d-----w- c:\program files\DivX
2013-07-23 00:18 . 2013-07-23 01:16 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared
2013-07-23 00:15 . 2013-07-23 00:15 -------- d-----w- c:\users\***\AppData\Local\CRE
2013-07-23 00:14 . 2013-07-23 00:14 81768 ----a-w- C:\ministub.exe
2013-07-23 00:14 . 2013-07-23 00:54 -------- d-----w- c:\program files (x86)\DivX
2013-07-23 00:13 . 2013-07-23 00:15 -------- d-----w- c:\program files (x86)\Feven
2013-07-23 00:11 . 2013-07-23 00:54 -------- d-----w- c:\programdata\DivX
2013-07-22 12:17 . 2013-07-22 21:25 -------- d-----w- c:\windows\system32\drivers\NISx64\1207020.003
2013-07-21 16:29 . 2013-07-21 16:29 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2013-07-21 16:11 . 2013-07-21 16:11 -------- d-----w- c:\users\***\AppData\Roaming\Tific
2013-07-21 16:11 . 2013-07-21 16:11 -------- d-----w- c:\users\***\AppData\Local\Symantec
2013-07-21 16:11 . 2013-07-24 17:36 -------- d-----w- c:\users\***\AppData\Local\CrashDumps
2013-07-21 16:09 . 2013-07-21 16:28 -------- d-----w- c:\program files\Symantec
2013-07-21 16:09 . 2013-07-21 16:09 173616 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-07-21 16:09 . 2013-07-21 16:09 -------- d-----w- c:\program files\Common Files\Symantec Shared
2013-07-16 20:08 . 2013-07-22 22:21 -------- d-----w- c:\users\***\AppData\Roaming\vlc
2013-07-16 20:02 . 2013-07-16 20:02 -------- d-----w- c:\programdata\TorchCrashHandler
2013-07-15 09:14 . 2013-07-23 00:20 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2013-07-13 18:12 . 2013-07-13 18:12 -------- d-----w- C:\found.000
2013-07-13 13:05 . 2013-07-13 13:05 -------- d-----w- C:\Lxk2200
2013-07-13 12:52 . 2013-07-13 12:52 -------- d-----w- c:\program files (x86)\FileOpenerPro
2013-07-13 12:50 . 2013-07-13 12:50 -------- d-----w- c:\users\***\AppData\Local\AOL Deutschland Toolbar
2013-07-13 12:50 . 2013-07-13 12:50 -------- d-----w- c:\program files (x86)\Plus-HD-2.5
2013-07-13 12:49 . 2013-07-13 12:49 -------- d-----w- c:\users\***\AppData\Local\emaze
2013-07-13 12:49 . 2013-07-13 12:49 -------- d-----w- c:\program files (x86)\AOL Deutschland Toolbar
2013-07-13 12:49 . 2013-07-13 12:49 -------- d-----w- c:\programdata\AOL Deutschland Toolbar
2013-07-12 17:11 . 2013-07-12 17:11 -------- d-----w- c:\windows\SysWow64\searchplugins
2013-07-12 17:11 . 2013-07-12 17:11 -------- d-----w- c:\windows\SysWow64\Extensions
2013-07-12 15:02 . 2006-12-14 12:42 69120 ----a-r- c:\windows\SysWow64\avmadd32.dll
2013-07-12 15:01 . 2006-05-29 01:00 16384 ----a-r- c:\windows\SysWow64\avmprmon.dll
2013-07-12 15:01 . 2013-07-12 15:02 -------- d-----w- c:\program files (x86)\FRITZ!Box
2013-07-07 08:52 . 2013-07-07 08:52 -------- d-----w- c:\users\****\AppData\Roaming\gramps
2013-07-07 08:49 . 2013-07-07 08:51 -------- d-----w- c:\program files (x86)\GrampsAIO32
2013-07-07 08:47 . 2013-07-07 08:47 121856 ----a-w- c:\windows\system32\GFilterSvc0.exe
2013-07-07 08:47 . 2013-07-07 08:47 121856 ----a-w- c:\windows\system32\GFilterSvc.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-12 19:17 . 2011-08-26 12:00 893552 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-07-12 19:17 . 2011-08-26 11:50 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-07-12 19:17 . 2011-08-26 11:50 1236816 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-07-03 17:31 . 2012-03-04 08:21 893552 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-07-03 17:31 . 2012-03-04 08:21 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-06-27 13:36 . 2013-05-08 10:22 83672 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-06-26 08:41 . 2011-10-11 12:07 1236816 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-06-12 11:03 . 2012-06-22 22:26 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 11:03 . 2012-06-22 22:26 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-13 05:51 . 2013-06-12 21:02 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-12 21:02 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-12 21:02 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-12 21:02 52224 ----a-w- c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-12 21:02 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-12 21:02 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-12 21:02 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-12 21:02 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-12 21:02 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-12 21:02 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-05-10 05:49 . 2013-06-12 21:02 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-05-10 03:20 . 2013-06-12 21:02 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-05-08 10:25 . 2013-05-08 10:25 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-05-08 10:25 . 2013-05-08 10:25 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-05-08 10:25 . 2013-05-08 10:25 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-05-08 10:25 . 2013-05-08 10:25 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-05-08 10:25 . 2013-05-08 10:25 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-05-08 10:25 . 2013-05-08 10:25 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-08 10:25 . 2013-05-08 10:25 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-08 10:25 . 2013-05-08 10:25 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-05-08 10:25 . 2013-05-08 10:25 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-05-08 10:25 . 2013-05-08 10:25 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-05-08 10:25 . 2013-05-08 10:25 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-05-08 10:25 . 2013-05-08 10:25 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-05-08 10:25 . 2013-05-08 10:25 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-05-08 10:25 . 2013-05-08 10:25 216064 ----a-w- c:\windows\system32\msls31.dll
2013-05-08 10:25 . 2013-05-08 10:25 197120 ----a-w- c:\windows\system32\msrating.dll
2013-05-08 10:25 . 2013-05-08 10:25 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-05-08 10:25 . 2013-05-08 10:25 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-05-08 10:25 . 2013-05-08 10:25 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-05-08 10:25 . 2013-05-08 10:25 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-05-08 10:25 . 2013-05-08 10:25 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-05-08 10:25 . 2013-05-08 10:25 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-05-08 10:25 . 2013-05-08 10:25 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-05-08 10:25 . 2013-05-08 10:25 81408 ----a-w- c:\windows\system32\icardie.dll
2013-05-08 10:25 . 2013-05-08 10:25 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-05-08 10:25 . 2013-05-08 10:25 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-05-08 10:25 . 2013-05-08 10:25 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-05-08 10:25 . 2013-05-08 10:25 441856 ----a-w- c:\windows\system32\html.iec
2013-05-08 10:25 . 2013-05-08 10:25 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-05-08 10:25 . 2013-05-08 10:25 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-08 10:25 . 2013-05-08 10:25 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-05-08 10:25 . 2013-05-08 10:25 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-05-08 10:25 . 2013-05-08 10:25 235008 ----a-w- c:\windows\system32\url.dll
2013-05-08 10:25 . 2013-05-08 10:25 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-05-08 10:25 . 2013-05-08 10:25 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-05-08 10:25 . 2013-05-08 10:25 144896 ----a-w- c:\windows\system32\wextract.exe
2013-05-08 10:25 . 2013-05-08 10:25 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-05-08 10:25 . 2013-05-08 10:25 102912 ----a-w- c:\windows\system32\inseng.dll
2013-05-08 10:25 . 2013-05-08 10:25 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-05-08 10:25 . 2013-05-08 10:25 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-05-08 10:25 . 2013-05-08 10:25 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-05-08 10:25 . 2013-05-08 10:25 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-05-08 10:25 . 2013-05-08 10:25 149504 ----a-w- c:\windows\system32\occache.dll
2013-05-08 10:25 . 2013-05-08 10:25 13824 ----a-w- c:\windows\system32\mshta.exe
2013-05-08 10:25 . 2013-05-08 10:25 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-05-08 10:25 . 2013-05-08 10:25 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-05-08 10:25 . 2013-05-08 10:25 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-05-08 10:25 . 2013-05-08 10:25 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-05-08 10:25 . 2013-05-08 10:25 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-05-08 10:25 . 2013-05-08 10:25 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-05-08 10:24 . 2013-05-08 10:24 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-05-08 10:24 . 2013-05-08 10:24 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-05-08 10:24 . 2013-05-08 10:24 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-05-08 10:24 . 2013-05-08 10:24 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-05-08 10:24 . 2013-05-08 10:24 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-05-08 10:24 . 2013-05-08 10:24 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-05-08 10:24 . 2013-05-08 10:24 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-05-08 10:24 . 2013-05-08 10:24 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-05-08 10:24 . 2013-05-08 10:24 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-05-08 10:24 . 2013-05-08 10:24 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-05-08 10:24 . 2013-05-08 10:24 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-08 10:24 . 2013-05-08 10:24 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-05-08 10:24 . 2013-05-08 10:24 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" [2010-06-28 263936]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"VideoWebCamera"="c:\program files (x86)\VideoWebCamera\VideoWebCamera.exe" [2010-05-26 1545568]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-06-27 345144]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
Microsoft Office OneNote 2003 Schnellstart.lnk - c:\program files (x86)\Microsoft Office\OFFICE11\ONENOTEM.EXE /tsr [2007-4-19 64864]
PHOTOfunSTUDIO 5.0 HD Edition.lnk - c:\program files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe -e "c:\program files (x86)\Panasonic\PHOTOfunSTUDIO 5.0 HD\PHOTOfunSTUDIO.exe" [2012-1-29 170480]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1207020.003\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1207020.003\SYMEFA64.SYS [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20130715.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20130724.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20130724.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1207020.003\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1207020.003\SYMNETS.SYS [x]
S2 AAV UpdateService;AAV UpdateService;c:\program files (x86)\AAVUpdateManager\aavus.exe;c:\program files (x86)\AAVUpdateManager\aavus.exe [x]
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-13 03:54 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-22 11:03]
.
2013-07-23 c:\windows\Tasks\Feven-chromeinstaller.job
- c:\program files (x86)\Feven\Feven-chromeinstaller.exe [2013-07-23 00:13]
.
2013-07-23 c:\windows\Tasks\Feven-codedownloader.job
- c:\program files (x86)\Feven\Feven-codedownloader.exe [2013-07-23 00:13]
.
2013-07-23 c:\windows\Tasks\Feven-enabler.job
- c:\program files (x86)\Feven\Feven-enabler.exe [2013-07-23 00:14]
.
2013-07-23 c:\windows\Tasks\Feven-updater.job
- c:\program files (x86)\Feven\Feven-updater.exe [2013-07-23 00:14]
.
2013-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-22 22:26]
.
2013-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-22 22:26]
.
2013-07-24 c:\windows\Tasks\Plus-HD-2.5-chromeinstaller.job
- c:\program files (x86)\Plus-HD-2.5\Plus-HD-2.5-chromeinstaller.exe [2013-07-13 12:50]
.
2013-07-24 c:\windows\Tasks\Plus-HD-2.5-codedownloader.job
- c:\program files (x86)\Plus-HD-2.5\Plus-HD-2.5-codedownloader.exe [2013-07-13 12:50]
.
2013-07-24 c:\windows\Tasks\Plus-HD-2.5-enabler.job
- c:\program files (x86)\Plus-HD-2.5\Plus-HD-2.5-enabler.exe [2013-07-13 12:50]
.
2013-07-24 c:\windows\Tasks\Plus-HD-2.5-updater.job
- c:\program files (x86)\Plus-HD-2.5\Plus-HD-2.5-updater.exe [2013-07-13 12:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-23 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-23 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-23 415256]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-06-09 206208]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2010-06-11 861216]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-11 689488]
"Ocs_SM"="c:\users\***\AppData\Roaming\OCS\SM\SearchAnonymizer.exe" [BU]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{9B6B03F1-16CF-4491-BBBB-E872802DD717} - c:\programdata\DNSErrorHelper\bho.dll
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-Incomedia WebSite X5 v8 - Express - c:\windows\system32\iwpsetup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\diMaster.dll\" /prefetch:1"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\SecuROM\License information*]
"datasecu"=hex:f1,ae,b4,eb,6a,67,78,c9,02,84,f2,08,97,a1,7f,78,fb,5f,a6,a6,bb,
f9,0c,25,d3,8b,4e,f3,6f,6a,cb,84,ce,8a,db,1e,0f,f6,24,19,70,e5,5e,f6,b6,0c,\
"rkeysecu"=hex:0c,3f,b6,0e,01,a6,ec,6e,1c,e6,bb,93,33,49,d6,b5
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\bgsvcgen.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-07-26 01:39:02 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-07-25 23:38
ComboFix2.txt 2013-07-24 20:03
.
Vor Suchlauf: 17 Verzeichnis(se), 222.991.261.696 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 220.715.343.872 Bytes frei
.
- - End Of File - - 2826D644BBE80F4BC56FD350F9665948
D41D8CD98F00B204E9800998ECF8427E
Hochladen war erfolgreich
FRST kann ich nochmal gleich auf der Arbeit machen neues FRST Log FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2013
Ran by *** (administrator) on 26-07-2013 09:51:54
Running from C:\Users\***\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Windows\PLFSetI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\AAVUpdateManager\aavus.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Adobe Systems Incorporated) c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(B.H.A Corporation) C:\Windows\SysWOW64\bgsvcgen.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Panasonic Corporation) C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Acer Group) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
(Suyin) C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\system32\PrintIsolationHost.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [206208 2010-06-09] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-11] (CANON INC.)
HKLM\...\Run: [Ocs_SM] - C:\Users\***\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [x]
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [BackupManagerTray] - "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k [263936 2010-06-29] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [35696 2009-10-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VideoWebCamera] - "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a [1545568 2010-05-26] (Suyin)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [935288 2009-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe /default [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe /default [154144 2010-07-29] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Schnellstart.lnk
ShortcutTarget: Microsoft Office OneNote 2003 Schnellstart.lnk -> C:\Program Files (x86)\Microsoft Office\OFFICE11\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 5.0 HD Edition.lnk
ShortcutTarget: PHOTOfunSTUDIO 5.0 HD Edition.lnk -> C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: (No Name) - {66a449dc-6b1d-4187-a4f1-b335d3da5365} - No File
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
SearchScopes: HKLM-x32 - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197&type=ds2se&d
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {07A64CD7-7415-43A8-963F-DF9ABF56354C} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=178b965e-f61b-44d0-8390-e5f443f82baa&pid=winsoftware&mode=bounce&k=0
SearchScopes: HKCU - {44A7C8CF-3553-4A05-B004-2822F1E00BCB} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=178b965e-f61b-44d0-8390-e5f443f82baa&pid=winsoftware&mode=bounce&k=0
SearchScopes: HKCU - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197&type=ds2se&d
SearchScopes: HKCU - {7D2283C1-8D84-4FA8-865E-AF6E1A9C04F0} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=178b965e-f61b-44d0-8390-e5f443f82baa&pid=winsoftware&mode=bounce&k=0
SearchScopes: HKCU - {95B2B476-0BA4-429D-A79E-2E729F0A2EE4} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=178b965e-f61b-44d0-8390-e5f443f82baa&pid=winsoftware&mode=bounce&k=0
SearchScopes: HKCU - {9AB71EB6-8F10-46F3-84E8-B877B9BDBC73} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=178b965e-f61b-44d0-8390-e5f443f82baa&pid=winsoftware&mode=bounce&k=0
SearchScopes: HKCU - {9B0BA1C1-9ECE-4BBA-8160-F2A63DA6C3AE} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=178b965e-f61b-44d0-8390-e5f443f82baa&pid=winsoftware&mode=bounce&k=0
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: AOL Deutschland Toolbar Loader - {2d3b1910-86c2-4d4b-b1db-124b3ea35bef} - C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: DNS Error Helper - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll No File
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - AOL Deutschland Toolbar - {567d4d94-8077-4682-b887-945f3d644116} - C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {567D4D94-8077-4682-B887-945F3D644116} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: msdaipp - No CLSID Value -
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msdaipp - No CLSID Value -
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Chrome:
=======
CHR HomePage: hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119357&tt=230713_18215&tsp=4953
CHR RestoreOnStartup: "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119357&tt=230713_18215&tsp=4953"
CHR DefaultSearchURL: (Delta Search) - hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119357&tt=230713_18215&tsp=4953
CHR DefaultSuggestURL: (Delta Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (D'Fusion @Home Web Plug-In (3.10.17859)) - C:\Program Files (x86)\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll (Total Immersion)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Feven) - C:\Users\Ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0
CHR Extension: (Plus-HD-2.5) - C:\Users\Ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.23.8_0
==================== Services (Whitelisted) =================
R2 AAV UpdateService; C:\Program Files (x86)\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [868896 2010-06-11] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-17] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [255744 2010-06-29] (NewTech Infosystems, Inc.)
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-04-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-04-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-04-05] (Avira Operations GmbH & Co. KG)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-07-15] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-07-15] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-07-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-07-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-07-21] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20130725.001\IDSvia64.sys [513184 2013-07-19] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20130725.001\IDSvia64.sys [513184 2013-07-19] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20130725.017\ENG64.SYS [126040 2013-07-21] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20130725.017\ENG64.SYS [126040 2013-07-21] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20130725.017\EX64.SYS [2098776 2013-07-21] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20130725.017\EX64.SYS [2098776 2013-07-21] (Symantec Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-15] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [173616 2013-07-21] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-21] (Symantec Corporation)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-26 07:30 - 2013-07-26 07:30 - 00034405 _____ C:\Users\***\Desktop\combofix.txt
2013-07-26 01:39 - 2013-07-26 01:40 - 00034449 _____ C:\ComboFix.txt
2013-07-26 00:23 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-26 00:18 - 2013-07-26 00:19 - 05093969 ____R (Swearware) C:\Users\***\Desktop\ComboFix.exe
2013-07-24 22:12 - 2013-07-24 22:13 - 00019749 _____ C:\Users\***\Desktop\Addition.txt
2013-07-24 22:11 - 2013-07-24 22:11 - 00000000 ____D C:\FRST
2013-07-24 22:10 - 2013-07-24 22:10 - 01779761 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-07-24 21:32 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-24 21:32 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-24 21:32 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-24 21:32 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-24 21:32 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-24 21:32 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-24 21:32 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-24 21:29 - 2013-07-26 01:40 - 00000000 ____D C:\Qoobox
2013-07-24 21:28 - 2013-07-26 01:18 - 00000000 ____D C:\Windows\erdnt
2013-07-24 21:25 - 2013-07-24 21:25 - 00004328 _____ C:\Users\***\Desktop\JRT.txt
2013-07-24 21:19 - 2013-07-24 21:19 - 00000000 ____D C:\Windows\ERUNT
2013-07-24 21:18 - 2013-07-24 21:18 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\***\Desktop\JRT.exe
2013-07-24 21:10 - 2013-07-24 21:10 - 00045882 _____ C:\Users\***\Desktop\AdwCleaner[S2].txt
2013-07-24 19:36 - 2013-07-24 19:37 - 00045882 _____ C:\AdwCleaner[S2].txt
2013-07-24 19:36 - 2013-07-24 19:36 - 00000436 _____ C:\AdwCleaner[S1].txt
2013-07-24 19:35 - 2013-07-24 19:35 - 00000000 ____D C:\Users\***\Qtrax
2013-07-24 19:34 - 2013-07-24 19:34 - 00666633 _____ C:\Users\***\Downloads\adwcleaner.exe
2013-07-24 19:34 - 2013-07-24 19:34 - 00666633 _____ C:\Users\***\Desktop\adwcleaner.exe
2013-07-24 19:31 - 2013-07-24 19:31 - 00000000 ____D C:\Users\***\AppData\Roaming\Zip Opener Packages
2013-07-24 14:40 - 2013-07-24 14:40 - 00593434 _____ C:\Users\***\Downloads\36704.txt
2013-07-24 11:29 - 2013-07-25 22:15 - 00131280 _____ C:\Users\***\Desktop\OTL.Txt
2013-07-24 11:29 - 2013-07-24 11:29 - 00075032 _____ C:\Users\***\Desktop\Extras.Txt
2013-07-24 11:16 - 2013-07-24 11:16 - 00602112 _____ (OldTimer Tools) C:\Users\***\Desktop\OTL.exe
2013-07-24 11:11 - 2013-07-24 11:11 - 00602112 _____ (OldTimer Tools) C:\Users\***\Downloads\OTL.exe
2013-07-24 10:59 - 2013-07-24 10:59 - 00279024 _____ C:\Windows\Minidump\072413-104676-01.dmp
2013-07-24 10:47 - 2013-07-24 10:47 - 00271040 _____ C:\Windows\Minidump\072413-102321-01.dmp
2013-07-24 10:42 - 2013-07-24 10:59 - 00000000 ____D C:\Windows\Minidump
2013-07-24 10:42 - 2013-07-24 10:58 - 631716993 _____ C:\Windows\MEMORY.DMP
2013-07-24 10:42 - 2013-07-24 10:43 - 00279024 _____ C:\Windows\Minidump\072413-35443-01.dmp
2013-07-23 19:35 - 2013-07-23 19:38 - 00000000 ____D C:\Windows\system32\MRT
2013-07-23 12:46 - 2013-07-23 12:47 - 88425338 _____ C:\Users\***\Desktop\splash! Mag präsentiert_The Notorious H.A.F.T (1).rar
2013-07-23 11:59 - 2013-07-23 11:59 - 00000875 _____ C:\Users\***\AppData\Local\recently-used.xbel
2013-07-23 02:25 - 2013-07-24 11:13 - 00000000 ____D C:\Users\***\AppData\Roaming\player
2013-07-23 02:25 - 2013-07-23 02:25 - 00000000 ____D C:\Program Files (x86)\Tuguu SL
2013-07-23 02:19 - 2013-07-23 02:53 - 00000000 ____D C:\Program Files\DivX
2013-07-23 02:19 - 2013-07-23 02:19 - 00000544 _____ C:\Windows\KB893803v2.log
2013-07-23 02:15 - 2013-07-23 02:15 - 00000000 ____D C:\Users\***\AppData\Local\CRE
2013-07-23 02:14 - 2013-07-23 20:14 - 00001164 _____ C:\Windows\Tasks\Feven-codedownloader.job
2013-07-23 02:14 - 2013-07-23 20:14 - 00001160 _____ C:\Windows\Tasks\Feven-updater.job
2013-07-23 02:14 - 2013-07-23 20:14 - 00001064 _____ C:\Windows\Tasks\Feven-enabler.job
2013-07-23 02:14 - 2013-07-23 02:54 - 00000000 ____D C:\Program Files (x86)\DivX
2013-07-23 02:14 - 2013-07-23 02:15 - 00004190 _____ C:\Windows\System32\Tasks\Feven-updater
2013-07-23 02:14 - 2013-07-23 02:14 - 00081768 _____ (Conduit) C:\ministub.exe
2013-07-23 02:14 - 2013-07-23 02:14 - 00004194 _____ C:\Windows\System32\Tasks\Feven-codedownloader
2013-07-23 02:14 - 2013-07-23 02:14 - 00004094 _____ C:\Windows\System32\Tasks\Feven-enabler
2013-07-23 02:13 - 2013-07-23 20:13 - 00001860 _____ C:\Windows\Tasks\Feven-chromeinstaller.job
2013-07-23 02:13 - 2013-07-23 02:15 - 00000000 ____D C:\Program Files (x86)\Feven
2013-07-23 02:11 - 2013-07-23 02:54 - 00000000 ____D C:\ProgramData\DivX
2013-07-22 23:37 - 2013-07-22 23:37 - 00000000 ____D C:\Windows\System32\Tasks\Symantec
2013-07-21 18:11 - 2013-07-24 19:36 - 00000000 ____D C:\Users\***\AppData\Local\CrashDumps
2013-07-21 18:11 - 2013-07-21 18:11 - 00000000 ____D C:\Users\***\AppData\Roaming\Tific
2013-07-21 18:11 - 2013-07-21 18:11 - 00000000 ____D C:\Users\***\AppData\Local\Symantec
2013-07-21 18:09 - 2013-07-21 18:28 - 00000000 ____D C:\Program Files\Symantec
2013-07-21 18:09 - 2013-07-21 18:09 - 00173616 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2013-07-21 18:09 - 2013-07-21 18:09 - 00007440 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2013-07-21 18:09 - 2013-07-21 18:09 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-07-20 21:40 - 2013-07-20 21:40 - 00003436 _____ C:\Windows\System32\Tasks\BrowserDefendert
2013-07-16 22:08 - 2013-07-23 00:21 - 00000000 ____D C:\Users\***\AppData\Roaming\vlc
2013-07-16 22:02 - 2013-07-16 22:03 - 00001396 _____ C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
2013-07-16 22:02 - 2013-07-16 22:02 - 00000000 ____D C:\ProgramData\TorchCrashHandler
2013-07-15 11:14 - 2013-07-23 02:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-07-14 14:18 - 2013-07-14 14:18 - 00000982 _____ C:\Users\****\Desktop\FRITZ!Box Benutzeroberfläche.lnk
2013-07-14 01:34 - 2013-06-24 00:57 - 78277128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-13 20:12 - 2013-07-13 20:12 - 00000000 ____D C:\found.000
2013-07-13 15:05 - 2013-07-13 15:05 - 00000000 ____D C:\Lxk2200
2013-07-13 14:52 - 2013-07-13 14:52 - 00000000 ____D C:\Program Files (x86)\FileOpenerPro
2013-07-13 14:50 - 2013-07-24 09:29 - 00001906 _____ C:\Windows\Tasks\Plus-HD-2.5-chromeinstaller.job
2013-07-13 14:50 - 2013-07-24 09:28 - 00001200 _____ C:\Windows\Tasks\Plus-HD-2.5-codedownloader.job
2013-07-13 14:50 - 2013-07-24 09:28 - 00001196 _____ C:\Windows\Tasks\Plus-HD-2.5-updater.job
2013-07-13 14:50 - 2013-07-24 09:28 - 00001100 _____ C:\Windows\Tasks\Plus-HD-2.5-enabler.job
2013-07-13 14:50 - 2013-07-13 14:50 - 00004230 _____ C:\Windows\System32\Tasks\Plus-HD-2.5-codedownloader
2013-07-13 14:50 - 2013-07-13 14:50 - 00004226 _____ C:\Windows\System32\Tasks\Plus-HD-2.5-updater
2013-07-13 14:50 - 2013-07-13 14:50 - 00004130 _____ C:\Windows\System32\Tasks\Plus-HD-2.5-enabler
2013-07-13 14:50 - 2013-07-13 14:50 - 00000000 ____D C:\Users\***\AppData\Local\AOL Deutschland Toolbar
2013-07-13 14:50 - 2013-07-13 14:50 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.5
2013-07-13 14:49 - 2013-07-13 14:49 - 00001228 _____ C:\Users\***\Desktop\Create Amazing Presentations.lnk
2013-07-13 14:49 - 2013-07-13 14:49 - 00001228 _____ C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk
2013-07-13 14:49 - 2013-07-13 14:49 - 00000000 ____D C:\Users\***\AppData\Local\emaze
2013-07-13 14:49 - 2013-07-13 14:49 - 00000000 ____D C:\ProgramData\AOL Deutschland Toolbar
2013-07-13 14:49 - 2013-07-13 14:49 - 00000000 ____D C:\Program Files (x86)\AOL Deutschland Toolbar
2013-07-13 14:48 - 2013-07-13 14:48 - 00000000 _____ C:\extensions.sqlite
2013-07-12 19:11 - 2013-07-12 19:11 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-12 19:11 - 2013-07-12 19:11 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-12 17:02 - 2006-12-14 14:42 - 00069120 ____R (AVM Berlin) C:\Windows\SysWOW64\avmadd32.dll
2013-07-12 17:01 - 2013-07-12 17:02 - 00002975 _____ C:\Windows\avmadd32.log
2013-07-12 17:01 - 2013-07-12 17:02 - 00002492 _____ C:\Windows\avmadd321.log
2013-07-12 17:01 - 2013-07-12 17:02 - 00000000 ____D C:\Program Files (x86)\FRITZ!Box
2013-07-12 17:01 - 2013-07-12 17:01 - 00000000 ____D C:\Program Files (x86)\FRITZ!BoxPrint
2013-07-12 17:01 - 2006-05-29 03:00 - 00016384 ____R (AVM Berlin GmbH) C:\Windows\SysWOW64\avmprmon.dll
2013-07-10 19:11 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 19:11 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 19:11 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 19:11 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 19:11 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 19:11 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 19:11 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-10 19:11 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 19:11 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 19:11 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-10 19:11 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-10 19:11 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-10 19:11 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-10 19:11 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 19:11 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 19:11 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 19:11 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 19:11 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 19:11 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 19:11 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 19:11 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 19:11 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 19:11 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-10 19:11 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-10 19:11 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-10 19:11 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-10 19:11 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-10 19:11 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-10 19:11 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-10 19:11 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-10 19:11 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-10 15:38 - 2013-07-10 15:38 - 51187712 _____ C:\Users\***\Downloads\wz175-32gev.msi
2013-07-10 15:34 - 2013-07-10 15:35 - 00000000 ____D C:\Users\***\AppData\Roaming\WinRAR
2013-07-10 15:34 - 2013-07-10 15:34 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-10 15:34 - 2013-07-10 15:34 - 00000000 ____D C:\Program Files (x86)\WinRAR
2013-07-10 11:10 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 11:10 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 11:10 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 11:10 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 11:10 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 11:10 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 11:10 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-07 10:52 - 2013-07-07 10:52 - 00000000 ____D C:\Users\***\AppData\Roaming\gramps
2013-07-07 10:51 - 2013-07-07 10:51 - 00002096 _____ C:\Users\***\Desktop\GrampsAIO32 3.4.5-1 Console.lnk
2013-07-07 10:51 - 2013-07-07 10:51 - 00002093 _____ C:\Users\***\Desktop\GrampsAIO32 3.4.5-1.lnk
2013-07-07 10:51 - 2013-07-07 10:51 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GrampsAIO
2013-07-07 10:49 - 2013-07-07 10:51 - 00000000 ____D C:\Program Files (x86)\GrampsAIO32
2013-07-07 10:47 - 2013-07-23 02:13 - 00003394 _____ C:\Windows\System32\Tasks\EPUpdater
2013-07-07 10:47 - 2013-07-07 10:47 - 00121856 _____ C:\Windows\system32\GFilterSvc0.exe
2013-07-07 10:47 - 2013-07-07 10:47 - 00121856 _____ C:\Windows\system32\GFilterSvc.exe
2013-07-07 10:47 - 2013-07-07 10:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-07 10:45 - 2013-07-13 05:56 - 00002155 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-07 10:41 - 2013-07-07 10:41 - 00301552 _____ C:\Users\***\Downloads\MapsGalaxy.exe
==================== One Month Modified Files and Folders =======
2013-07-26 09:34 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-26 09:34 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-26 09:26 - 2009-07-14 06:51 - 00114231 _____ C:\Windows\setupact.log
2013-07-26 07:40 - 2010-10-29 17:33 - 02095471 _____ C:\Windows\WindowsUpdate.log
2013-07-26 07:30 - 2013-07-26 07:30 - 00034405 _____ C:\Users\***\Desktop\combofix.txt
2013-07-26 01:40 - 2013-07-26 01:39 - 00034449 _____ C:\ComboFix.txt
2013-07-26 01:40 - 2013-07-24 21:29 - 00000000 ____D C:\Qoobox
2013-07-26 01:22 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-07-26 01:20 - 2012-06-24 12:20 - 00107624 _____ C:\Windows\PFRO.log
2013-07-26 01:18 - 2013-07-24 21:28 - 00000000 ____D C:\Windows\erdnt
2013-07-26 00:19 - 2013-07-26 00:18 - 05093969 ____R (Swearware) C:\Users\***\Desktop\ComboFix.exe
2013-07-25 22:15 - 2013-07-24 11:29 - 00131280 _____ C:\Users\***\Desktop\OTL.Txt
2013-07-24 22:13 - 2013-07-24 22:12 - 00019749 _____ C:\Users\***\Desktop\Addition.txt
2013-07-24 22:11 - 2013-07-24 22:11 - 00000000 ____D C:\FRST
2013-07-24 22:10 - 2013-07-24 22:10 - 01779761 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-07-24 22:03 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-07-24 21:45 - 2011-08-26 13:36 - 00000000 ____D C:\Users\***
2013-07-24 21:25 - 2013-07-24 21:25 - 00004328 _____ C:\Users\***\Desktop\JRT.txt
2013-07-24 21:19 - 2013-07-24 21:19 - 00000000 ____D C:\Windows\ERUNT
2013-07-24 21:18 - 2013-07-24 21:18 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\***\Desktop\JRT.exe
2013-07-24 21:10 - 2013-07-24 21:10 - 00045882 _____ C:\Users\***\Desktop\AdwCleaner[S2].txt
2013-07-24 21:07 - 2011-09-21 22:24 - 00000000 ____D C:\Users\***\Tracing
2013-07-24 19:37 - 2013-07-24 19:36 - 00045882 _____ C:\AdwCleaner[S2].txt
2013-07-24 19:36 - 2013-07-24 19:36 - 00000436 _____ C:\AdwCleaner[S1].txt
2013-07-24 19:36 - 2013-07-21 18:11 - 00000000 ____D C:\Users\***\AppData\Local\CrashDumps
2013-07-24 19:35 - 2013-07-24 19:35 - 00000000 ____D C:\Users\***\Qtrax
2013-07-24 19:34 - 2013-07-24 19:34 - 00666633 _____ C:\Users\***\Downloads\adwcleaner.exe
2013-07-24 19:34 - 2013-07-24 19:34 - 00666633 _____ C:\Users\***\Desktop\adwcleaner.exe
2013-07-24 19:31 - 2013-07-24 19:31 - 00000000 ____D C:\Users\***\AppData\Roaming\Zip Opener Packages
2013-07-24 14:54 - 2013-06-12 14:06 - 00000000 ____D C:\Users\***\Desktop\mpm
2013-07-24 14:40 - 2013-07-24 14:40 - 00593434 _____ C:\Users\***\Downloads\36704.txt
2013-07-24 11:29 - 2013-07-24 11:29 - 00075032 _____ C:\Users\***\Desktop\Extras.Txt
2013-07-24 11:16 - 2013-07-24 11:16 - 00602112 _____ (OldTimer Tools) C:\Users\***\Desktop\OTL.exe
2013-07-24 11:13 - 2013-07-23 02:25 - 00000000 ____D C:\Users\***\AppData\Roaming\player
2013-07-24 11:11 - 2013-07-24 11:11 - 00602112 _____ (OldTimer Tools) C:\Users\***\Downloads\OTL.exe
2013-07-24 10:59 - 2013-07-24 10:59 - 00279024 _____ C:\Windows\Minidump\072413-104676-01.dmp
2013-07-24 10:59 - 2013-07-24 10:42 - 00000000 ____D C:\Windows\Minidump
2013-07-24 10:58 - 2013-07-24 10:42 - 631716993 _____ C:\Windows\MEMORY.DMP
2013-07-24 10:47 - 2013-07-24 10:47 - 00271040 _____ C:\Windows\Minidump\072413-102321-01.dmp
2013-07-24 10:43 - 2013-07-24 10:42 - 00279024 _____ C:\Windows\Minidump\072413-35443-01.dmp
2013-07-24 10:03 - 2012-06-23 00:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-24 10:01 - 2012-06-23 00:26 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-24 09:29 - 2013-07-13 14:50 - 00001906 _____ C:\Windows\Tasks\Plus-HD-2.5-chromeinstaller.job
2013-07-24 09:28 - 2013-07-13 14:50 - 00001200 _____ C:\Windows\Tasks\Plus-HD-2.5-codedownloader.job
2013-07-24 09:28 - 2013-07-13 14:50 - 00001196 _____ C:\Windows\Tasks\Plus-HD-2.5-updater.job
2013-07-24 09:28 - 2013-07-13 14:50 - 00001100 _____ C:\Windows\Tasks\Plus-HD-2.5-enabler.job
2013-07-23 20:14 - 2013-07-23 02:14 - 00001164 _____ C:\Windows\Tasks\Feven-codedownloader.job
2013-07-23 20:14 - 2013-07-23 02:14 - 00001160 _____ C:\Windows\Tasks\Feven-updater.job
2013-07-23 20:14 - 2013-07-23 02:14 - 00001064 _____ C:\Windows\Tasks\Feven-enabler.job
2013-07-23 20:13 - 2013-07-23 02:13 - 00001860 _____ C:\Windows\Tasks\Feven-chromeinstaller.job
2013-07-23 20:09 - 2012-06-23 00:26 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-23 20:09 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-23 19:38 - 2013-07-23 19:35 - 00000000 ____D C:\Windows\system32\MRT
2013-07-23 19:35 - 2011-08-29 13:18 - 01592818 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-07-23 19:35 - 2010-10-30 03:24 - 00697542 _____ C:\Windows\system32\perfh007.dat
2013-07-23 19:35 - 2010-10-30 03:24 - 00148548 _____ C:\Windows\system32\perfc007.dat
2013-07-23 19:35 - 2009-07-14 07:13 - 01592818 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-23 17:10 - 2011-08-29 13:18 - 00000000 ____D C:\Users****\AppData\Roaming\SoftGrid Client
2013-07-23 12:47 - 2013-07-23 12:46 - 88425338 _____ C:\Users\****\Desktop\splash! Mag präsentiert_The Notorious H.A.F.T (1).rar
2013-07-23 12:00 - 2012-11-23 20:47 - 00000000 ____D C:\Users\***\.gimp-2.8
2013-07-23 11:59 - 2013-07-23 11:59 - 00000875 _____ C:\Users\***\AppData\Local\recently-used.xbel
2013-07-23 11:50 - 2011-08-26 13:40 - 00000000 ____D C:\Users\***\AppData\Roaming\Adobe
2013-07-23 03:19 - 2009-07-14 06:45 - 00379448 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-23 02:54 - 2013-07-23 02:14 - 00000000 ____D C:\Program Files (x86)\DivX
2013-07-23 02:54 - 2013-07-23 02:11 - 00000000 ____D C:\ProgramData\DivX
2013-07-23 02:53 - 2013-07-23 02:19 - 00000000 ____D C:\Program Files\DivX
2013-07-23 02:25 - 2013-07-23 02:25 - 00000000 ____D C:\Program Files (x86)\Tuguu SL
2013-07-23 02:25 - 2011-08-26 13:37 - 00092456 _____ C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-23 02:20 - 2013-07-15 11:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-07-23 02:19 - 2013-07-23 02:19 - 00000544 _____ C:\Windows\KB893803v2.log
2013-07-23 02:15 - 2013-07-23 02:15 - 00000000 ____D C:\Users\***\AppData\Local\CRE
2013-07-23 02:15 - 2013-07-23 02:14 - 00004190 _____ C:\Windows\System32\Tasks\Feven-updater
2013-07-23 02:15 - 2013-07-23 02:13 - 00000000 ____D C:\Program Files (x86)\Feven
2013-07-23 02:14 - 2013-07-23 02:14 - 00081768 _____ (Conduit) C:\ministub.exe
2013-07-23 02:14 - 2013-07-23 02:14 - 00004194 _____ C:\Windows\System32\Tasks\Feven-codedownloader
2013-07-23 02:14 - 2013-07-23 02:14 - 00004094 _____ C:\Windows\System32\Tasks\Feven-enabler
2013-07-23 02:13 - 2013-07-07 10:47 - 00003394 _____ C:\Windows\System32\Tasks\EPUpdater
2013-07-23 00:21 - 2013-07-16 22:08 - 00000000 ____D C:\Users\***\AppData\Roaming\vlc
2013-07-22 23:43 - 2013-05-28 22:04 - 00000000 ____D C:\Users\***\Desktop\Paul Bewerbungen
2013-07-22 23:37 - 2013-07-22 23:37 - 00000000 ____D C:\Windows\System32\Tasks\Symantec
2013-07-22 23:32 - 2010-09-13 10:20 - 00000000 ____D C:\Windows\system32\Drivers\NISx64
2013-07-21 18:28 - 2013-07-21 18:09 - 00000000 ____D C:\Program Files\Symantec
2013-07-21 18:11 - 2013-07-21 18:11 - 00000000 ____D C:\Users\***\AppData\Roaming\Tific
2013-07-21 18:11 - 2013-07-21 18:11 - 00000000 ____D C:\Users\**\AppData\Local\Symantec
2013-07-21 18:10 - 2010-09-13 10:20 - 00000000 ____D C:\ProgramData\Norton
2013-07-21 18:09 - 2013-07-21 18:09 - 00173616 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2013-07-21 18:09 - 2013-07-21 18:09 - 00007440 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2013-07-21 18:09 - 2013-07-21 18:09 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-07-20 21:40 - 2013-07-20 21:40 - 00003436 _____ C:\Windows\System32\Tasks\BrowserDefendert
2013-07-19 15:51 - 2013-06-10 10:44 - 00000432 _____ C:\Windows\BRWMARK.INI
2013-07-17 20:58 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-16 22:03 - 2013-07-16 22:02 - 00001396 _____ C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
2013-07-16 22:02 - 2013-07-16 22:02 - 00000000 ____D C:\ProgramData\TorchCrashHandler
2013-07-15 22:56 - 2012-06-23 00:26 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-15 22:56 - 2012-06-23 00:26 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-14 14:18 - 2013-07-14 14:18 - 00000982 _____ C:\Users\***\Desktop\FRITZ!Box Benutzeroberfläche.lnk
2013-07-13 23:49 - 2013-03-13 18:56 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-13 23:49 - 2013-03-13 18:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-13 23:49 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-13 23:49 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-13 21:28 - 2012-03-03 14:37 - 00000039 _____ C:\Windows\vbaddin.ini
2013-07-13 21:27 - 2009-07-14 04:34 - 00000534 _____ C:\Windows\win.ini
2013-07-13 21:20 - 2009-07-14 09:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-13 20:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-07-13 20:59 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-07-13 20:58 - 2012-07-03 20:05 - 00000000 ____D C:\ProgramData\Real
2013-07-13 20:12 - 2013-07-13 20:12 - 00000000 ____D C:\found.000
2013-07-13 16:05 - 2013-06-10 10:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-13 15:05 - 2013-07-13 15:05 - 00000000 ____D C:\Lxk2200
2013-07-13 14:54 - 2013-06-10 10:16 - 00002058 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-07-13 14:52 - 2013-07-13 14:52 - 00000000 ____D C:\Program Files (x86)\FileOpenerPro
2013-07-13 14:50 - 2013-07-13 14:50 - 00004230 _____ C:\Windows\System32\Tasks\Plus-HD-2.5-codedownloader
2013-07-13 14:50 - 2013-07-13 14:50 - 00004226 _____ C:\Windows\System32\Tasks\Plus-HD-2.5-updater
2013-07-13 14:50 - 2013-07-13 14:50 - 00004130 _____ C:\Windows\System32\Tasks\Plus-HD-2.5-enabler
2013-07-13 14:50 - 2013-07-13 14:50 - 00000000 ____D C:\Users\***\AppData\Local\AOL Deutschland Toolbar
2013-07-13 14:50 - 2013-07-13 14:50 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.5
2013-07-13 14:49 - 2013-07-13 14:49 - 00001228 _____ C:\Users\***\Desktop\Create Amazing Presentations.lnk
2013-07-13 14:49 - 2013-07-13 14:49 - 00001228 _____ C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk
2013-07-13 14:49 - 2013-07-13 14:49 - 00000000 ____D C:\Users\***\AppData\Local\emaze
2013-07-13 14:49 - 2013-07-13 14:49 - 00000000 ____D C:\ProgramData\AOL Deutschland Toolbar
2013-07-13 14:49 - 2013-07-13 14:49 - 00000000 ____D C:\Program Files (x86)\AOL Deutschland Toolbar
2013-07-13 14:48 - 2013-07-13 14:48 - 00000000 _____ C:\extensions.sqlite
2013-07-13 08:48 - 2012-07-03 20:10 - 00000000 ____D C:\Users\***\AppData\Roaming\Real
2013-07-13 08:45 - 2012-07-03 20:11 - 00003344 _____ C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-538976363-1389243005-1723249960-1001
2013-07-13 08:45 - 2012-07-03 20:11 - 00003212 _____ C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-538976363-1389243005-1723249960-1001
2013-07-13 05:56 - 2013-07-07 10:45 - 00002155 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-12 19:11 - 2013-07-12 19:11 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-12 19:11 - 2013-07-12 19:11 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-12 17:02 - 2013-07-12 17:01 - 00002975 _____ C:\Windows\avmadd32.log
2013-07-12 17:02 - 2013-07-12 17:01 - 00002492 _____ C:\Windows\avmadd321.log
2013-07-12 17:02 - 2013-07-12 17:01 - 00000000 ____D C:\Program Files (x86)\FRITZ!Box
2013-07-12 17:01 - 2013-07-12 17:01 - 00000000 ____D C:\Program Files (x86)\FRITZ!BoxPrint
2013-07-10 15:38 - 2013-07-10 15:38 - 51187712 _____ C:\Users\***\Downloads\wz175-32gev.msi
2013-07-10 15:35 - 2013-07-10 15:34 - 00000000 ____D C:\Users\***\AppData\Roaming\WinRAR
2013-07-10 15:34 - 2013-07-10 15:34 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-10 15:34 - 2013-07-10 15:34 - 00000000 ____D C:\Program Files (x86)\WinRAR
2013-07-07 14:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-07 10:52 - 2013-07-07 10:52 - 00000000 ____D C:\Users\***\AppData\Roaming\gramps
2013-07-07 10:51 - 2013-07-07 10:51 - 00002096 _____ C:\Users\***\Desktop\GrampsAIO32 3.4.5-1 Console.lnk
2013-07-07 10:51 - 2013-07-07 10:51 - 00002093 _____ C:\Users\***\Desktop\GrampsAIO32 3.4.5-1.lnk
2013-07-07 10:51 - 2013-07-07 10:51 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GrampsAIO
2013-07-07 10:51 - 2013-07-07 10:49 - 00000000 ____D C:\Program Files (x86)\GrampsAIO32
2013-07-07 10:49 - 2013-02-15 18:53 - 00001530 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-07-07 10:47 - 2013-07-07 10:47 - 00121856 _____ C:\Windows\system32\GFilterSvc0.exe
2013-07-07 10:47 - 2013-07-07 10:47 - 00121856 _____ C:\Windows\system32\GFilterSvc.exe
2013-07-07 10:47 - 2013-07-07 10:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-07 10:41 - 2013-07-07 10:41 - 00301552 _____ C:\Users\***\Downloads\MapsGalaxy.exe
2013-07-05 20:20 - 2011-08-26 13:54 - 00000000 ____D C:\Users\***\AppData\Local\Microsoft Games
2013-07-02 14:00 - 2012-12-25 14:26 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-06-27 15:36 - 2013-05-08 12:22 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-06-27 09:44 - 2013-06-10 10:16 - 00000000 ____D C:\Users\***\AppData\Local\Thunderbird
2013-06-26 13:31 - 2013-06-10 10:44 - 00000034 _____ C:\Windows\SysWOW64\BD2030.DAT
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-15 10:09
==================== End Of Log ============================
--- --- --- --- --- --- Irgendein Mist muss aber noch auf dem Rechner sein, es kommen immer noch ständig Pop Ups mit Werbung die nicht kommen sollten.. Und so ein komischer Deal-Finder wenn ich auf Shopping-Seiten bin.. |
|
26.07.2013, 10:33
| #7 |
| /// Malwareteam | TR/Ransom.Blocker mein OTL-Log Hi so schön langsam verzweifle ich hier... Aber ich hab noch was gefunden Nebenbei: Kennst du die Programme Feven & Plus-HD-2.5? Wenn nicht bitte so deinstallieren: Bitte gehe zu Start --> Systemsteuerung --> Software und deinstalliere die folgende Software: Code:
ATTFilter Feven
Pls-HD-2.5
DivX
Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKLM\...\Run: [Ocs_SM] - C:\Users\***\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [x]
BHO-x32: DNS Error Helper - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll No File
CHR HomePage: hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119357&tt=230713_18215&tsp=4953
CHR RestoreOnStartup: "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119357&tt=230713_18215&tsp=4953"
CHR DefaultSearchURL: (Delta Search) - hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119357&tt=230713_18215&tsp=4953
CHR DefaultSuggestURL: (Delta Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR Extension: (Feven) - C:\Users\Ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0
CHR Extension: (Plus-HD-2.5) - C:\Users\Ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.23.8_0
2013-07-23 02:25 - 2013-07-23 02:25 - 00000000 ____D C:\Program Files (x86)\Tuguu SL
2013-07-23 02:25 - 2013-07-24 11:13 - 00000000 ____D C:\Users\***\AppData\Roaming\player
2013-07-23 02:14 - 2013-07-23 02:14 - 00081768 _____ (Conduit) C:\ministub.exe
2013-07-23 02:11 - 2013-07-23 02:54 - 00000000 ____D C:\ProgramData\DivX
2013-07-20 21:40 - 2013-07-20 21:40 - 00003436 _____ C:\Windows\System32\Tasks\BrowserDefendert
2013-07-16 22:02 - 2013-07-16 22:03 - 00001396 _____ C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.ln
2013-07-13 14:49 - 2013-07-13 14:49 - 00001228 _____ C:\Users\***\Desktop\Create Amazing Presentations.lnk
2013-07-13 14:49 - 2013-07-13 14:49 - 00001228 _____ C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk
2013-07-12 19:11 - 2013-07-12 19:11 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-12 19:11 - 2013-07-12 19:11 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-23 02:54 - 2013-07-23 02:11 - 00000000 ____D C:\ProgramData\DivX
2013-07-23 02:53 - 2013-07-23 02:19 - 00000000 ____D C:\Program Files\DivX
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Lade SystemLook von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop. SystemLook (64 bit)
Besonders der zweite Schritt könnte länger dauern, ich bitte um etwas Geduld
__________________ Keep Jazzing! DerJazzer Imperare sibi maximum imperium est. ©Seneca Wenn du uns unterstützen möchtest | http://www.anaesthesist-werden.de/ |
|
26.07.2013, 11:41
| #8 |
| | TR/Ransom.Blocker mein OTL-Log okay, danke dass du dran bleibst. ich habe Feven und Plus HD deinstalliert, nur DivX konnte ich nicht finden..? die restlichen Schritte werde ich dann nach der Arbeit machen, auch wenn die Werbung usw extrem stört und vieles verlangsamt/unübersichtlich macht (klappen die Anhänge?) ok, Anhänge funktionieren.. also, hab ein paar screenshots gemacht. das erste hier vom forum wieder mit so was nervigen drin.. das zweite ist wenn ich auf der Arbeit unsere Homepage aktualisieren möchte, da sind ein paar Begriffe halt grün verlinkt und wenn man mit dem Cursor drauf bleibt kommt halt so ein Fenster "looking for xyz?" .. Wenn man auf das Fragezeichen geht kommt man auf Seite Anhang 3.. und Anhang 4 geht auch immer wieder auf.. Auch Seiten wie Facebook sind voooll mit Werbung... Mit am meisten stören mich diese grünen Links, man kann da auch nicht mehr drauf klicken weil dann kommt man immer auf Seite Anhang 3.. edit: ach ja, und das opt-out hab ich auch schon mal versucht, weiß gerade nicht mehr was da kam, jedenfalls ging es nicht weg.. |
|
26.07.2013, 18:47
| #9 |
| | TR/Ransom.Blocker mein OTL-Log Fixlog Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-07-2013
Ran by *** at 2013-07-26 19:15:51 Run:1
Running from C:\Users\***\Desktop
Boot Mode: Normal
==============================================
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Ocs_SM => Value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9B6B03F1-16CF-4491-BBBB-E872802DD717} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9B6B03F1-16CF-4491-BBBB-E872802DD717} => Key deleted successfully.
CHR HomePage: hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119357&tt=230713_18215&tsp=4953 ==> The Chrome "Settings" can be used to fix the entry.
CHR RestoreOnStartup: "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119357&tt=230713_18215&tsp=4953" ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: (Delta Search) - hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119357&tt=230713_18215&tsp=4953 ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSuggestURL: (Delta Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} ==> The Chrome "Settings" can be used to fix the entry.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli directory not found.
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd directory not found.
C:\Program Files (x86)\Tuguu SL => Moved successfully.
C:\Users\***\AppData\Roaming\player => Moved successfully.
C:\ministub.exe => Moved successfully.
C:\ProgramData\DivX => Moved successfully.
C:\Windows\System32\Tasks\BrowserDefendert => Moved successfully.
"C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.ln" => File/Directory not found.
"C:\Users\***\Desktop\Create Amazing Presentations.lnk" => File/Directory not found.
"C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk" => File/Directory not found.
C:\Windows\SysWOW64\searchplugins => Moved successfully.
C:\Windows\SysWOW64\Extensions => Moved successfully.
"C:\ProgramData\DivX" => File/Directory not found.
C:\Program Files\DivX => Moved successfully.
==== End of Fixlog ====
|
|
26.07.2013, 20:45
| #10 |
| /// Malwareteam | TR/Ransom.Blocker mein OTL-Log Ja auf jeden Fall, bitte anhängen
__________________ Keep Jazzing! DerJazzer Imperare sibi maximum imperium est. ©Seneca Wenn du uns unterstützen möchtest | http://www.anaesthesist-werden.de/ |
|
26.07.2013, 22:41
| #11 |
| | TR/Ransom.Blocker mein OTL-Log SystemLook Teil 1 Code:
ATTFilter SystemLook 30.07.11 by jpshortstuff
Log created at 19:22 on 26/07/2013 by ***
Administrator - Elevation successful
========== filefind ==========
Searching for "*Feven*"
C:\Users\***\AppData\Local\Temp\FevenUninstaller_1374833982.log --a---- 7230 bytes [10:19 26/07/2013] [10:20 26/07/2013] C624171809E956D5C068E80583B95229
C:\Windows\System32\NdfEventView.xml --a---- 565 bytes [20:35 10/06/2009] [20:35 10/06/2009] 86166DAA04A6C154826508304CC6D4AC
C:\Windows\System32\Tasks\Feven-chromeinstaller --a---- 4890 bytes [00:13 23/07/2013] [00:13 23/07/2013] 45962E3DC42DC5A6DB246AF08C080FC0
C:\Windows\System32\Tasks\Feven-codedownloader --a---- 4194 bytes [00:14 23/07/2013] [00:14 23/07/2013] 080D2CF093A8ECDE0E7536A77FABF960
C:\Windows\System32\Tasks\Feven-enabler --a---- 4094 bytes [00:14 23/07/2013] [00:14 23/07/2013] F7B404F6147CC7021C0FE0D030428D41
C:\Windows\System32\Tasks\Feven-updater --a---- 4190 bytes [00:14 23/07/2013] [00:15 23/07/2013] 98573AC30393D24D4EF7A4320501217F
C:\Windows\SysWOW64\NdfEventView.xml --a---- 565 bytes [21:18 10/06/2009] [21:18 10/06/2009] 86166DAA04A6C154826508304CC6D4AC
C:\Windows\winsxs\amd64_microsoft-windows-n..nosticsframeworkapi_31bf3856ad364e35_6.1.7600.16385_none_86e6a231c4ced139\NdfEventView.xml --a---- 565 bytes [20:35 10/06/2009] [20:35 10/06/2009] 86166DAA04A6C154826508304CC6D4AC
C:\Windows\winsxs\x86_microsoft-windows-n..nosticsframeworkapi_31bf3856ad364e35_6.1.7600.16385_none_2ac806ae0c716003\NdfEventView.xml --a---- 565 bytes [21:18 10/06/2009] [21:18 10/06/2009] 86166DAA04A6C154826508304CC6D4AC
Searching for "*Plus-HD*"
C:\Users\***\AppData\Local\Temp\Plus-HD-2.5Uninstaller_1374834042.log --a---- 7303 bytes [10:20 26/07/2013] [10:21 26/07/2013] E8FF357CF0634DA4D84D237410AD8AC2
C:\Windows\Prefetch\PLUS-HD-2.5-BG.EXE-5B9B40A2.pf --a---- 77504 bytes [22:52 21/07/2013] [17:09 24/07/2013] 30703D13A94C4289B06E9288859C3BC8
C:\Windows\Prefetch\PLUS-HD-2.5-CHROMEINSTALLER.E-D332D4A1.pf --a---- 59210 bytes [00:50 22/07/2013] [07:29 24/07/2013] 6A4B5A6E45A6E433F660F5AB056815D6
C:\Windows\Prefetch\PLUS-HD-2.5-CODEDOWNLOADER.EX-5B1A7E07.pf --a---- 38458 bytes [11:28 19/07/2013] [13:53 24/07/2013] 3347363C0F552FC8E2228EAEB56F39A0
C:\Windows\Prefetch\PLUS-HD-2.5-ENABLER.EXE-59EDA4A2.pf --a---- 17098 bytes [00:50 22/07/2013] [07:28 24/07/2013] 4E1F64648B34F0DFD10B96EFB2C45482
C:\Windows\Prefetch\PLUS-HD-2.5-UPDATER.EXE-5CA84116.pf --a---- 43132 bytes [00:50 22/07/2013] [07:29 24/07/2013] 582B6C5EF632C89523999736FB7F8261
C:\Windows\System32\Tasks\Plus-HD-2.5-chromeinstaller --a---- 4936 bytes [12:50 13/07/2013] [12:50 13/07/2013] 2ECB1389A5426E3C305FEC45A4F1690B
C:\Windows\System32\Tasks\Plus-HD-2.5-codedownloader --a---- 4230 bytes [12:50 13/07/2013] [12:50 13/07/2013] 7B360C5AD1CB64444152788485A2F0DE
C:\Windows\System32\Tasks\Plus-HD-2.5-enabler --a---- 4130 bytes [12:50 13/07/2013] [12:50 13/07/2013] 6306DEA534EF2576001F8BB75D569790
C:\Windows\System32\Tasks\Plus-HD-2.5-updater --a---- 4226 bytes [12:50 13/07/2013] [12:50 13/07/2013] DC011BCA2EFC3C5306683A37F6A90594
Searching for "*Conduit*"
C:\Users\***\AppData\Local\Microsoft\Internet Explorer\DOMStore\W45XU1E4\cap1.conduit-apps[1].xml --a---- 13 bytes [00:18 23/07/2013] [00:18 23/07/2013] C1DDEA3EF6BBEF3E7060A1A9AD89E4C5
C:\Users\***\AppData\LocalLow\DivX_Browser_Bar_DE\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_About_png.png --a---- 821 bytes [00:51 23/07/2013] [00:51 23/07/2013] 99D5F75C338F2A877CBF891E0F18746E
C:\Users\***\AppData\LocalLow\DivX_Browser_Bar_DE\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Contact_png.png --a---- 531 bytes [00:51 23/07/2013] [00:51 23/07/2013] A847C5F6CE2C700048749892DD2E0619
C:\Users\***\AppData\LocalLow\DivX_Browser_Bar_DE\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Privacy_png.png --a---- 706 bytes [00:51 23/07/2013] [00:51 23/07/2013] 3AD88BD8E832DA39FAAEDF07AD595F94
C:\Users\***\AppData\LocalLow\DivX_Browser_Bar_DE\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Upgrade_png.png --a---- 607 bytes [00:51 23/07/2013] [00:51 23/07/2013] 9B4D914888BCFFCBAE6757A0E450551C
C:\Users\***\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\0W2H2R8G\search.conduit[1].xml --a---- 13 bytes [00:20 23/07/2013] [00:20 23/07/2013] C1DDEA3EF6BBEF3E7060A1A9AD89E4C5
C:\Users\***\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\Z11GZW4Y\cap1.conduit-apps[1].xml --a---- 13 bytes [00:22 23/07/2013] [00:22 23/07/2013] C1DDEA3EF6BBEF3E7060A1A9AD89E4C5
Searching for "*Browserdefender*"
C:\FRST\Quarantine\BrowserDefendert --a---- 3436 bytes [19:40 20/07/2013] [19:40 20/07/2013] FD4C705E193ECE51ECD1ECB9F026684A
C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll --a---- 2521040 bytes [09:39 26/07/2013] [09:09 23/05/2013] 148412605E3D016FE2D9C243B227A8A1
C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe --a---- 2827728 bytes [09:39 26/07/2013] [09:09 23/05/2013] 013A330F16B1CECBDE5CB6F921689523
C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings --a---- 47132 bytes [09:39 26/07/2013] [17:25 26/07/2013] 2321D37FDD31E6A288D5123C84240135
C:\Users\All Users\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll --a---- 2521040 bytes [09:39 26/07/2013] [09:09 23/05/2013] 148412605E3D016FE2D9C243B227A8A1
C:\Users\All Users\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe --a---- 2827728 bytes [09:39 26/07/2013] [09:09 23/05/2013] 013A330F16B1CECBDE5CB6F921689523
C:\Users\All Users\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings --a---- 47132 bytes [09:39 26/07/2013] [17:25 26/07/2013] 2321D37FDD31E6A288D5123C84240135
C:\Users\Ulrike\AppData\Local\CrashDumps\BrowserDefender.exe.3452.dmp --a---- 416917 bytes [17:25 26/07/2013] [17:25 26/07/2013] 9472B2AA6BB80E2D4CB5E4C274D19860
C:\Users\Ulrike\AppData\Local\CrashDumps\BrowserDefender.exe.5704.dmp --a---- 418193 bytes [17:25 26/07/2013] [17:25 26/07/2013] 127AE3A8B3EC4B29D3AFCC5E7A5C2B59
C:\Users\Ulrike\AppData\Local\CrashDumps\BrowserDefender.exe.5852.dmp --a---- 416281 bytes [17:25 26/07/2013] [17:25 26/07/2013] EFE238E6E3B037F05A74E08CD7770FFD
C:\Users\Ulrike\AppData\Local\CrashDumps\BrowserDefender.exe.6168.dmp --a---- 417309 bytes [17:24 26/07/2013] [17:24 26/07/2013] 182F974D45C95C273C95B6193481675C
C:\Users\Ulrike\AppData\Local\CrashDumps\BrowserDefender.exe.6228.dmp --a---- 417733 bytes [17:25 26/07/2013] [17:25 26/07/2013] E869C73ED1494379E5B2CB661958808E
C:\Users\Ulrike\AppData\Local\CrashDumps\BrowserDefender.exe.6384.dmp --a---- 417817 bytes [17:25 26/07/2013] [17:25 26/07/2013] 5989D6342460B11FB7889494DD5EDE1A
C:\Users\Ulrike\AppData\Local\CrashDumps\BrowserDefender.exe.6560.dmp --a---- 417473 bytes [17:25 26/07/2013] [17:25 26/07/2013] DEAC91C4EF5B2923BA7F175E16BD1DD5
C:\Users\Ulrike\AppData\Local\CrashDumps\BrowserDefender.exe.6756.dmp --a---- 417533 bytes [17:25 26/07/2013] [17:25 26/07/2013] D21860299CB65CE73BBB4B27ADEDA91D
C:\Users\Ulrike\AppData\Local\CrashDumps\BrowserDefender.exe.6856.dmp --a---- 418093 bytes [17:24 26/07/2013] [17:24 26/07/2013] (Unable to calculate MD5)
C:\Users\Ulrike\AppData\Local\CrashDumps\BrowserDefender.exe.6948.dmp --a---- 417701 bytes [17:25 26/07/2013] [17:25 26/07/2013] 2B46C31E10A33BED8FC73AB183483026
C:\Users\Ulrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender\Uninstall BrowserDefender.lnk --a---- 1350 bytes [09:39 26/07/2013] [09:39 26/07/2013] B84C7D6375E3C3A27A3E899BE3188100
C:\Windows\Prefetch\BROWSERDEFENDER.EXE-1131EC70.pf --a---- 29132 bytes [11:24 10/07/2013] [17:24 26/07/2013] 2D9E45872D85A34CCBA7736E18EB9041
Searching for "*SearchAnonymizer*"
No files found.
Searching for "*Babylon*"
No files found.
Searching for "*Delta*"
C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaApp.dll --a---- 331160 bytes [02:50 23/07/2013] [02:50 23/07/2013] EC72D4F4D4B4A5012BEE52991DE99E93
C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaEng.dll --a---- 610200 bytes [02:50 23/07/2013] [02:50 23/07/2013] C166B3B356D35D8D06BCBE75C25536B4
C:\Program Files (x86)\Delta\delta\1.8.22.0\deltasrv.exe --a---- 397208 bytes [02:50 23/07/2013] [02:50 23/07/2013] A581F2701DADE16E5D3AD324CDAAE1C1
C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaTlbr.dll --a---- 300952 bytes [02:50 23/07/2013] [02:50 23/07/2013] B65087F1483CF94C7F8C7E79FFA41E8D
C:\Program Files (x86)\Delta\delta\1.8.22.0\bh\delta.dll --a---- 311536 bytes [02:50 23/07/2013] [02:50 23/07/2013] C92BAA5EC9852A58399E0D1990533E98
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0\Delta128.png --a---- 10672 bytes [17:09 26/07/2013] [17:09 26/07/2013] 42CDB0D801608FD181699B6E94813FDE
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0\Delta48.png --a---- 2294 bytes [17:09 26/07/2013] [17:09 26/07/2013] AA45094F80CC06C3C6406FD101767026
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www1.delta-search.com_0.localstorage --a---- 3072 bytes [19:59 25/07/2013] [09:36 26/07/2013] 4A730C76EA876B73D61867B7D39010ED
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www1.delta-search.com_0.localstorage-journal --a---- 3608 bytes [19:59 25/07/2013] [09:36 26/07/2013] 0E30F75C8DC676A9F5A51AB6818C609A
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1HMEQOL6\www1_delta-search_com[1].htm --a---- 26083 bytes [09:39 26/07/2013] [09:39 26/07/2013] 63EE54CB5493BA3AEE346DDED3A7FD55
C:\Users\***AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DCT000KW\bab138.deltatb_dmn[1].zpb --a---- 254 bytes [09:38 26/07/2013] [09:38 26/07/2013] 951FC8A77BE82D63DAEED0E03BBE7DFB
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DCT000KW\delta-toolbar[1].jpg --a---- 7052 bytes [09:36 26/07/2013] [09:36 26/07/2013] F7FD7489BA39EABB144BE4471408D84B
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DCT000KW\DeltaTB[1].zpb --a---- 1680254 bytes [09:39 26/07/2013] [09:39 26/07/2013] 091D998BC0ED841A989DFCBBBF0EDDEA
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DCT000KW\sprite-delta[1].jpg --a---- 17377 bytes [09:36 26/07/2013] [09:36 26/07/2013] BA020B0B99550F1BC0B8795C8AF5CD40
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W6NGQHDZ\DeltaChromeTB_1001[1].zpb --a---- 156969 bytes [09:39 26/07/2013] [09:39 26/07/2013] 97375BF2ADB9529424A2C3A8D7C0B839
C:\Users\***\AppData\Roaming\BabSolution\CR\Delta.crx --a---- 16913 bytes [09:39 26/07/2013] [10:15 23/05/2013] 7732BEF52DEF6B441309A2B203CB62D0
C:\Users\***\AppData\Roaming\BabSolution\Shared\Delta.ico --a---- 5430 bytes [09:39 26/07/2013] [15:25 23/04/2013] 97EE720DD3678F23D02D166E522402AC
C:\Windows\System32\msdelta.dll --a---- 451584 bytes [23:22 13/07/2009] [01:41 14/07/2009] D9A5B279A8D2F8775FA254927F33DA6D
C:\Windows\System32\DriverStore\FileRepository\pnpxdms.inf_amd64_neutral_5e0a0f6f73fd1a8b\delta.cat --a---- 7109 bytes [07:52 26/07/2010] [07:52 26/07/2010] 5C4FF808B37E29B3E8D6B6ADC09331D0
C:\Windows\SysWOW64\msdelta.dll --a---- 305152 bytes [23:12 13/07/2009] [01:15 14/07/2009] 739E51268B4BB79AB4F9E55F0018D0BC
C:\Windows\winsxs\amd64_microsoft-windows-deltacompressionengine_31bf3856ad364e35_6.1.7600.16385_none_9c2159bf9f702069\msdelta.dll --a---- 451584 bytes [23:22 13/07/2009] [01:41 14/07/2009] D9A5B279A8D2F8775FA254927F33DA6D
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7600.16385_none_655452efe0fb810b\msdelta.dll --a---- 451584 bytes [02:55 14/07/2009] [02:55 14/07/2009] D9A5B279A8D2F8775FA254927F33DA6D
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17514_none_678566b7ddea04a5\msdelta.dll --a---- 451584 bytes [02:55 14/07/2009] [02:55 14/07/2009] D9A5B279A8D2F8775FA254927F33DA6D
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\msdelta.dll --a---- 451584 bytes [02:55 14/07/2009] [02:55 14/07/2009] D9A5B279A8D2F8775FA254927F33DA6D
C:\Windows\winsxs\FileMaps\$$_media_delta_0f36d7d9b4f7293c.cdf-ms --a---- 2436 bytes [02:59 14/07/2009] [05:32 14/07/2009] 0ED4291DC068EB860AC15A6E5360224C
C:\Windows\winsxs\Manifests\amd64_microsoft-windows-deltacompressionengine_31bf3856ad364e35_6.1.7600.16385_none_9c2159bf9f702069.manifest --a---- 2888 bytes [02:33 14/07/2009] [02:21 14/07/2009] 6B7D6AD4FA771B7D532B7AD67D396853
C:\Windows\winsxs\Manifests\amd64_microsoft-windows-deltapackageexpander_31bf3856ad364e35_6.1.7600.16385_none_c5d387d64eb8e1f2.manifest --a---- 2461 bytes [02:33 14/07/2009] [02:26 14/07/2009] B84326CF1509A48DF01F10CC45B97A3F
C:\Windows\winsxs\Manifests\amd64_microsoft-windows-deltapackageexpander_31bf3856ad364e35_6.1.7601.17514_none_c8049b9e4ba7658c.manifest ------- 2461 bytes [09:08 28/08/2011] [04:21 20/11/2010] 8A388670A7B189FE5CE192B81E6F7401
C:\Windows\winsxs\Manifests\amd64_microsoft-windows-s..l-soundthemes-delta_31bf3856ad364e35_6.1.7600.16385_none_fbf7e0678b64a4b8.manifest --a---- 27794 bytes [02:17 14/07/2009] [02:18 14/07/2009] 2D159244CBBD3875345AFDD9C34B444B
C:\Windows\winsxs\Manifests\x86_microsoft-windows-deltacompressionengine_31bf3856ad364e35_6.1.7600.16385_none_4002be3be712af33.manifest --a---- 2886 bytes [02:33 14/07/2009] [01:54 14/07/2009] 110D843CC1C2B3A02A46D4AD962C04B6
C:\Windows\winsxs\Manifests\x86_microsoft-windows-deltapackageexpander_31bf3856ad364e35_6.1.7600.16385_none_69b4ec52965b70bc.manifest --a---- 2459 bytes [02:33 14/07/2009] [01:57 14/07/2009] 6A0B78A725C86457BCED783D682C9BB5
C:\Windows\winsxs\Manifests\x86_microsoft-windows-deltapackageexpander_31bf3856ad364e35_6.1.7601.17514_none_6be6001a9349f456.manifest ------- 2459 bytes [09:08 28/08/2011] [03:10 20/11/2010] 771093D6028BE8C764993524B6392E70
C:\Windows\winsxs\x86_microsoft-windows-deltacompressionengine_31bf3856ad364e35_6.1.7600.16385_none_4002be3be712af33\msdelta.dll --a---- 305152 bytes [23:12 13/07/2009] [01:15 14/07/2009] 739E51268B4BB79AB4F9E55F0018D0BC
C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7600.16385_none_0935b76c289e0fd5\msdelta.dll --a---- 305152 bytes [02:43 14/07/2009] [02:43 14/07/2009] 739E51268B4BB79AB4F9E55F0018D0BC
C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17514_none_0b66cb34258c936f\msdelta.dll --a---- 305152 bytes [02:43 14/07/2009] [02:43 14/07/2009] 739E51268B4BB79AB4F9E55F0018D0BC
C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\msdelta.dll --a---- 305152 bytes [02:43 14/07/2009] [02:43 14/07/2009] 739E51268B4BB79AB4F9E55F0018D0BC
Searching for "*WebCake*"
No files found.
Searching for "*DivX*"
C:\FRST\Quarantine\DivX\Setup\DivXSetupUninstall.log --a---- 169151 bytes [00:52 23/07/2013] [00:55 23/07/2013] F6DBDD943117C103D555D74306565302
C:\Program Files (x86)\DivX\divxdotcom.ico --a---- 353118 bytes [21:36 20/09/2012] [21:36 20/09/2012] E56D31FAADB657D341FDE7F1ECFD9F8C
C:\Program Files (x86)\DivX\divxFolder.ico --a---- 355574 bytes [17:17 12/09/2012] [17:17 12/09/2012] D5D386313FD6B4A5F1CE2949055F2176
C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-HKLM-Run-DivXMediaServer.reg.dat --a---- 183 bytes [20:00 24/07/2013] [20:00 24/07/2013] 2C743485508659F48101DB48AC07B71C
C:\Users\***\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\R1Z5R3VG\www.divx[1].xml --a---- 13 bytes [00:23 23/07/2013] [00:23 23/07/2013] C1DDEA3EF6BBEF3E7060A1A9AD89E4C5
C:\Users\***\AppData\Roaming\Skype\temp-TJUpe2aau6X7aQ5EsZDIvxKM --a---- 1544 bytes [16:37 23/11/2011] [16:37 23/11/2011] 20AEAD27928FD5F16605EC2D10645075
C:\Users\***\Videos\DivX Movies\DivX.com.lnk --a---- 1222 bytes [00:22 23/07/2013] [00:22 23/07/2013] 1347126E61C6FF069BE6598CE7589022
Code:
ATTFilter ========== folderfind ==========
Searching for "*Feven*"
No folders found.
Searching for "*Plus-HD*"
No folders found.
Searching for "*Conduit*"
C:\Users\***\AppData\LocalLow\DivX_Browser_Bar_DE\Repository\conduit_CT3297265_CT3297265 d------ [00:43 23/07/2013]
Searching for "*Browserdefender*"
C:\ProgramData\BrowserDefender d------ [09:39 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_00716ae2 d----c- [17:16 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0153cd4c d----c- [17:10 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_02731a82 d----c- [17:09 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_02d2f881 d----c- [17:14 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_02dd5b0a d----c- [17:16 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_02dd8a83 d----c- [17:16 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_02fa3ce0 d----c- [17:13 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_035391a4 d----c- [17:10 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_03a25724 d----c- [17:17 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_03c686ac d----c- [17:18 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_03cbb1d1 d----c- [17:14 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_04133793 d----c- [17:18 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0613341a d----c- [17:14 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0613c206 d----c- [17:14 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0624b579 d----c- [17:16 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_064af8a0 d----c- [17:18 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_064b1841 d----c- [17:18 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_064bfc96 d----c- [17:19 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_06be1351 d----c- [17:08 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_06ca082a d----c- [17:26 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_06d2bbfe d----c- [17:18 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_06d66aa4 d----c- [17:22 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_06dbbd93 d----c- [17:10 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_06fc3774 d----c- [17:24 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0735a9d5 d----c- [17:17 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_073ccd8b d----c- [17:16 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_073d75da d----c- [17:08 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_07f466dd d----c- [17:15 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_07f74874 d----c- [17:10 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_082ecbe5 d----c- [17:09 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_08869655 d----c- [17:18 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0914866d d----c- [17:15 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0990a5c0 d----c- [17:15 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0a13ed2b d----c- [17:10 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0a4343a4 d----c- [17:14 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0b019a2c d----c- [17:16 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0b07cd8b d----c- [17:19 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0b6cd162 d----c- [17:20 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0b6f079e d----c- [17:09 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0b81b98e d----c- [17:17 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0b9a2f97 d----c- [17:08 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0bb64c0d d----c- [17:13 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0bb97e62 d----c- [17:21 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0c533a12 d----c- [17:10 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0cc02fe5 d----c- [17:11 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0cc100da d----c- [17:11 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0d641baa d----c- [17:15 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0d78c14b d----c- [17:16 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0d7a17f3 d----c- [17:17 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0d858507 d----c- [17:08 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0d8a1cc3 d----c- [17:13 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0dc4e10b d----c- [17:20 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0dc4f0e3 d----c- [17:20 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0dceb9bd d----c- [17:13 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0dd99dc4 d----c- [17:25 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0e046122 d----c- [17:11 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0e0c404a d----c- [17:11 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0e439e60 d----c- [17:10 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0e4f057c d----c- [17:22 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0ea25b97 d----c- [17:13 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0ea382b6 d----c- [17:14 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0ea8b2ca d----c- [17:20 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0ed074a2 d----c- [17:11 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0edd5a10 d----c- [17:07 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0ee0b3c4 d----c- [17:11 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0f48d21d d----c- [17:11 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0f4d6f55 d----c- [17:12 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0f589617 d----c- [17:15 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0f72d96d d----c- [17:18 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0f8362f6 d----c- [17:23 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0fa53b89 d----c- [17:16 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0fb4f121 d----c- [17:11 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_101464de d----c- [14:47 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_10268b7c d----c- [17:13 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_10378e4a d----c- [17:19 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_10680cbc d----c- [17:19 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_10682bb1 d----c- [17:19 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_10684b42 d----c- [17:19 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_109f6344 d----c- [17:14 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_10a03bb8 d----c- [17:19 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_10d0e4a3 d----c- [17:24 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_10d1ad8d d----c- [17:25 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1140dd24 d----c- [17:16 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_11a6bbdf d----c- [17:09 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_11a85724 d----c- [17:15 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_11bf15b1 d----c- [17:14 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_11bf72de d----c- [17:14 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_11e94b42 d----c- [17:16 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_11eb7252 d----c- [17:19 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_11eb9df3 d----c- [17:19 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_11f01cb3 d----c- [17:19 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_120f2422 d----c- [17:14 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_122edff2 d----c- [17:09 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_123be0fb d----c- [17:15 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_125dd94e d----c- [17:21 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_12695f3f d----c- [17:12 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_12884fd4 d----c- [17:11 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_129358d9 d----c- [17:10 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_129bdd34 d----c- [17:10 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_12a7bd74 d----c- [17:19 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_12ca99fd d----c- [17:22 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1320203c d----c- [17:11 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_13653fcd d----c- [17:12 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_136b0869 d----c- [17:18 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_136c27ab d----c- [17:24 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_13772847 d----c- [17:09 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_138733ad d----c- [17:23 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_13d8c512 d----c- [17:11 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_13eb537c d----c- [17:14 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_13ed006d d----c- [17:20 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_13ed1055 d----c- [17:20 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_13edf8b0 d----c- [17:21 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_13f0a5a1 d----c- [17:24 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_13fb04e0 d----c- [17:14 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_140a9d19 d----c- [17:09 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_141c11fa d----c- [17:10 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_141eabe7 d----c- [17:09 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_14358f53 d----c- [17:12 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1449d9ca d----c- [17:12 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_147037b2 d----c- [17:15 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_14800241 d----c- [17:10 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_149f2838 d----c- [17:18 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_149f7e72 d----c- [17:19 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_149fadac d----c- [17:19 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_14ad3014 d----c- [17:12 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_14b61f71 d----c- [17:08 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_14c1931a d----c- [17:08 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_14fa9a99 d----c- [17:13 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_15014f86 d----c- [17:12 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1522f4d9 d----c- [17:09 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1525209a d----c- [17:12 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_153495aa d----c- [17:20 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_154fadfa d----c- [17:10 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_15517af9 d----c- [17:16 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_155e6e7b d----c- [17:09 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1564a228 d----c- [17:20 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_156510e1 d----c- [17:12 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_15667b18 d----c- [17:13 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1595030c d----c- [17:16 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1598c16a d----c- [17:20 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_159a76c4 d----c- [17:17 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_159fa1f9 d----c- [17:14 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_15aab3aa d----c- [14:54 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_15c9fdfd d----c- [17:13 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_15f1d92e d----c- [17:17 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_15f266ec d----c- [17:17 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_15f9d374 d----c- [17:08 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_15fd9f2b d----c- [17:12 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_15fe7c02 d----c- [17:09 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1601b3c9 d----c- [14:49 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1612a6f8 d----c- [17:18 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1614e252 d----c- [17:11 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1618ee25 d----c- [17:16 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_16262c1e d----c- [17:13 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1641f8a0 d----c- [17:17 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1642c995 d----c- [17:18 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_16439240 d----c- [17:14 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1653dce6 d----c- [17:19 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1675e4d2 d----c- [17:08 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_16857f0e d----c- [17:12 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1686aa04 d----c- [17:13 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1688476b d----c- [17:15 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1699edb8 d----c- [17:12 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_169c76a5 d----c- [17:15 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_16a4c65a d----c- [17:24 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_16be082a d----c- [17:17 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_16dae8d8 d----c- [17:18 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_16e0081b d----c- [17:24 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_17045afb d----c- [17:20 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1715f372 d----c- [17:08 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_173027ea d----c- [17:15 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1741e8c8 d----c- [17:17 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1743ecbe d----c- [17:19 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_174e6d62 d----c- [17:13 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_17560db6 d----c- [17:13 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1797d1ee d----c- [17:15 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_179ab5c7 d----c- [17:18 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_179dc9d3 d----c- [17:17 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_17de8cc4 d----c- [17:09 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_17e20369 d----c- [17:08 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_181bcb8d d----c- [14:55 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_182c473c d----c- [17:24 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1875208a d----c- [17:20 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_18a0b55a d----c- [17:24 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_18b38258 d----c- [17:23 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_18ea3a22 d----c- [17:22 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_18ef140c d----c- [17:22 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_18fde8a9 d----c- [17:26 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1901ba1a d----c- [17:21 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_191c7667 d----c- [17:24 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_19281812 d----c- [17:24 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_19454f19 d----c- [17:25 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_19497e43 d----c- [17:25 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1956083a d----c- [17:21 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_19752fb7 d----c- [17:20 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_19a617f3 d----c- [17:21 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_19b85791 d----c- [17:24 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_19ce7be3 d----c- [17:22 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_19dffc0a d----c- [17:23 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_19ef7290 d----c- [17:23 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_19fd3f50 d----c- [17:20 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_19fe27ea d----c- [17:21 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1a024430 d----c- [17:26 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1a312f78 d----c- [17:25 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1a31cd8b d----c- [17:25 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1a328a35 d----c- [17:22 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1a3cd4eb d----c- [17:24 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1a593f22 d----c- [17:25 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1a654f28 d----c- [17:21 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1a8066ae d----c- [17:24 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1aa18dfc d----c- [17:25 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1aaba1ba d----c- [17:23 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1ad1bd36 d----c- [17:25 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1af5ca02 d----c- [17:21 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1b015f9c d----c- [17:21 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1b2723c5 d----c- [17:23 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1b279202 d----c- [17:23 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1b2ed8a2 d----c- [17:22 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1b37530f d----c- [17:23 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1b9c863f d----c- [17:24 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1ba25cb0 d----c- [17:22 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1bb24c6a d----c- [17:22 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1bbd6eaa d----c- [17:21 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1bbde8d8 d----c- [17:21 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1bc5f881 d----c- [17:26 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1bd2f49b d----c- [17:22 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1bdb4337 d----c- [17:23 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1be3c11d d----c- [17:23 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1be895e8 d----c- [17:24 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1bf15ec2 d----c- [17:25 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1bf7b173 d----c- [17:23 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1bf92348 d----c- [17:25 26/07/2013]
Code:
ATTFilter C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1bfae4d2 d----c- [17:22 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1bfd6ed8 d----c- [17:25 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_3465fa98 d----c- [14:53 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_34664973 d----c- [14:54 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_346acf83 d----c- [14:59 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_34f39081 d----c- [15:08 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_35ae1a48 d----c- [14:54 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_382ba41f d----c- [14:51 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_382f122d d----c- [14:55 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_3cb2a400 d----c- [14:54 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_3ea5744a d----c- [15:02 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_44923dbf d----c- [14:49 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_4af23e7b d----c- [14:58 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_4af76923 d----c- [15:04 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_505370c1 d----c- [14:55 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5055128b d----c- [14:48 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_505725cc d----c- [14:50 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_50b22a8d d----c- [14:54 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_50b64d97 d----c- [14:49 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_50b7d472 d----c- [14:51 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_51bab82c d----c- [15:03 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_51bade71 d----c- [15:03 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5240cf44 d----c- [14:52 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_524435e3 d----c- [14:47 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5247c3a1 d----c- [14:51 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5318e2e3 d----c- [14:48 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_532ce6e9 d----c- [15:01 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_53dc5130 d----c- [15:05 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_53dccb3f d----c- [15:05 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_55387504 d----c- [14:47 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_55563b4f d----c- [14:54 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5613652d d----c- [14:51 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_574ca400 d----c- [14:48 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_57d52df7 d----c- [14:53 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_57d5ac0b d----c- [14:53 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_57d5db17 d----c- [14:53 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_57d60a41 d----c- [14:53 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_57f08099 d----c- [15:01 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_58da594b d----c- [14:54 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_58df31be d----c- [14:55 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_597f5535 d----c- [14:51 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5b2e2e54 d----c- [14:49 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5b7dc381 d----c- [14:49 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5c06e2e4 d----c- [14:54 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5ded31ed d----c- [14:48 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5ed9515e d----c- [14:48 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5f21514f d----c- [14:57 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5f23b3aa d----c- [15:00 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5f2c70a1 d----c- [14:52 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_604c4500 d----c- [14:52 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_604d7d5e d----c- [14:53 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6271bba5 d----c- [14:53 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6271eadf d----c- [14:53 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6277789d d----c- [15:04 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_635d8c5b d----c- [14:53 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6388122d d----c- [15:04 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_63aa7cc2 d----c- [14:50 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_63af4196 d----c- [14:55 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_64172a30 d----c- [15:03 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_641c088c d----c- [14:51 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_645d1e00 d----c- [14:52 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_64b990de d----c- [14:57 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_667a97c1 d----c- [14:54 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_67a702a3 d----c- [14:55 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_67a72205 d----c- [14:55 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_67ac71da d----c- [15:00 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_67e0514f d----c- [14:52 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_688d4196 d----c- [14:48 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_69681652 d----c- [14:47 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_69b0848f d----c- [14:47 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6a0d70ef d----c- [14:48 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6a331a29 d----c- [15:03 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6a9ad35a d----c- [14:54 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6bcc31af d----c- [15:05 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6c7a5d21 d----c- [14:49 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6cc75535 d----c- [14:59 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6cd97044 d----c- [14:53 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6cdda49c d----c- [14:49 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6d24a00a d----c- [14:52 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6dbcdf1c d----c- [14:52 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6e02ac1b d----c- [14:50 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6e09121e d----c- [14:57 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6e319bf5 d----c- [14:53 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6e32f2fa d----c- [14:54 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6e418089 d----c- [14:57 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6e4abb95 d----c- [14:50 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6e4f8079 d----c- [14:55 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6e4fdb55 d----c- [14:55 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6e4ffbd0 d----c- [14:56 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6ee6c3b0 d----c- [14:54 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6eed9512 d----c- [14:49 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6fb8dc01 d----c- [15:05 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6fbadaf8 d----c- [15:07 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6fd24d49 d----c- [14:58 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6fd40294 d----c- [15:00 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_700ebf7c d----c- [14:59 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7045afd3 d----c- [15:02 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_704adb46 d----c- [14:50 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_706902b3 d----c- [14:48 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_706be312 d----c- [14:51 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_708b5111 d----c- [14:55 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_70b89428 d----c- [14:48 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_70c12215 d----c- [14:48 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_70c8f329 d----c- [14:48 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_70e9cb4e d----c- [14:53 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_70f5fe5f d----c- [14:49 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7112fae6 d----c- [15:03 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_712960e9 d----c- [14:57 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71550e56 d----c- [14:52 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_718960f8 d----c- [14:48 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71905554 d----c- [14:47 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7190fe6f d----c- [14:52 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71ac60f8 d----c- [14:52 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71cbeadf d----c- [14:56 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71d29c24 d----c- [14:50 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71d8afd3 d----c- [14:52 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71d8eed5 d----c- [14:52 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71dbbb57 d----c- [14:55 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71de6ccb d----c- [14:50 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71dfb3a9 d----c- [14:51 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71e735e3 d----c- [14:50 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71f7457c d----c- [14:50 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71faeafe d----c- [14:50 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_720cbf6c d----c- [14:52 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_721c8089 d----c- [14:52 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7244260b d----c- [14:47 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_724760e9 d----c- [14:55 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_725f9447 d----c- [14:51 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_727b74f5 d----c- [14:51 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_72ee1e6d d----c- [14:49 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_730d80a8 d----c- [14:49 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_73228c6b d----c- [14:50 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_732445ab d----c- [14:47 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_73360fdc d----c- [14:49 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7351067a d----c- [15:01 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7351fe6f d----c- [15:02 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_736f84bd d----c- [14:51 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7386cbac d----c- [14:50 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_73dfa3b2 d----c- [15:00 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_73e49042 d----c- [14:52 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_73e8c778 d----c- [15:01 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_740c1a19 d----c- [14:56 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7419df1d d----c- [15:02 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_742497d0 d----c- [14:56 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7437453e d----c- [14:59 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_74439409 d----c- [15:00 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_744eafe2 d----c- [14:59 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_74621e0f d----c- [14:58 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7483e42b d----c- [15:04 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_74880afc d----c- [14:56 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_748921d7 d----c- [14:57 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_748f2936 d----c- [14:59 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_748f8441 d----c- [14:59 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_74908846 d----c- [14:56 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7491a097 d----c- [15:02 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_74933595 d----c- [14:59 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7497c372 d----c- [15:00 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_74a3e312 d----c- [15:00 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_74a91633 d----c- [15:01 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_74bbb37b d----c- [15:04 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_74c3594b d----c- [15:04 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_74da3ddf d----c- [15:02 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_74dfc391 d----c- [15:04 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7510399b d----c- [14:56 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7516a2d8 d----c- [14:59 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_752bf2db d----c- [15:00 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_753ff2bc d----c- [15:04 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_75453595 d----c- [15:01 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_75470aaf d----c- [15:03 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_75514187 d----c- [14:57 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7552ee97 d----c- [14:59 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_755ce64d d----c- [14:57 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_755e1e0f d----c- [15:02 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7564125c d----c- [15:00 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_756ca7c8 d----c- [14:56 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7572dede d----c- [14:59 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_757ca93e d----c- [15:01 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_758b64ee d----c- [14:59 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_758c29e2 d----c- [14:56 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_758e9042 d----c- [14:58 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_759c2234 d----c- [15:05 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_759e4d69 d----c- [15:03 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_75b925bd d----c- [15:01 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_75bda00a d----c- [14:57 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_75d68089 d----c- [14:58 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_75e62df7 d----c- [14:58 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_75e84168 d----c- [15:05 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_75ed31be d----c- [14:57 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_75f4b82c d----c- [15:01 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_75f660aa d----c- [14:58 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_76022dd8 d----c- [15:02 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_76034992 d----c- [15:04 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_760f7498 d----c- [14:59 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_762058dd d----c- [14:56 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7628f2fa d----c- [14:57 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7631cf35 d----c- [15:02 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7639bf5d d----c- [14:58 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_763c97e0 d----c- [15:01 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_76486108 d----c- [15:05 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7668f6b2 d----c- [15:01 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7682cd90 d----c- [15:03 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_76984992 d----c- [14:56 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_769aeaef d----c- [15:03 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_76a60e57 d----c- [15:02 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_76b1afb4 d----c- [14:57 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_76e40275 d----c- [15:04 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_76e7d34a d----c- [15:00 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_76ecd730 d----c- [15:01 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_76ee5d22 d----c- [15:03 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7701bf8c d----c- [15:02 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_770d9032 d----c- [15:02 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_771070c1 d----c- [15:05 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_771080f6 d----c- [15:05 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_77109032 d----c- [15:05 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_772c50e2 d----c- [15:00 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7730788d d----c- [14:56 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7739715d d----c- [14:57 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7769eee5 d----c- [15:02 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_776e70c1 d----c- [14:58 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7776a844 d----c- [15:03 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_777d807a d----c- [15:02 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_779d0265 d----c- [14:57 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_77a068c5 d----c- [14:56 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_77b7d34a d----c- [15:04 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_77d06127 d----c- [15:00 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_77ee0e76 d----c- [14:58 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_77f9cf16 d----c- [14:58 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_77fe97ff d----c- [15:03 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_77ff39f8 d----c- [15:04 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7808fad7 d----c- [15:05 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_78098837 d----c- [15:06 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_784b6146 d----c- [15:08 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_78850a61 d----c- [15:05 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_78baab9f d----c- [15:07 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_78d32206 d----c- [15:08 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_78da9bf5 d----c- [15:07 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_78e1984d d----c- [15:06 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_78fd1a0a d----c- [15:06 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_792a7c55 d----c- [15:07 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_793568f4 d----c- [15:06 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_793b1597 d----c- [15:08 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_798a0e47 d----c- [15:07 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_798ceadf d----c- [15:05 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7993a01a d----c- [15:08 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_79b9786e d----c- [15:06 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_79ba1e3e d----c- [15:07 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_79f62db9 d----c- [15:07 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_79fa8c2d d----c- [15:07 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7a2df23f d----c- [15:06 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7a4a5cf3 d----c- [15:07 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7a4acb3f d----c- [15:07 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7a526d28 d----c- [15:07 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7a654934 d----c- [15:06 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7aa331af d----c- [15:08 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7ab75120 d----c- [15:08 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7ad5591c d----c- [15:06 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7ae9fe6f d----c- [15:07 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7b0a3d62 d----c- [15:07 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7b2770f0 d----c- [15:08 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7b6b8089 d----c- [15:08 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7b6da7f7 d----c- [15:06 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7b752a01 d----c- [15:06 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7bb1b771 d----c- [15:06 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7bbb43a9 d----c- [15:08 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7bc2bbe4 d----c- [15:07 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7bca4d1b d----c- [15:07 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7bed39aa d----c- [15:06 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_c90184e0 d----c- [14:47 15/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1565c476 d----c- [17:08 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_39484423 d----c- [12:23 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_403fb424 d----c- [12:40 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_49f4ab3f d----c- [12:58 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_53b52f7b d----c- [13:25 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5c85193e d----c- [13:56 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5ff720bc d----c- [13:49 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_61fe236b d----c- [14:01 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6fcb7488 d----c- [14:38 26/07/2013]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_cab_11e39868 d----c- [10:37 26/07/2013]
|
|
26.07.2013, 22:42
| #12 |
| | TR/Ransom.Blocker mein OTL-Log Teil 4 Code:
ATTFilter C:\Users\All Users\BrowserDefender d------ [09:39 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_00716ae2 d----c- [17:16 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0153cd4c d----c- [17:10 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_02731a82 d----c- [17:09 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_02d2f881 d----c- [17:14 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_02dd5b0a d----c- [17:16 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_02dd8a83 d----c- [17:16 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_02fa3ce0 d----c- [17:13 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_035391a4 d----c- [17:10 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_03a25724 d----c- [17:17 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_03c686ac d----c- [17:18 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_03cbb1d1 d----c- [17:14 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_04133793 d----c- [17:18 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0613341a d----c- [17:14 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0613c206 d----c- [17:14 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0624b579 d----c- [17:16 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_064af8a0 d----c- [17:18 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_064b1841 d----c- [17:18 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_064bfc96 d----c- [17:19 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_06be1351 d----c- [17:08 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_06ca082a d----c- [17:26 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_06d2bbfe d----c- [17:18 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_06d66aa4 d----c- [17:22 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_06dbbd93 d----c- [17:10 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_06fc3774 d----c- [17:24 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0735a9d5 d----c- [17:17 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_073ccd8b d----c- [17:16 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_073d75da d----c- [17:08 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_07f466dd d----c- [17:15 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_07f74874 d----c- [17:10 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_082ecbe5 d----c- [17:09 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_08869655 d----c- [17:18 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0914866d d----c- [17:15 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0990a5c0 d----c- [17:15 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0a13ed2b d----c- [17:10 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0a4343a4 d----c- [17:14 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0b019a2c d----c- [17:16 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0b07cd8b d----c- [17:19 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0b6cd162 d----c- [17:20 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0b6f079e d----c- [17:09 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0b81b98e d----c- [17:17 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0b9a2f97 d----c- [17:08 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0bb64c0d d----c- [17:13 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0bb97e62 d----c- [17:21 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0c533a12 d----c- [17:10 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0cc02fe5 d----c- [17:11 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0cc100da d----c- [17:11 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0d641baa d----c- [17:15 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0d78c14b d----c- [17:16 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0d7a17f3 d----c- [17:17 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0d858507 d----c- [17:08 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0d8a1cc3 d----c- [17:13 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0dc4e10b d----c- [17:20 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0dc4f0e3 d----c- [17:20 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0dceb9bd d----c- [17:13 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0dd99dc4 d----c- [17:25 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0e046122 d----c- [17:11 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0e0c404a d----c- [17:11 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0e439e60 d----c- [17:10 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0e4f057c d----c- [17:22 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0ea25b97 d----c- [17:13 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0ea382b6 d----c- [17:14 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0ea8b2ca d----c- [17:20 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0ed074a2 d----c- [17:11 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0edd5a10 d----c- [17:07 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0ee0b3c4 d----c- [17:11 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0f48d21d d----c- [17:11 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0f4d6f55 d----c- [17:12 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0f589617 d----c- [17:15 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0f72d96d d----c- [17:18 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0f8362f6 d----c- [17:23 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0fa53b89 d----c- [17:16 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_0fb4f121 d----c- [17:11 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_101464de d----c- [14:47 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_10268b7c d----c- [17:13 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_10378e4a d----c- [17:19 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_10680cbc d----c- [17:19 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_10682bb1 d----c- [17:19 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_10684b42 d----c- [17:19 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_109f6344 d----c- [17:14 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_10a03bb8 d----c- [17:19 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_10d0e4a3 d----c- [17:24 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_10d1ad8d d----c- [17:25 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1140dd24 d----c- [17:16 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_11a6bbdf d----c- [17:09 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_11a85724 d----c- [17:15 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_11bf15b1 d----c- [17:14 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_11bf72de d----c- [17:14 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_11e94b42 d----c- [17:16 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_11eb7252 d----c- [17:19 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_11eb9df3 d----c- [17:19 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_11f01cb3 d----c- [17:19 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_120f2422 d----c- [17:14 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_122edff2 d----c- [17:09 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_123be0fb d----c- [17:15 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_125dd94e d----c- [17:21 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_12695f3f d----c- [17:12 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_12884fd4 d----c- [17:11 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_129358d9 d----c- [17:10 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_129bdd34 d----c- [17:10 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_12a7bd74 d----c- [17:19 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_12ca99fd d----c- [17:22 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1320203c d----c- [17:11 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_13653fcd d----c- [17:12 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_136b0869 d----c- [17:18 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_136c27ab d----c- [17:24 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_13772847 d----c- [17:09 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_138733ad d----c- [17:23 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_13d8c512 d----c- [17:11 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_13eb537c d----c- [17:14 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_13ed006d d----c- [17:20 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_13ed1055 d----c- [17:20 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_13edf8b0 d----c- [17:21 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_13f0a5a1 d----c- [17:24 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_13fb04e0 d----c- [17:14 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_140a9d19 d----c- [17:09 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_141c11fa d----c- [17:10 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_141eabe7 d----c- [17:09 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_14358f53 d----c- [17:12 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1449d9ca d----c- [17:12 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1456534d d----c- [17:26 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_147037b2 d----c- [17:15 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_14800241 d----c- [17:10 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_149f2838 d----c- [17:18 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_149f7e72 d----c- [17:19 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_149fadac d----c- [17:19 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_14ad3014 d----c- [17:12 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_14b61f71 d----c- [17:08 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_14c1931a d----c- [17:08 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_14fa9a99 d----c- [17:13 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_15014f86 d----c- [17:12 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1522f4d9 d----c- [17:09 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1525209a d----c- [17:12 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_153495aa d----c- [17:20 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_154fadfa d----c- [17:10 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_15517af9 d----c- [17:16 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_155e6e7b d----c- [17:09 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1564a228 d----c- [17:20 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_156510e1 d----c- [17:12 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_15667b18 d----c- [17:13 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1595030c d----c- [17:16 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1598c16a d----c- [17:20 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_159a76c4 d----c- [17:17 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_159fa1f9 d----c- [17:14 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_15aab3aa d----c- [14:54 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_15c9fdfd d----c- [17:13 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_15f1d92e d----c- [17:17 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_15f266ec d----c- [17:17 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_15f9d374 d----c- [17:08 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_15fd9f2b d----c- [17:12 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_15fe7c02 d----c- [17:09 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1601b3c9 d----c- [14:49 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1612a6f8 d----c- [17:18 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1614e252 d----c- [17:11 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1618ee25 d----c- [17:16 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_16262c1e d----c- [17:13 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1641f8a0 d----c- [17:17 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1642c995 d----c- [17:18 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_16439240 d----c- [17:14 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1653dce6 d----c- [17:19 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1675e4d2 d----c- [17:08 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_16857f0e d----c- [17:12 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1686aa04 d----c- [17:13 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1688476b d----c- [17:15 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1699edb8 d----c- [17:12 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_169c76a5 d----c- [17:15 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_16a4c65a d----c- [17:24 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_16be082a d----c- [17:17 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_16dae8d8 d----c- [17:18 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_16e0081b d----c- [17:24 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_17045afb d----c- [17:20 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1715f372 d----c- [17:08 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_173027ea d----c- [17:15 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1741e8c8 d----c- [17:17 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1743ecbe d----c- [17:19 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_174e6d62 d----c- [17:13 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_17560db6 d----c- [17:13 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1797d1ee d----c- [17:15 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_179ab5c7 d----c- [17:18 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_179dc9d3 d----c- [17:17 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_17de8cc4 d----c- [17:09 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_17e20369 d----c- [17:08 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_181bcb8d d----c- [14:55 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_182c473c d----c- [17:24 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1875208a d----c- [17:20 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_18a0b55a d----c- [17:24 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_18b38258 d----c- [17:23 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_18ea3a22 d----c- [17:22 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_18ef140c d----c- [17:22 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_18fde8a9 d----c- [17:26 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1901ba1a d----c- [17:21 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_191c7667 d----c- [17:24 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_19281812 d----c- [17:24 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_19454f19 d----c- [17:25 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_19497e43 d----c- [17:25 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1956083a d----c- [17:21 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_19752fb7 d----c- [17:20 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_19a617f3 d----c- [17:21 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_19b85791 d----c- [17:24 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_19ce7be3 d----c- [17:22 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_19dffc0a d----c- [17:23 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_19ef7290 d----c- [17:23 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_19fd3f50 d----c- [17:20 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_19fe27ea d----c- [17:21 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1a024430 d----c- [17:26 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1a312f78 d----c- [17:25 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1a31cd8b d----c- [17:25 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1a328a35 d----c- [17:22 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1a3cd4eb d----c- [17:24 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1a593f22 d----c- [17:25 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1a654f28 d----c- [17:21 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1a8066ae d----c- [17:24 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1aa18dfc d----c- [17:25 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1aaba1ba d----c- [17:23 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1ad1bd36 d----c- [17:25 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1af5ca02 d----c- [17:21 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1b015f9c d----c- [17:21 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1b2723c5 d----c- [17:23 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1b279202 d----c- [17:23 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1b2ed8a2 d----c- [17:22 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1b37530f d----c- [17:23 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1b9c863f d----c- [17:24 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1ba25cb0 d----c- [17:22 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1bb24c6a d----c- [17:22 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1bbd6eaa d----c- [17:21 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1bbde8d8 d----c- [17:21 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1bc5f881 d----c- [17:26 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1bd2f49b d----c- [17:22 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1bdb4337 d----c- [17:23 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1be3c11d d----c- [17:23 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1be895e8 d----c- [17:24 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1bf15ec2 d----c- [17:25 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1bf7b173 d----c- [17:23 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1bf92348 d----c- [17:25 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1bfae4d2 d----c- [17:22 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1bfd6ed8 d----c- [17:25 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_3465fa98 d----c- [14:53 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_34664973 d----c- [14:54 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_346acf83 d----c- [14:59 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_34f39081 d----c- [15:08 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_35ae1a48 d----c- [14:54 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_382ba41f d----c- [14:51 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_382f122d d----c- [14:55 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_3cb2a400 d----c- [14:54 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_3ea5744a d----c- [15:02 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_44923dbf d----c- [14:49 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_4af23e7b d----c- [14:58 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_4af76923 d----c- [15:04 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_505370c1 d----c- [14:55 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5055128b d----c- [14:48 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_505725cc d----c- [14:50 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_50b22a8d d----c- [14:54 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_50b64d97 d----c- [14:49 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_50b7d472 d----c- [14:51 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_51bab82c d----c- [15:03 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_51bade71 d----c- [15:03 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5240cf44 d----c- [14:52 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_524435e3 d----c- [14:47 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5247c3a1 d----c- [14:51 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5318e2e3 d----c- [14:48 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_532ce6e9 d----c- [15:01 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_53dc5130 d----c- [15:05 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_53dccb3f d----c- [15:05 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_55387504 d----c- [14:47 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_55563b4f d----c- [14:54 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5613652d d----c- [14:51 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_574ca400 d----c- [14:48 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_57d52df7 d----c- [14:53 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_57d5ac0b d----c- [14:53 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_57d5db17 d----c- [14:53 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_57d60a41 d----c- [14:53 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_57f08099 d----c- [15:01 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_58da594b d----c- [14:54 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_58df31be d----c- [14:55 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_597f5535 d----c- [14:51 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5b2e2e54 d----c- [14:49 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5b7dc381 d----c- [14:49 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5c06e2e4 d----c- [14:54 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5ded31ed d----c- [14:48 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5ed9515e d----c- [14:48 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5f21514f d----c- [14:57 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5f23b3aa d----c- [15:00 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5f2c70a1 d----c- [14:52 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_604c4500 d----c- [14:52 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_604d7d5e d----c- [14:53 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6271bba5 d----c- [14:53 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6271eadf d----c- [14:53 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6277789d d----c- [15:04 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_635d8c5b d----c- [14:53 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6388122d d----c- [15:04 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_63aa7cc2 d----c- [14:50 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_63af4196 d----c- [14:55 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_64172a30 d----c- [15:03 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_641c088c d----c- [14:51 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_645d1e00 d----c- [14:52 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_64b990de d----c- [14:57 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_667a97c1 d----c- [14:54 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_67a702a3 d----c- [14:55 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_67a72205 d----c- [14:55 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_67ac71da d----c- [15:00 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_67e0514f d----c- [14:52 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_688d4196 d----c- [14:48 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_69b0848f d----c- [14:47 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6a0d70ef d----c- [14:48 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6a331a29 d----c- [15:03 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6a9ad35a d----c- [14:54 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6bcc31af d----c- [15:05 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6c7a5d21 d----c- [14:49 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6cc75535 d----c- [14:59 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6cd97044 d----c- [14:53 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6cdda49c d----c- [14:49 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6d24a00a d----c- [14:52 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6dbcdf1c d----c- [14:52 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6e02ac1b d----c- [14:50 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6e09121e d----c- [14:57 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6e319bf5 d----c- [14:53 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6e32f2fa d----c- [14:54 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6e418089 d----c- [14:57 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6e4abb95 d----c- [14:50 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6e4f8079 d----c- [14:55 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6e4fdb55 d----c- [14:55 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6e4ffbd0 d----c- [14:56 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6ee6c3b0 d----c- [14:54 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6eed9512 d----c- [14:49 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6fb8dc01 d----c- [15:05 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6fbadaf8 d----c- [15:07 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6fd24d49 d----c- [14:58 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6fd40294 d----c- [15:00 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_700ebf7c d----c- [14:59 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7045afd3 d----c- [15:02 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_704adb46 d----c- [14:50 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_706902b3 d----c- [14:48 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_706be312 d----c- [14:51 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_708b5111 d----c- [14:55 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_70b89428 d----c- [14:48 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_70c12215 d----c- [14:48 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_70c8f329 d----c- [14:48 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_70e9cb4e d----c- [14:53 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_70f5fe5f d----c- [14:49 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7112fae6 d----c- [15:03 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_712960e9 d----c- [14:57 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71550e56 d----c- [14:52 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_718960f8 d----c- [14:48 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71905554 d----c- [14:47 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7190fe6f d----c- [14:52 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71ac60f8 d----c- [14:52 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71cbeadf d----c- [14:56 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71d29c24 d----c- [14:50 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71d8afd3 d----c- [14:52 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71d8eed5 d----c- [14:52 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71dbbb57 d----c- [14:55 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71de6ccb d----c- [14:50 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71dfb3a9 d----c- [14:51 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71e735e3 d----c- [14:50 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71f7457c d----c- [14:50 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_71faeafe d----c- [14:50 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_720cbf6c d----c- [14:52 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_721c8089 d----c- [14:52 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7244260b d----c- [14:47 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_724760e9 d----c- [14:55 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_725f9447 d----c- [14:51 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_727b74f5 d----c- [14:51 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_72ee1e6d d----c- [14:49 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_730d80a8 d----c- [14:49 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_73228c6b d----c- [14:50 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_732445ab d----c- [14:47 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_73360fdc d----c- [14:49 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7351067a d----c- [15:01 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7351fe6f d----c- [15:02 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_736f84bd d----c- [14:51 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7386cbac d----c- [14:50 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_73dfa3b2 d----c- [15:00 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_73e49042 d----c- [14:52 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_73e8c778 d----c- [15:01 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_740c1a19 d----c- [14:56 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7419df1d d----c- [15:02 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_742497d0 d----c- [14:56 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7437453e d----c- [14:59 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_74439409 d----c- [15:00 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_744eafe2 d----c- [14:59 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_74621e0f d----c- [14:58 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7483e42b d----c- [15:04 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_74880afc d----c- [14:56 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_748921d7 d----c- [14:57 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_748f2936 d----c- [14:59 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_748f8441 d----c- [14:59 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_74908846 d----c- [14:56 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7491a097 d----c- [15:02 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_74933595 d----c- [14:59 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7497c372 d----c- [15:00 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_74a3e312 d----c- [15:00 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_74a91633 d----c- [15:01 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_74bbb37b d----c- [15:04 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_74c3594b d----c- [15:04 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_74da3ddf d----c- [15:02 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_74dfc391 d----c- [15:04 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7510399b d----c- [14:56 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7516a2d8 d----c- [14:59 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_752bf2db d----c- [15:00 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_753ff2bc d----c- [15:04 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_75453595 d----c- [15:01 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_75470aaf d----c- [15:03 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_75514187 d----c- [14:57 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7552ee97 d----c- [14:59 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_755ce64d d----c- [14:57 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_755e1e0f d----c- [15:02 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7564125c d----c- [15:00 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_756ca7c8 d----c- [14:56 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7572dede d----c- [14:59 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_757ca93e d----c- [15:01 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_758b64ee d----c- [14:59 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_758c29e2 d----c- [14:56 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_758e9042 d----c- [14:58 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_759c2234 d----c- [15:05 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_759e4d69 d----c- [15:03 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_75b925bd d----c- [15:01 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_75bda00a d----c- [14:57 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_75d68089 d----c- [14:58 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_75e62df7 d----c- [14:58 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_75e84168 d----c- [15:05 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_75ed31be d----c- [14:57 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_75f4b82c d----c- [15:01 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_75f660aa d----c- [14:58 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_76022dd8 d----c- [15:02 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_76034992 d----c- [15:04 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_760f7498 d----c- [14:59 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_762058dd d----c- [14:56 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7628f2fa d----c- [14:57 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7631cf35 d----c- [15:02 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7639bf5d d----c- [14:58 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_763c97e0 d----c- [15:01 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_76486108 d----c- [15:05 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7668f6b2 d----c- [15:01 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7682cd90 d----c- [15:03 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_76984992 d----c- [14:56 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_769aeaef d----c- [15:03 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_76a60e57 d----c- [15:02 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_76b1afb4 d----c- [14:57 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_76e40275 d----c- [15:04 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_76e7d34a d----c- [15:00 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_76ecd730 d----c- [15:01 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_76ee5d22 d----c- [15:03 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7701bf8c d----c- [15:02 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_770d9032 d----c- [15:02 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_771070c1 d----c- [15:05 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_771080f6 d----c- [15:05 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_77109032 d----c- [15:05 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_772c50e2 d----c- [15:00 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7730788d d----c- [14:56 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7739715d d----c- [14:57 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7769eee5 d----c- [15:02 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_776e70c1 d----c- [14:58 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7776a844 d----c- [15:03 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_777d807a d----c- [15:02 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_779d0265 d----c- [14:57 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_77a068c5 d----c- [14:56 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_77b7d34a d----c- [15:04 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_77d06127 d----c- [15:00 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_77ee0e76 d----c- [14:58 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_77f9cf16 d----c- [14:58 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_77fe97ff d----c- [15:03 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_77ff39f8 d----c- [15:04 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7808fad7 d----c- [15:05 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_78098837 d----c- [15:06 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_784b6146 d----c- [15:08 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_78850a61 d----c- [15:05 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_78baab9f d----c- [15:07 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_78d32206 d----c- [15:08 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_78da9bf5 d----c- [15:07 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_78e1984d d----c- [15:06 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_78fd1a0a d----c- [15:06 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_792a7c55 d----c- [15:07 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_793568f4 d----c- [15:06 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_793b1597 d----c- [15:08 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_798a0e47 d----c- [15:07 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_798ceadf d----c- [15:05 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7993a01a d----c- [15:08 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_79b9786e d----c- [15:06 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_79ba1e3e d----c- [15:07 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_79f62db9 d----c- [15:07 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_79fa8c2d d----c- [15:07 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7a2df23f d----c- [15:06 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7a4a5cf3 d----c- [15:07 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7a4acb3f d----c- [15:07 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7a526d28 d----c- [15:07 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7a654934 d----c- [15:06 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7aa331af d----c- [15:08 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7ab75120 d----c- [15:08 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7ad5591c d----c- [15:06 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7ae9fe6f d----c- [15:07 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7b0a3d62 d----c- [15:07 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7b2770f0 d----c- [15:08 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7b6b8089 d----c- [15:08 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7b6da7f7 d----c- [15:06 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7b752a01 d----c- [15:06 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7bb1b771 d----c- [15:06 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7bbb43a9 d----c- [15:08 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7bc2bbe4 d----c- [15:07 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7bca4d1b d----c- [15:07 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_7bed39aa d----c- [15:06 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_c90184e0 d----c- [14:47 15/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1565c476 d----c- [17:08 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_39484423 d----c- [12:23 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_403fb424 d----c- [12:40 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_49f4ab3f d----c- [12:58 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_53b52f7b d----c- [13:25 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5c85193e d----c- [13:56 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_5ff720bc d----c- [13:49 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_61fe236b d----c- [14:01 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_6fcb7488 d----c- [14:38 26/07/2013]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_cab_11e39868 d----c- [10:37 26/07/2013]
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\ProgramData\BrowserDefender d------ [09:35 07/07/2013]
C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender d------ [09:39 26/07/2013]
|
|
26.07.2013, 22:44
| #13 |
| | TR/Ransom.Blocker mein OTL-Log System Look Teil 5 Code:
ATTFilter Searching for "*SearchAnonymizer*"
No folders found.
Searching for "*Babylon*"
C:\ProgramData\Babylon d------ [09:38 26/07/2013]
C:\Users\All Users\Babylon d------ [09:38 26/07/2013]
C:\Users\***\AppData\Roaming\Babylon d------ [09:38 26/07/2013]
Searching for "*Delta*"
C:\Program Files (x86)\Delta d------ [09:39 26/07/2013]
C:\Program Files (x86)\Delta\delta d------ [09:39 26/07/2013]
C:\Users\***\AppData\Local\Temp\mt_ffx\Delta d------ [09:39 26/07/2013]
C:\Users\***\AppData\Local\Temp\mt_ffx\Delta\delta d------ [09:39 26/07/2013]
C:\Users\***\AppData\Roaming\Delta d------ [09:39 26/07/2013]
C:\Windows\Media\Delta dr--s-- [03:20 14/07/2009]
C:\Windows\winsxs\amd64_microsoft-windows-deltacompressionengine_31bf3856ad364e35_6.1.7600.16385_none_9c2159bf9f702069 d------ [03:20 14/07/2009]
C:\Windows\winsxs\amd64_microsoft-windows-deltapackageexpander_31bf3856ad364e35_6.1.7600.16385_none_c5d387d64eb8e1f2 d------ [03:20 14/07/2009]
C:\Windows\winsxs\amd64_microsoft-windows-deltapackageexpander_31bf3856ad364e35_6.1.7601.17514_none_c8049b9e4ba7658c d------ [13:32 20/03/2013]
C:\Windows\winsxs\amd64_microsoft-windows-s..l-soundthemes-delta_31bf3856ad364e35_6.1.7600.16385_none_fbf7e0678b64a4b8 d------ [05:30 14/07/2009]
C:\Windows\winsxs\x86_microsoft-windows-deltacompressionengine_31bf3856ad364e35_6.1.7600.16385_none_4002be3be712af33 d------ [03:20 14/07/2009]
C:\Windows\winsxs\x86_microsoft-windows-deltapackageexpander_31bf3856ad364e35_6.1.7600.16385_none_69b4ec52965b70bc d------ [03:20 14/07/2009]
C:\Windows\winsxs\x86_microsoft-windows-deltapackageexpander_31bf3856ad364e35_6.1.7601.17514_none_6be6001a9349f456 d------ [13:33 20/03/2013]
Searching for "*WebCake*"
No folders found.
Searching for "*DivX*"
C:\FRST\Quarantine\DivX d------ [00:11 23/07/2013]
C:\FRST\Quarantine\DivX\DivX d------ [00:19 23/07/2013]
C:\FRST\Quarantine\DivX\DivX\DivX Codec d------ [00:19 23/07/2013]
C:\Program Files (x86)\DivX d------ [00:14 23/07/2013]
C:\Program Files (x86)\Common Files\DivX Shared d------ [00:18 23/07/2013]
C:\Program Files (x86)\DivX\DivX Plus Web Player d------ [00:20 23/07/2013]
C:\Users\***\AppData\LocalLow\DivX_Browser_Bar_DE d------ [00:16 23/07/2013]
C:\Users\***\Videos\DivX Movies d------ [00:20 23/07/2013]
========== regfind ==========
Searching for "Feven"
[HKEY_CURRENT_USER\Software\Classes\Interface\{8BD21D12-EC42-11CE-9E0D-00AA006002F3}]
@="RefEvents"
[HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{8BD21D12-EC42-11CE-9E0D-00AA006002F3}]
@="RefEvents"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F6357A3-D1AE-41B7-8A3B-6DA4DCEEABDE}]
"Path"="\Feven-updater"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A09202C-4D51-481B-97FD-11DDAF8720F2}]
"Path"="\Feven-codedownloader"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0337E54-A674-4F4A-9978-E928F7A339F2}]
"Path"="\Feven-chromeinstaller"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D414980A-C6F6-40E3-9FA9-4B9448519819}]
"Path"="\Feven-enabler"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven-chromeinstaller]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven-codedownloader]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven-enabler]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven-updater]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Classes\Interface\{8BD21D12-EC42-11CE-9E0D-00AA006002F3}]
@="RefEvents"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Classes\Wow6432Node\Interface\{8BD21D12-EC42-11CE-9E0D-00AA006002F3}]
@="RefEvents"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001_Classes\Interface\{8BD21D12-EC42-11CE-9E0D-00AA006002F3}]
@="RefEvents"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001_Classes\Wow6432Node\Interface\{8BD21D12-EC42-11CE-9E0D-00AA006002F3}]
@="RefEvents"
Searching for "Plus-HD"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46B65791-2C6D-46D6-8879-0377381E4A91}]
"Path"="\Plus-HD-2.5-updater"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{484E80F2-2D24-48A4-9553-B704477907F1}]
"Path"="\Plus-HD-2.5-chromeinstaller"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A65704D1-D32F-4816-8DC8-FF4D6D53248E}]
"Path"="\Plus-HD-2.5-codedownloader"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4E1B981-079B-4BF2-9E24-B277C7BC64BF}]
"Path"="\Plus-HD-2.5-enabler"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.5-chromeinstaller]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.5-codedownloader]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.5-enabler]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.5-updater]
Searching for "Conduit"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\DivX_Browser_Bar_DE\toolbar\Repository\conduit_CT3297265]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\DivX_Browser_Bar_DE\toolbar\Repository\conduit_CT3297265_CT3297265]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\DivX_Browser_Bar_DE\toolbar\Repository\conduit_CT3297265_de]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\DivX_Browser_Bar_DE\toolbar\settings\FeatureProtector\BrowserSearch]
"URLFromService"="hxxp://search.conduit.com?SearchSource=10&ctid=CT3297265"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\DivX_Browser_Bar_DE\toolbar\settings\FeatureProtector\HomePage]
"URLFromService"="hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3297265"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Wajam]
"supported_sites.google.wajam_google_se_js"="try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';window['WAJAM_PATH'] = 'hxxp://www.wajam.com/'; window['WAJAM_PATH_HTTPS'] = 'https://www.wajam.com/'; window['WAJAM_PATH_ADS'] = 'hxxp://ads.wajam.com/'; window['WAJAM_PATH_HTTPS_ADS'] = 'https://ads.wajam.com/'; window['WAJAM_PATH_NEW_ADS'] = 'hxxp://social-ads.wajam.com'; window['WAJAM_PATH_HTTPS_NEW_ADS'] = 'https://social-ads.wajam.com'; window['WAJAM_CONTAINER_HEIGHT'] = '225px'; window['WAJAM_BROWSER'] = 'b'; window['WAJAM_BROWSER_VERSION'] = '1.21'; window['WAJAM_AFFILIATE'] = '4220';window['WAJAM_ENV'] = '0'; window['WAJAM_PLATFORM'] = navigator.platform;window['WAJAM_SEARCH_ENGINE'] = 'google'; window['WAJAM_SERVER_VERSION'] = '1.00274.0'; window['WAJAM_SUPPORT_CRC32_MAPPING'] = '0';
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Wajam]
"supported_sites.youtubesearch.wajam_se_js"="try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';window['WAJAM_PATH'] = 'hxxp://www.wajam.com/'; window['WAJAM_PATH_HTTPS'] = 'https://www.wajam.com/'; window['WAJAM_PATH_ADS'] = 'hxxp://ads.wajam.com/'; window['WAJAM_PATH_HTTPS_ADS'] = 'https://ads.wajam.com/'; window['WAJAM_PATH_NEW_ADS'] = 'hxxp://social-ads.wajam.com'; window['WAJAM_PATH_HTTPS_NEW_ADS'] = 'https://social-ads.wajam.com'; window['WAJAM_CONTAINER_HEIGHT'] = '225px'; window['WAJAM_BROWSER'] = 'b'; window['WAJAM_BROWSER_VERSION'] = '1.21'; window['WAJAM_AFFILIATE'] = '4220';window['WAJAM_ENV'] = '0'; window['WAJAM_PLATFORM'] = navigator.platform;window['WAJAM_SEARCH_ENGINE'] = 'youtubesearch'; window['WAJAM_SERVER_VERSION'] = '1.00274.0'; window['WAJAM_SUPPORT_CRC32_MAPPING']
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Wajam]
"supported_sites.yahoo.wajam_se_js"="try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';window['WAJAM_PATH'] = 'hxxp://www.wajam.com/'; window['WAJAM_PATH_HTTPS'] = 'https://www.wajam.com/'; window['WAJAM_PATH_ADS'] = 'hxxp://ads.wajam.com/'; window['WAJAM_PATH_HTTPS_ADS'] = 'https://ads.wajam.com/'; window['WAJAM_PATH_NEW_ADS'] = 'hxxp://social-ads.wajam.com'; window['WAJAM_PATH_HTTPS_NEW_ADS'] = 'https://social-ads.wajam.com'; window['WAJAM_CONTAINER_HEIGHT'] = '225px'; window['WAJAM_BROWSER'] = 'b'; window['WAJAM_BROWSER_VERSION'] = '1.21'; window['WAJAM_AFFILIATE'] = '4220';window['WAJAM_ENV'] = '0'; window['WAJAM_PLATFORM'] = navigator.platform;window['WAJAM_SEARCH_ENGINE'] = 'yahoo'; window['WAJAM_SERVER_VERSION'] = '1.00274.0'; window['WAJAM_SUPPORT_CRC32_MAPPING'] = '0'; window['
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Wajam]
"supported_sites.encryptedgoogle.wajam_google_js"="try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';window['WAJAM_PATH'] = 'hxxp://www.wajam.com/'; window['WAJAM_PATH_HTTPS'] = 'https://www.wajam.com/'; window['WAJAM_PATH_ADS'] = 'hxxp://ads.wajam.com/'; window['WAJAM_PATH_HTTPS_ADS'] = 'https://ads.wajam.com/'; window['WAJAM_PATH_NEW_ADS'] = 'hxxp://social-ads.wajam.com'; window['WAJAM_PATH_HTTPS_NEW_ADS'] = 'https://social-ads.wajam.com'; window['WAJAM_CONTAINER_HEIGHT'] = '225px'; window['WAJAM_BROWSER'] = 'b'; window['WAJAM_BROWSER_VERSION'] = '1.21'; window['WAJAM_AFFILIATE'] = '4220';window['WAJAM_ENV'] = '0'; window['WAJAM_PLATFORM'] = navigator.platform;window['WAJAM_SEARCH_ENGINE'] = 'google'; window['WAJAM_SERVER_VERSION'] = '1.00274.0'; window['WAJAM_SUPPORT_CRC32_MAPPING']
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Wajam]
"supported_sites.bing.wajam_yahoo_se_js"="try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';window['WAJAM_PATH'] = 'hxxp://www.wajam.com/'; window['WAJAM_PATH_HTTPS'] = 'https://www.wajam.com/'; window['WAJAM_PATH_ADS'] = 'hxxp://ads.wajam.com/'; window['WAJAM_PATH_HTTPS_ADS'] = 'https://ads.wajam.com/'; window['WAJAM_PATH_NEW_ADS'] = 'hxxp://social-ads.wajam.com'; window['WAJAM_PATH_HTTPS_NEW_ADS'] = 'https://social-ads.wajam.com'; window['WAJAM_CONTAINER_HEIGHT'] = '225px'; window['WAJAM_BROWSER'] = 'b'; window['WAJAM_BROWSER_VERSION'] = '1.21'; window['WAJAM_AFFILIATE'] = '4220';window['WAJAM_ENV'] = '0'; window['WAJAM_PLATFORM'] = navigator.platform;window['WAJAM_SEARCH_ENGINE'] = 'bing'; window['WAJAM_SERVER_VERSION'] = '1.00274.0'; window['WAJAM_SUPPORT_CRC32_MAPPING'] = '0'; wind
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Wajam]
"supported_sites.wikipedia.wajam_se_js"="try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';window['WAJAM_PATH'] = 'hxxp://www.wajam.com/'; window['WAJAM_PATH_HTTPS'] = 'https://www.wajam.com/'; window['WAJAM_PATH_ADS'] = 'hxxp://ads.wajam.com/'; window['WAJAM_PATH_HTTPS_ADS'] = 'https://ads.wajam.com/'; window['WAJAM_PATH_NEW_ADS'] = 'hxxp://social-ads.wajam.com'; window['WAJAM_PATH_HTTPS_NEW_ADS'] = 'https://social-ads.wajam.com'; window['WAJAM_CONTAINER_HEIGHT'] = '225px'; window['WAJAM_BROWSER'] = 'b'; window['WAJAM_BROWSER_VERSION'] = '1.21'; window['WAJAM_AFFILIATE'] = '4220';window['WAJAM_ENV'] = '0'; window['WAJAM_PLATFORM'] = navigator.platform;window['WAJAM_SEARCH_ENGINE'] = 'wikipedia'; window['WAJAM_SERVER_VERSION'] = '1.00274.0'; window['WAJAM_SUPPORT_CRC32_MAPPING'] = '0';
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs]
"url26"="hxxp://search.conduit.com/?ctid=CT3297265&octid=CT3297265&SearchSource=61&CUI=UN24652495911641414&UM=2&UP=SP9EBFC968-E412-4D30-B7CB-557515C2C7D7"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E193BDAC-C5DD-4A68-82B2-8106C99CC380}]
"AppPath"="C:\ProgramData\Conduit"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E193BDAC-C5DD-4A68-82B2-8106C99CC380}]
"AppName"="conduitutil.exe"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\AppDataLow\Software\DivX_Browser_Bar_DE\toolbar\Repository\conduit_CT3297265]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\AppDataLow\Software\DivX_Browser_Bar_DE\toolbar\Repository\conduit_CT3297265_CT3297265]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\AppDataLow\Software\DivX_Browser_Bar_DE\toolbar\Repository\conduit_CT3297265_de]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\AppDataLow\Software\DivX_Browser_Bar_DE\toolbar\settings\FeatureProtector\BrowserSearch]
"URLFromService"="hxxp://search.conduit.com?SearchSource=10&ctid=CT3297265"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\AppDataLow\Software\DivX_Browser_Bar_DE\toolbar\settings\FeatureProtector\HomePage]
"URLFromService"="hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3297265"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Wajam]
"supported_sites.google.wajam_google_se_js"="try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';window['WAJAM_PATH'] = 'hxxp://www.wajam.com/'; window['WAJAM_PATH_HTTPS'] = 'https://www.wajam.com/'; window['WAJAM_PATH_ADS'] = 'hxxp://ads.wajam.com/'; window['WAJAM_PATH_HTTPS_ADS'] = 'https://ads.wajam.com/'; window['WAJAM_PATH_NEW_ADS'] = 'hxxp://social-ads.wajam.com'; window['WAJAM_PATH_HTTPS_NEW_ADS'] = 'https://social-ads.wajam.com'; window['WAJAM_CONTAINER_HEIGHT'] = '225px'; window['WAJAM_BROWSER'] = 'b'; window['WAJAM_BROWSER_VERSION'] = '1.21'; window['WAJAM_AFFILIATE'] = '4220';window['WAJAM_ENV'] = '0'; window['WAJAM_PLATFORM'] = navigator.platform;window['WAJAM_SEARCH_ENGINE'] = 'google'; window['WAJAM_SERVER_VERSION'] = '1.00274.0'; windo
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Wajam]
"supported_sites.youtubesearch.wajam_se_js"="try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';window['WAJAM_PATH'] = 'hxxp://www.wajam.com/'; window['WAJAM_PATH_HTTPS'] = 'https://www.wajam.com/'; window['WAJAM_PATH_ADS'] = 'hxxp://ads.wajam.com/'; window['WAJAM_PATH_HTTPS_ADS'] = 'https://ads.wajam.com/'; window['WAJAM_PATH_NEW_ADS'] = 'hxxp://social-ads.wajam.com'; window['WAJAM_PATH_HTTPS_NEW_ADS'] = 'https://social-ads.wajam.com'; window['WAJAM_CONTAINER_HEIGHT'] = '225px'; window['WAJAM_BROWSER'] = 'b'; window['WAJAM_BROWSER_VERSION'] = '1.21'; window['WAJAM_AFFILIATE'] = '4220';window['WAJAM_ENV'] = '0'; window['WAJAM_PLATFORM'] = navigator.platform;window['WAJAM_SEARCH_ENGINE'] = 'youtubesearch'; window['WAJAM_SERVER_VERSION'] = '1.00274.0'
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Wajam]
"supported_sites.yahoo.wajam_se_js"="try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';window['WAJAM_PATH'] = 'hxxp://www.wajam.com/'; window['WAJAM_PATH_HTTPS'] = 'https://www.wajam.com/'; window['WAJAM_PATH_ADS'] = 'hxxp://ads.wajam.com/'; window['WAJAM_PATH_HTTPS_ADS'] = 'https://ads.wajam.com/'; window['WAJAM_PATH_NEW_ADS'] = 'hxxp://social-ads.wajam.com'; window['WAJAM_PATH_HTTPS_NEW_ADS'] = 'https://social-ads.wajam.com'; window['WAJAM_CONTAINER_HEIGHT'] = '225px'; window['WAJAM_BROWSER'] = 'b'; window['WAJAM_BROWSER_VERSION'] = '1.21'; window['WAJAM_AFFILIATE'] = '4220';window['WAJAM_ENV'] = '0'; window['WAJAM_PLATFORM'] = navigator.platform;window['WAJAM_SEARCH_ENGINE'] = 'yahoo'; window['WAJAM_SERVER_VERSION'] = '1.00274.0'; window['WAJAM_
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Wajam]
"supported_sites.encryptedgoogle.wajam_google_js"="try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';window['WAJAM_PATH'] = 'hxxp://www.wajam.com/'; window['WAJAM_PATH_HTTPS'] = 'https://www.wajam.com/'; window['WAJAM_PATH_ADS'] = 'hxxp://ads.wajam.com/'; window['WAJAM_PATH_HTTPS_ADS'] = 'https://ads.wajam.com/'; window['WAJAM_PATH_NEW_ADS'] = 'hxxp://social-ads.wajam.com'; window['WAJAM_PATH_HTTPS_NEW_ADS'] = 'https://social-ads.wajam.com'; window['WAJAM_CONTAINER_HEIGHT'] = '225px'; window['WAJAM_BROWSER'] = 'b'; window['WAJAM_BROWSER_VERSION'] = '1.21'; window['WAJAM_AFFILIATE'] = '4220';window['WAJAM_ENV'] = '0'; window['WAJAM_PLATFORM'] = navigator.platform;window['WAJAM_SEARCH_ENGINE'] = 'google'; window['WAJAM_SERVER_VERSION'] = '1.00274.0';
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Wajam]
"supported_sites.bing.wajam_yahoo_se_js"="try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';window['WAJAM_PATH'] = 'hxxp://www.wajam.com/'; window['WAJAM_PATH_HTTPS'] = 'https://www.wajam.com/'; window['WAJAM_PATH_ADS'] = 'hxxp://ads.wajam.com/'; window['WAJAM_PATH_HTTPS_ADS'] = 'https://ads.wajam.com/'; window['WAJAM_PATH_NEW_ADS'] = 'hxxp://social-ads.wajam.com'; window['WAJAM_PATH_HTTPS_NEW_ADS'] = 'https://social-ads.wajam.com'; window['WAJAM_CONTAINER_HEIGHT'] = '225px'; window['WAJAM_BROWSER'] = 'b'; window['WAJAM_BROWSER_VERSION'] = '1.21'; window['WAJAM_AFFILIATE'] = '4220';window['WAJAM_ENV'] = '0'; window['WAJAM_PLATFORM'] = navigator.platform;window['WAJAM_SEARCH_ENGINE'] = 'bing'; window['WAJAM_SERVER_VERSION'] = '1.00274.0'; window['WA
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Wajam]
"supported_sites.wikipedia.wajam_se_js"="try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';window['WAJAM_PATH'] = 'hxxp://www.wajam.com/'; window['WAJAM_PATH_HTTPS'] = 'https://www.wajam.com/'; window['WAJAM_PATH_ADS'] = 'hxxp://ads.wajam.com/'; window['WAJAM_PATH_HTTPS_ADS'] = 'https://ads.wajam.com/'; window['WAJAM_PATH_NEW_ADS'] = 'hxxp://social-ads.wajam.com'; window['WAJAM_PATH_HTTPS_NEW_ADS'] = 'https://social-ads.wajam.com'; window['WAJAM_CONTAINER_HEIGHT'] = '225px'; window['WAJAM_BROWSER'] = 'b'; window['WAJAM_BROWSER_VERSION'] = '1.21'; window['WAJAM_AFFILIATE'] = '4220';window['WAJAM_ENV'] = '0'; window['WAJAM_PLATFORM'] = navigator.platform;window['WAJAM_SEARCH_ENGINE'] = 'wikipedia'; window['WAJAM_SERVER_VERSION'] = '1.00274.0'; window
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Internet Explorer\TypedURLs]
"url26"="hxxp://search.conduit.com/?ctid=CT3297265&octid=CT3297265&SearchSource=61&CUI=UN24652495911641414&UM=2&UP=SP9EBFC968-E412-4D30-B7CB-557515C2C7D7"
Searching for "Browserdefender"
[HKEY_CURRENT_USER\Software\5a53d98ce668ea12]
"PROTECT_EXE_NAME"="BrowserDefender.exe"
[HKEY_CURRENT_USER\Software\5a53d98ce668ea12]
"SERVICE_NAME"="BrowserDefendert"
[HKEY_CURRENT_USER\Software\5a53d98ce668ea12]
"PROTECTOR_DLL_NAME"="BrowserDefender.dll"
[HKEY_CURRENT_USER\Software\5a53d98ce668ea12]
"INSTALL_FOLDER_NAME"="BrowserDefender"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\Debug]
"StoreLocation"="C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1bab7e34"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]
"DllName"="PCTBrowserDefender.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825}]
"DllName"="PCTBrowserDefender.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug]
"StoreLocation"="C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_10938e2b"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2803F4A8-C895-412B-8463-8F633CCFB559}]
"Path"="\BrowserDefendert"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\5a53d98ce668ea12]
"PROTECT_EXE_NAME"="BrowserDefender.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\5a53d98ce668ea12]
"SERVICE_NAME"="BrowserDefendert"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\5a53d98ce668ea12]
"PROTECTOR_DLL_NAME"="BrowserDefender.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\5a53d98ce668ea12]
"INSTALL_FOLDER_NAME"="BrowserDefender"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]
"DllName"="PCTBrowserDefender.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825}]
"DllName"="PCTBrowserDefender.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}]
"DisplayName"="BrowserDefender"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}]
"UninstallString"=""C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" /Uninstall /{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} /su=696037ba8dd43d71 /um"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}]
"UninstalLinkPath"="C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender\Uninstall BrowserDefender.lnk"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BrowserDefendert]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BrowserDefendert]
"ImagePath"="C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BrowserDefendert]
"DisplayName"="BrowserDefendert"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BrowserDefendert]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BrowserDefendert]
"ImagePath"="C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BrowserDefendert]
"DisplayName"="BrowserDefendert"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BrowserDefendert]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BrowserDefendert]
"ImagePath"="C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BrowserDefendert]
"DisplayName"="BrowserDefendert"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\5a53d98ce668ea12]
"PROTECT_EXE_NAME"="BrowserDefender.exe"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\5a53d98ce668ea12]
"SERVICE_NAME"="BrowserDefendert"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\5a53d98ce668ea12]
"PROTECTOR_DLL_NAME"="BrowserDefender.dll"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\5a53d98ce668ea12]
"INSTALL_FOLDER_NAME"="BrowserDefender"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Windows\Windows Error Reporting\Debug]
"StoreLocation"="C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_BrowserDefender._cf57741387cf259ec2a334e5e4540d964f571_1377ae0a"
Searching for "SearchAnonymizer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\SearchAnonymizer]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\Application\SearchAnonymizer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\SearchAnonymizer]
Searching for "Babylon"
[HKEY_CURRENT_USER\Software\5a53d98ce668ea12\2.6.1339.144]
"SpXmlFN"="babylon.xml"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
"FaviconURL"="search.babylon.com/favicon.ico"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\5a53d98ce668ea12\2.6.1339.144]
"SpXmlFN"="babylon.xml"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
"FaviconURL"="search.babylon.com/favicon.ico"
Searching for "Delta"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\.Default\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\.Default\Delta]
@="C:\Windows\Media\Delta\Windows Ding.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\ChangeTheme\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\ChangeTheme\Delta]
@="C:\Windows\Media\Delta\Windows Logon Sound.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\CriticalBatteryAlarm\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\CriticalBatteryAlarm\Delta]
@="C:\Windows\Media\Delta\Windows Battery Critical.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\DeviceConnect\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\DeviceConnect\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Insert.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\DeviceDisconnect\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\DeviceDisconnect\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Remove.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\DeviceFail\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\DeviceFail\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Fail.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\FaxBeep\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\FaxBeep\Delta]
@="C:\Windows\Media\Delta\Windows Notify.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\LowBatteryAlarm\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\LowBatteryAlarm\Delta]
@="C:\Windows\Media\Delta\Windows Battery Low.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\MailBeep\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\MailBeep\Delta]
@="C:\Windows\Media\Delta\Windows Notify.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\PrintComplete\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\PrintComplete\Delta]
@="C:\Windows\Media\Delta\Windows Print complete.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\SystemAsterisk\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\SystemAsterisk\Delta]
@="C:\Windows\Media\Delta\Windows Error.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\SystemExclamation\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\SystemExclamation\Delta]
@="C:\Windows\Media\Delta\Windows Exclamation.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\SystemExit\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\SystemHand\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\SystemHand\Delta]
@="C:\Windows\Media\Delta\Windows Critical Stop.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\SystemNotification\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\SystemNotification\Delta]
@="C:\Windows\Media\Delta\Windows Balloon.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\WindowsLogoff\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\WindowsLogoff\Delta]
@="C:\Windows\Media\Delta\Windows Logoff Sound.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\WindowsLogon\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\WindowsLogon\Delta]
@="C:\Windows\Media\Delta\Windows Logon Sound.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\WindowsUAC\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\.Default\WindowsUAC\Delta]
@="C:\Windows\Media\Delta\Windows User Account Control.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\BlockedPopup\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\BlockedPopup\Delta]
@="C:\Windows\Media\Delta\Windows Pop-up Blocked.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\EmptyRecycleBin\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\FaxError\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\FaxLineRings\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\FaxSent\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\FeedDiscovered\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\FeedDiscovered\Delta]
@="C:\Windows\Media\Delta\Windows Feed Discovered.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\Navigating\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\Navigating\Delta]
@="C:\Windows\Media\Delta\Windows Navigation Start.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\SecurityBand\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\SecurityBand\Delta]
@="C:\Windows\Media\Delta\Windows Information Bar.wav"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\sapisvr\DisNumbersSound\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\sapisvr\HubOffSound\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\sapisvr\HubOnSound\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\sapisvr\HubSleepSound\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\sapisvr\MisrecoSound\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\sapisvr\PanelSound\Delta]
[HKEY_CURRENT_USER\AppEvents\Schemes\Names\Delta]
[HKEY_CURRENT_USER\Software\5a53d98ce668ea12\2.6.1339.144]
"chrome_startup_urls_copy"="hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955"
[HKEY_CURRENT_USER\Software\5a53d98ce668ea12\2.6.1339.144]
"chrome homepages"="hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955"
[HKEY_CURRENT_USER\Software\5a53d98ce668ea12\2.6.1339.144]
"chrome search engines"="Delta Search snipesshop.de"
[HKEY_CURRENT_USER\Software\5a53d98ce668ea12\2.6.1339.144]
"chrome_startup_urls"="hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955"
[HKEY_CURRENT_USER\Software\BabSolution\Updater\Instances\Delta Chrome Toolbar]
[HKEY_CURRENT_USER\Software\BabSolution\Updater\Instances\Delta Chrome Toolbar]
"UninstKey"="Delta Chrome Toolbar"
[HKEY_CURRENT_USER\Software\Delta]
[HKEY_CURRENT_USER\Software\Delta\delta]
[HKEY_CURRENT_USER\Software\Delta\delta]
"lastB"="hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955"
[HKEY_CURRENT_USER\Software\Macromedia\Shockwave 10\uicontrol\sw3dbaddriverlist1]
@="*2k*savage/ix!^5.12.01.7012$79x=stbnvidiatnt16mb!=4.10.01.9131$o2k=diamondstealthiiis530!=5.12.01.8007-8.30.24$72k=m!=5.00.2180.3711$***=atigraphicsproturbopci(atim64-gx)!^9999.0.0.0$ont=nvidiageforce256!=4.00.1381.0327$****virge!^9999.0.0.0$*9x=ibmthinkpad(cyber9397dvd)!=4.10.01.2173$79x=mach64:ragepro!=4.11.2560$*2k=m!^5.12.01.1200$o9x=intel(r)82810graphicscontroller!=4.12.01.2656$o**=m!^5.12.01.1509$o2k=3dfxvoodooseries!=5.00.2195.0197$ont=3dfxvoodooseries!=4.00.1381.0229$o2k=diamondstealthiiis540!=5.12.01.8007-8.30.24$*9x*permedia2!^4.10.01.2359$****mystique!^9999.0.0.0$*9x*g400!^4.12.1.1710$***=2164w!^9999.0.0.0$*9x=mach64:ragepro!^4.10.1720$ont*3dblasterriva!^4.03.00.2100$ont*nvidia!^4.00.1381.0508$79x*nvidia!^4.12.01.0513$o9x*diamondviperv770!^4.11.01.0402$****g100!^9999.0.0.0$59x*nvidiariva128!=4.10.1713$ont*radeon!^4.3.3109$o2k*voodoobanshee!=5.00.2195.2b$o***permedia3!^4.12.01.2107$o***ragefury!^4.3.139$o***rage128
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"bProtector Start Page"="hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
"DisplayName"="Delta Search"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
"URL"="hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955"
[HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Namespace]
"LocalDelta"="C:\Users\Ulrike\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNSD.XML"
[HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Namespace]
"RemoteDelta"="C:\Users\Ulrike\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNSR.XML"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*]
"ContentViewModeLayoutPatternForBrowse"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*]
"ContentViewModeLayoutPatternForSearch"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\Instl\Data]
"hp_url"="hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\Instl\Data]
"sp_name"="Delta Search"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\Instl\Data]
"sp_url"="hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\Instl\Data]
"tb_url"="hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=TB_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\Instl\Data]
"nt_url"="hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\Instl\Data]
"kw_url"="hxxp://www1.delta-search.com/?babsrc=SP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\Instl\Data]
"dsFFX"="Delta Search"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\Instl\Data]
"uninstaller"="C:\Program Files (x86)\Delta\delta\1.8.22.0\uninstall.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\delta.deltaappCore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\delta.deltaappCore\CurVer]
@="delta.deltaappCore.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\delta.deltaappCore.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\delta.deltadskBnd]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\delta.deltadskBnd\CurVer]
@="delta.deltadskBnd.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\delta.deltadskBnd.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\delta.deltaHlpr]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\delta.deltaHlpr\CurVer]
@="delta.deltaHlpr.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\delta.deltaHlpr.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive]
"ContentViewModeLayoutPatternForBrowse"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\esrv.deltaESrvc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\esrv.deltaESrvc\CurVer]
@="esrv.deltaESrvc.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\esrv.deltaESrvc.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder]
"ContentViewModeLayoutPatternForBrowse"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Kind.Document]
"ContentViewModeLayoutPatternForBrowse"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Kind.Email]
"ContentViewModeLayoutPatternForBrowse"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Kind.Music]
"ContentViewModeLayoutPatternForBrowse"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Kind.Music]
"ContentViewModeLayoutPatternForSearch"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Kind.Picture]
"ContentViewModeLayoutPatternForBrowse"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Kind.Picture]
"ContentViewModeLayoutPatternForSearch"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Kind.Video]
"ContentViewModeLayoutPatternForBrowse"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Kind.Video]
"ContentViewModeLayoutPatternForSearch"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MAPI/IPM.Appointment]
"ContentViewModeLayoutPatternForBrowse"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MAPI/IPM.Appointment]
"ContentViewModeLayoutPatternForSearch"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MAPI/IPM.Contact]
"ContentViewModeLayoutPatternForBrowse"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MAPI/IPM.Contact]
"ContentViewModeLayoutPatternForSearch"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MAPI/IPM.Schedule.Meeting]
"ContentViewModeLayoutPatternForBrowse"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MAPI/IPM.Schedule.Meeting]
"ContentViewModeLayoutPatternForSearch"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Record\{8F6D68FF-81A4-3F8A-AD32-8E8DDDA7FC41}\2.0.0.0]
"Class"="System.Diagnostics.SymbolStore.SymbolLineDelta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Record\{8F6D68FF-81A4-3F8A-AD32-8E8DDDA7FC41}\4.0.0.0]
"Class"="System.Diagnostics.SymbolStore.SymbolLineDelta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.msg]
"ContentViewModeLayoutPatternForBrowse"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\.msg]
"ContentViewModeLayoutPatternForSearch"="delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}\1.0\0\win32]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0\deltasrv.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}\1.0\HELPDIR]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}\1.0]
@="deltaCmn 1.0 Type Library"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}\1.0\0\win32]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaEng.dll\2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}\1.0\HELPDIR]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\1.0\0\win32]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaTlbr.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\1.0\HELPDIR]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0\0\win32]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaApp.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0\HELPDIR]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}\LocalServer32]
@=""C:\Program Files (x86)\Delta\delta\1.8.22.0\deltasrv.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}\ProgID]
@="esrv.deltaESrvc.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}\VersionIndependentProgID]
@="esrv.deltaESrvc"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}\InprocServer32]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0\bh\delta.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}]
@="Delta Toolbar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}\InprocServer32]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaTlbr.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}\ProgID]
@="delta.deltadskBnd.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}\VersionIndependentProgID]
@="delta.deltadskBnd"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}\InprocServer32]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaEng.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
@="delta Helper Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}\InprocServer32]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0\bh\delta.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}\ProgID]
@="delta.deltaHlpr.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}\VersionIndependentProgID]
@="delta.deltaHlpr"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}\InprocServer32]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaApp.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}\ProgID]
@="delta.deltaappCore.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}\VersionIndependentProgID]
@="delta.deltaappCore"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\Instl\Data]
"hp_url"="hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\Instl\Data]
"sp_name"="Delta Search"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\Instl\Data]
"sp_url"="hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\Instl\Data]
"tb_url"="hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=TB_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\Instl\Data]
"nt_url"="hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\Instl\Data]
"kw_url"="hxxp://www1.delta-search.com/?babsrc=SP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\Instl\Data]
"dsFFX"="Delta Search"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\Instl\Data]
"uninstaller"="C:\Program Files (x86)\Delta\delta\1.8.22.0\uninstall.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}\1.0\0\win32]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0\deltasrv.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}\1.0\HELPDIR]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}\1.0]
@="deltaCmn 1.0 Type Library"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}\1.0\0\win32]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaEng.dll\2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}\1.0\HELPDIR]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\1.0\0\win32]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaTlbr.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\1.0\HELPDIR]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0\0\win32]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaApp.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0\HELPDIR]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-deltacompressionengine_31bf3856ad364e35_none_9afd56f432219a2e]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-deltapackageexpander_31bf3856ad364e35_none_0a20a2633b1984ad]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-s..l-soundthemes-delta_31bf3856ad364e35_none_f2cfa9dc6d3f5297]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-deltacompressionengine_31bf3856ad364e35_none_3edebb7079c428f8]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-deltapackageexpander_31bf3856ad364e35_none_ae0206df82bc1377]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Input Formats\Half SD]
"WinSAT_CPU Delta"="-1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Input Formats\HD Default]
"WinSAT_CPU Delta"="2.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Input Formats\SD AVC-MP4]
"WinSAT_CPU Delta"="0.2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Input Formats\SD AVC-MPG-ISO]
"WinSAT_CPU Delta"="0.2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Input Formats\SD AVC-MPG-TTS]
"WinSAT_CPU Delta"="0.2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Input Formats\SD Default]
"WinSAT_CPU Delta"="0.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Input Formats\SD WMV]
"WinSAT_CPU Delta"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009]
"Help"="3 The System performance object consists of counters that apply to more than one instance of a component processors on the computer. 5 The Memory performance object consists of counters that describe the behavior of physical and virtual memory on the computer. Physical memory is the amount of random access memory on the computer. Virtual memory consists of the space in physical memory and on disk. Many of the memory counters monitor paging, which is the movement of pages of code and data between disk and physical memory. Excessive paging, a symptom of a memory shortage, can cause delays which interfere with all system processes. 7 % Processor Time is the percentage of elapsed time that the processor spends to execute a non-Idle thread. It is calculated by measuring the percentage of time that the processor spends executing the idle thread and then subtracting that value from 100%. (Each processor has an idle thread tha
[HKEY_LOCAL_MACHINE\SOFTWARE\Realtek\AECBF\icrcAudioProcessingDemo\GSCBeamformer\PostFiltering]
"delta"="0.000100"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Delta]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Delta\delta]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Delta\delta\Instl]
"InstallDir"="C:\Program Files (x86)\Delta\delta\1.8.22.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde]
"path"="C:\Users\Ulrike\AppData\Roaming\BabSolution\CR\Delta.crx"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Hewlett-Packard\DigitalImaging\HP Photosmart Wireless B109n-z\Strings]
"ModelTarget"="0,0,[Pp][Hh][Oo][Tt][Oo][Ss][Mm][Aa][Rr][Tt] [Ww][Ii][Rr][Ee][Ll][Ee][Ss][Ss] B10[0-9][a-z]-[a-z]"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}]
"AppName"="deltasrv.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}]
"AppPath"="C:\Program Files (x86)\Delta\delta\1.8.22.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{82E1477C-B154-48D3-9891-33D83C26BCD3}"="Delta Toolbar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\14.0\CVH\Connect\{90140011-0066-0407-0000-0000000FF1CE}]
"deltaCacheFolderName"="140066.deu-90140011-66-407"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
@="delta Helper Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\delta]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\delta]
"DisplayName"="Delta toolbar "
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\delta]
"UninstallString"=""C:\Program Files (x86)\Delta\delta\1.8.22.0\uninstall.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\delta]
"DisplayIcon"=""C:\Program Files (x86)\Delta\delta\1.8.22.0\deltasrv.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\delta]
"Comments"="Delta toolbar "
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\delta]
"Publisher"="Delta"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar]
"UninstallString"=""C:\Users\Ulrike\AppData\Roaming\BabSolution\Shared\GUninstaller.exe" -key "Delta Chrome Toolbar" -rmkey -rmbus "Delta Chrome Toolbar" -ask -plgdll NTRedirect"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar]
"DisplayIcon"="C:\Users\Ulrike\AppData\Roaming\BabSolution\Shared\Delta.ico"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar]
"DisplayName"="Delta Chrome Toolbar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows Media Player NSS\3.0\Input Formats\Half SD]
"WinSAT_CPU Delta"="-1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows Media Player NSS\3.0\Input Formats\HD Default]
"WinSAT_CPU Delta"="2.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows Media Player NSS\3.0\Input Formats\SD AVC-MP4]
"WinSAT_CPU Delta"="0.2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows Media Player NSS\3.0\Input Formats\SD AVC-MPG-ISO]
"WinSAT_CPU Delta"="0.2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows Media Player NSS\3.0\Input Formats\SD AVC-MPG-TTS]
"WinSAT_CPU Delta"="0.2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows Media Player NSS\3.0\Input Formats\SD Default]
"WinSAT_CPU Delta"="0.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows Media Player NSS\3.0\Input Formats\SD WMV]
"WinSAT_CPU Delta"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Perflib\009]
"Help"="3 The System performance object consists of counters that apply to more than one instance of a component processors on the computer. 5 The Memory performance object consists of counters that describe the behavior of physical and virtual memory on the computer. Physical memory is the amount of random access memory on the computer. Virtual memory consists of the space in physical memory and on disk. Many of the memory counters monitor paging, which is the movement of pages of code and data between disk and physical memory. Excessive paging, a symptom of a memory shortage, can cause delays which interfere with all system processes. 7 % Processor Time is the percentage of elapsed time that the processor spends to execute a non-Idle thread. It is calculated by measuring the percentage of time that the processor spends executing the idle thread and then subtracting that value from 100%. (Each processor has an idl
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}\LocalServer32]
@=""C:\Program Files (x86)\Delta\delta\1.8.22.0\deltasrv.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}\ProgID]
@="esrv.deltaESrvc.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}\VersionIndependentProgID]
@="esrv.deltaESrvc"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}\InprocServer32]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0\bh\delta.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}]
@="Delta Toolbar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}\InprocServer32]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaTlbr.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}\ProgID]
@="delta.deltadskBnd.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}\VersionIndependentProgID]
@="delta.deltadskBnd"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}\InprocServer32]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaEng.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
@="delta Helper Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}\InprocServer32]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0\bh\delta.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}\ProgID]
@="delta.deltaHlpr.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}\VersionIndependentProgID]
@="delta.deltaHlpr"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}\InprocServer32]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaApp.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}\ProgID]
@="delta.deltaappCore.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}\VersionIndependentProgID]
@="delta.deltaappCore"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\Instl\Data]
"hp_url"="hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\Instl\Data]
"sp_name"="Delta Search"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\Instl\Data]
"sp_url"="hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\Instl\Data]
"tb_url"="hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=TB_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\Instl\Data]
"nt_url"="hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\Instl\Data]
"kw_url"="hxxp://www1.delta-search.com/?babsrc=SP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\Instl\Data]
"dsFFX"="Delta Search"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\Instl\Data]
"uninstaller"="C:\Program Files (x86)\Delta\delta\1.8.22.0\uninstall.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}\1.0\0\win32]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0\deltasrv.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}\1.0\HELPDIR]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}\1.0]
@="deltaCmn 1.0 Type Library"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}\1.0\0\win32]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaEng.dll\2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}\1.0\HELPDIR]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\1.0\0\win32]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaTlbr.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\1.0\HELPDIR]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0\0\win32]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaApp.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0\HELPDIR]
@="C:\Program Files (x86)\Delta\delta\1.8.22.0"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\Namespace]
"LocalDelta"="C:\Users\***\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNSD.XML"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\Namespace]
"RemoteDelta"="C:\Users\***\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNSR.XML"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\.Default\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\.Default\Delta]
@="C:\Windows\Media\Delta\Windows Ding.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\ChangeTheme\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\ChangeTheme\Delta]
@="C:\Windows\Media\Delta\Windows Logon Sound.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\CriticalBatteryAlarm\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\CriticalBatteryAlarm\Delta]
@="C:\Windows\Media\Delta\Windows Battery Critical.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\DeviceConnect\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\DeviceConnect\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Insert.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\DeviceDisconnect\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\DeviceDisconnect\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Remove.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\DeviceFail\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\DeviceFail\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Fail.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\FaxBeep\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\FaxBeep\Delta]
@="C:\Windows\Media\Delta\Windows Notify.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\LowBatteryAlarm\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\LowBatteryAlarm\Delta]
@="C:\Windows\Media\Delta\Windows Battery Low.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\MailBeep\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\MailBeep\Delta]
@="C:\Windows\Media\Delta\Windows Notify.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\PrintComplete\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\PrintComplete\Delta]
@="C:\Windows\Media\Delta\Windows Print complete.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\SystemAsterisk\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\SystemAsterisk\Delta]
@="C:\Windows\Media\Delta\Windows Error.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\SystemExclamation\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\SystemExclamation\Delta]
@="C:\Windows\Media\Delta\Windows Exclamation.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\SystemExit\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\SystemHand\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\SystemHand\Delta]
@="C:\Windows\Media\Delta\Windows Critical Stop.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\SystemNotification\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\SystemNotification\Delta]
@="C:\Windows\Media\Delta\Windows Balloon.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\WindowsLogoff\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\WindowsLogoff\Delta]
@="C:\Windows\Media\Delta\Windows Logoff Sound.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\WindowsLogon\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\WindowsLogon\Delta]
@="C:\Windows\Media\Delta\Windows Logon Sound.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\WindowsUAC\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\.Default\WindowsUAC\Delta]
@="C:\Windows\Media\Delta\Windows User Account Control.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\Explorer\BlockedPopup\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\Explorer\BlockedPopup\Delta]
@="C:\Windows\Media\Delta\Windows Pop-up Blocked.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\Explorer\EmptyRecycleBin\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\Explorer\FaxError\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\Explorer\FaxLineRings\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\Explorer\FaxSent\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\Explorer\FeedDiscovered\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\Explorer\FeedDiscovered\Delta]
@="C:\Windows\Media\Delta\Windows Feed Discovered.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\Explorer\Navigating\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\Explorer\Navigating\Delta]
@="C:\Windows\Media\Delta\Windows Navigation Start.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\Explorer\SecurityBand\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\Explorer\SecurityBand\Delta]
@="C:\Windows\Media\Delta\Windows Information Bar.wav"
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\sapisvr\DisNumbersSound\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\sapisvr\HubOffSound\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\sapisvr\HubOnSound\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\sapisvr\HubSleepSound\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\sapisvr\MisrecoSound\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\sapisvr\PanelSound\Delta]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Names\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\.Default\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\.Default\Delta]
@="C:\Windows\Media\Delta\Windows Ding.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\ChangeTheme\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\ChangeTheme\Delta]
@="C:\Windows\Media\Delta\Windows Logon Sound.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\CriticalBatteryAlarm\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\CriticalBatteryAlarm\Delta]
@="C:\Windows\Media\Delta\Windows Battery Critical.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\DeviceConnect\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\DeviceConnect\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Insert.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\DeviceDisconnect\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\DeviceDisconnect\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Remove.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\DeviceFail\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\DeviceFail\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Fail.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\FaxBeep\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\FaxBeep\Delta]
@="C:\Windows\Media\Delta\Windows Notify.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\LowBatteryAlarm\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\LowBatteryAlarm\Delta]
@="C:\Windows\Media\Delta\Windows Battery Low.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\MailBeep\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\MailBeep\Delta]
@="C:\Windows\Media\Delta\Windows Notify.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\PrintComplete\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\PrintComplete\Delta]
@="C:\Windows\Media\Delta\Windows Print complete.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\SystemAsterisk\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\SystemAsterisk\Delta]
@="C:\Windows\Media\Delta\Windows Error.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\SystemExclamation\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\SystemExclamation\Delta]
@="C:\Windows\Media\Delta\Windows Exclamation.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\SystemExit\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\SystemHand\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\SystemHand\Delta]
@="C:\Windows\Media\Delta\Windows Critical Stop.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\SystemNotification\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\SystemNotification\Delta]
@="C:\Windows\Media\Delta\Windows Balloon.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\WindowsLogoff\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\WindowsLogoff\Delta]
@="C:\Windows\Media\Delta\Windows Logoff Sound.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\WindowsLogon\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\WindowsLogon\Delta]
@="C:\Windows\Media\Delta\Windows Logon Sound.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\WindowsUAC\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\.Default\WindowsUAC\Delta]
@="C:\Windows\Media\Delta\Windows User Account Control.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Explorer\BlockedPopup\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Explorer\BlockedPopup\Delta]
@="C:\Windows\Media\Delta\Windows Pop-up Blocked.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Explorer\EmptyRecycleBin\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Explorer\FaxError\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Explorer\FaxLineRings\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Explorer\FaxSent\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Explorer\FeedDiscovered\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Explorer\FeedDiscovered\Delta]
@="C:\Windows\Media\Delta\Windows Feed Discovered.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Explorer\Navigating\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Explorer\Navigating\Delta]
@="C:\Windows\Media\Delta\Windows Navigation Start.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Explorer\SecurityBand\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Explorer\SecurityBand\Delta]
@="C:\Windows\Media\Delta\Windows Information Bar.wav"
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\sapisvr\DisNumbersSound\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\sapisvr\HubOffSound\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\sapisvr\HubOnSound\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\sapisvr\HubSleepSound\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\sapisvr\MisrecoSound\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\sapisvr\PanelSound\Delta]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Names\Delta]
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\Namespace]
"LocalDelta"="C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNSD.XML"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\Namespace]
"RemoteDelta"="C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNSR.XML"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\.Default\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\.Default\Delta]
@="C:\Windows\Media\Delta\Windows Ding.wav"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\ChangeTheme\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\ChangeTheme\Delta]
@="C:\Windows\Media\Delta\Windows Logon Sound.wav"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\CriticalBatteryAlarm\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\CriticalBatteryAlarm\Delta]
@="C:\Windows\Media\Delta\Windows Battery Critical.wav"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\DeviceConnect\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\DeviceConnect\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Insert.wav"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\DeviceDisconnect\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\DeviceDisconnect\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Remove.wav"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\DeviceFail\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\DeviceFail\Delta]
@="C:\Windows\Media\Delta\Windows Hardware Fail.wav"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\FaxBeep\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\FaxBeep\Delta]
@="C:\Windows\Media\Delta\Windows Notify.wav"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\LowBatteryAlarm\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\LowBatteryAlarm\Delta]
@="C:\Windows\Media\Delta\Windows Battery Low.wav"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\MailBeep\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\MailBeep\Delta]
@="C:\Windows\Media\Delta\Windows Notify.wav"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\PrintComplete\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\PrintComplete\Delta]
@="C:\Windows\Media\Delta\Windows Print complete.wav"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\SystemAsterisk\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\SystemAsterisk\Delta]
@="C:\Windows\Media\Delta\Windows Error.wav"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\SystemExclamation\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\SystemExclamation\Delta]
@="C:\Windows\Media\Delta\Windows Exclamation.wav"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\SystemExit\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\SystemHand\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\SystemHand\Delta]
@="C:\Windows\Media\Delta\Windows Critical Stop.wav"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\SystemNotification\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\SystemNotification\Delta]
@="C:\Windows\Media\Delta\Windows Balloon.wav"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\WindowsLogoff\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\WindowsLogoff\Delta]
@="C:\Windows\Media\Delta\Windows Logoff Sound.wav"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\WindowsLogon\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\WindowsLogon\Delta]
@="C:\Windows\Media\Delta\Windows Logon Sound.wav"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\WindowsUAC\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\.Default\WindowsUAC\Delta]
@="C:\Windows\Media\Delta\Windows User Account Control.wav"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\Explorer\BlockedPopup\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\Explorer\BlockedPopup\Delta]
@="C:\Windows\Media\Delta\Windows Pop-up Blocked.wav"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\Explorer\EmptyRecycleBin\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\Explorer\FaxError\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\Explorer\FaxLineRings\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\Explorer\FaxSent\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\Explorer\FeedDiscovered\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\Explorer\FeedDiscovered\Delta]
@="C:\Windows\Media\Delta\Windows Feed Discovered.wav"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\Explorer\Navigating\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\Explorer\Navigating\Delta]
@="C:\Windows\Media\Delta\Windows Navigation Start.wav"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\Explorer\SecurityBand\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\Explorer\SecurityBand\Delta]
@="C:\Windows\Media\Delta\Windows Information Bar.wav"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\sapisvr\DisNumbersSound\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\sapisvr\HubOffSound\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\sapisvr\HubOnSound\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\sapisvr\HubSleepSound\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\sapisvr\MisrecoSound\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Apps\sapisvr\PanelSound\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\AppEvents\Schemes\Names\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\5a53d98ce668ea12\2.6.1339.144]
"chrome_startup_urls_copy"="hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\5a53d98ce668ea12\2.6.1339.144]
"chrome homepages"="hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\5a53d98ce668ea12\2.6.1339.144]
"chrome search engines"="Delta Search snipesshop.de"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\5a53d98ce668ea12\2.6.1339.144]
"chrome_startup_urls"="hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\BabSolution\Updater\Instances\Delta Chrome Toolbar]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\BabSolution\Updater\Instances\Delta Chrome Toolbar]
"UninstKey"="Delta Chrome Toolbar"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Delta\delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Delta\delta]
"lastB"="hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Macromedia\Shockwave 10\uicontrol\sw3dbaddriverlist1]
@="*2k*savage/ix!^5.12.01.7012$79x=stbnvidiatnt16mb!=4.10.01.9131$o2k=diamondstealthiiis530!=5.12.01.8007-8.30.24$72k=m!=5.00.2180.3711$***=atigraphicsproturbopci(atim64-gx)!^9999.0.0.0$ont=nvidiageforce256!=4.00.1381.0327$****virge!^9999.0.0.0$*9x=ibmthinkpad(cyber9397dvd)!=4.10.01.2173$79x=mach64:ragepro!=4.11.2560$*2k=m!^5.12.01.1200$o9x=intel(r)82810graphicscontroller!=4.12.01.2656$o**=m!^5.12.01.1509$o2k=3dfxvoodooseries!=5.00.2195.0197$ont=3dfxvoodooseries!=4.00.1381.0229$o2k=diamondstealthiiis540!=5.12.01.8007-8.30.24$*9x*permedia2!^4.10.01.2359$****mystique!^9999.0.0.0$*9x*g400!^4.12.1.1710$***=2164w!^9999.0.0.0$*9x=mach64:ragepro!^4.10.1720$ont*3dblasterriva!^4.03.00.2100$ont*nvidia!^4.00.1381.0508$79x*nvidia!^4.12.01.0513$o9x*diamondviperv770!^4.11.01.0402$****g100!^9999.0.0.0$59x*nvidiariva128!=4.10.1713$ont*radeon!^4.3.3109$o2k*voodoobanshee!=5.00.2195.2b$o***permedia3!^4.12.01
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Internet Explorer\Main]
"bProtector Start Page"="hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
"DisplayName"="Delta Search"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
"URL"="hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1E7E5CAC4C3D18C9&affID=119556&tsp=4955"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Windows Media\WMSDK\Namespace]
"LocalDelta"="C:\Users\***\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNSD.XML"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Windows Media\WMSDK\Namespace]
"RemoteDelta"="C:\Users\***\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNSR.XML"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\Namespace]
"LocalDelta"="C:\Users\***\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNSD.XML"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\Namespace]
"RemoteDelta"="C:\Users\***\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNSR.XML"
Code:
ATTFilter Searching for "WebCake"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\WebCakeUpdaterService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\Application\WebCakeUpdaterService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\WebCakeUpdaterService]
Searching for "DivX"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\DivX]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\DivX\Settings\WebPlayer]
"downloadFolder"="DIVX_MOVIES"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\DivX_Browser_Bar_DE]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.div\UserChoice]
"Progid"="divx_div_file"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.divx]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.divx\UserChoice]
"Progid"="divx_divx_file"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\UserChoice]
"Progid"="divx_mkv_file"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tix]
"Progid"="divx_tix_file"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tix\UserChoice]
"Progid"="divx_tix_file"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.VOB\UserChoice]
"Progid"="divx_vob_file"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\MIMEAssociations\ICM.DIV4\UserChoice]
"Progid"="RealPlayer.DIVX.6"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\MIMEAssociations\ICM.DIV6\UserChoice]
"Progid"="RealPlayer.DIVX.6"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\MIMEAssociations\ICM.DIVX1]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\MIMEAssociations\ICM.DIVX1\UserChoice]
"Progid"="RealPlayer.DIVX.6"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\MIMEAssociations\ICM.DX50\UserChoice]
"Progid"="RealPlayer.DIVX.6"
[HKEY_CURRENT_USER\Software\Netscape\Netscape Navigator\Viewers]
"TYPE44"="ICM.DIVX1"
[HKEY_CURRENT_USER\Software\RealNetworks\RealShare\15.0\Preferences\MountPoints\DT_Plugins\PluginHandlerData\PluginInfo0]
@="{IndexNumber~N0~LoadMultiple~N1~Renderer_Granularity~N50~Version~N-268414867~Copyright~SCopyright(c) RealNetworks, Inc. 1995-2009. All rights reserved. Source code for this program is available under the RealNetworks Public Source License. (hxxp://www.helixcommunity.org)~Description~S3GPP Timed Text Renderer Plugin~PlgCopy~Shxxp://www.helixcommunity.org~PluginFilename~S3gppttrenderer.dll~PluginType~SPLUGIN_RENDERER~RendererMime~Svideo/X-RN-3GPP-TEXT}{IndexNumber~N0~LoadMultiple~N1~Version~N-268414867~Copyright~SCopyright(c) RealNetworks, Inc. 2003-2005. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA AAC Audio Format~FileExtensions~SAAC~FileMime~Saudio/aac|audio/aacp~PlgCopy~Shxxp://www.helixcommunity.org~PluginFilename~Saacff.dll~PluginType~SPLUGIN_FILE_FORMAT}{IndexNumber~N0~LoadMultiple~N1~Version~N-
[HKEY_CURRENT_USER\Software\RealNetworks\RealShare\15.0\Preferences\MountPoints\DT_Plugins\PluginHandlerData\PluginInfo2]
@="egurl|audio/scpls|audio/x-scpls~FileOpenNames~SMP3 Playlist Files (*.m3u,*.pls,*.xpl)~PlgCopy~Shxxp://www.helixcommunity.org~PluginFilename~Smp3metaff.dll~PluginType~SPLUGIN_FILE_FORMAT}{IndexNumber~N0~LoadMultiple~N1~Renderer_Granularity~N50~Version~N0~Copyright~SCopyright(c) RealNetworks, Inc. 1995-2009. All rights reserved. Source code for this program is available under the RealNetworks Public Source License. (hxxp://www.helixcommunity.org)~Description~SRealNetworks MPEG Renderer Plugin~PlgCopy~Shxxp://www.helixcommunity.org~PluginFilename~Smp3render.dll~PluginType~SPLUGIN_RENDERER~RendererMime~Saudio/X-MP3-draft-00|audio/X-MP3-draft-00-RN|audio/MPEG-ELEMENTARY|audio/MPEG-ELEMENTARY-RN|audio/MPEG-ELEMENTARY-RAW|audio/rn-mpeg|audio/mpa-robust|audio/MPA|audio/mp1s|audio/mp2p|audio/vnd.rn-mp1s|audio/vnd.rn-mp2p}{IndexNumber~N0~LoadMultiple~N1~Version~N-268414867~Copyright~SCopyright(c
[HKEY_CURRENT_USER\Software\RealNetworks\RealShare\16.0\Preferences\MountPoints\DT_Plugins\PluginHandlerData\PluginInfo0]
@="{IndexNumber~N0~LoadMultiple~N1~Renderer_Granularity~N50~Version~N8224~Copyright~SCopyright(c) RealNetworks, Inc. 1995-2009. All rights reserved. Source code for this program is available under the RealNetworks Public Source License. (hxxp://www.helixcommunity.org)~Description~S3GPP Timed Text Renderer Plugin~PlgCopy~Shxxp://www.helixcommunity.org~PluginFilename~S3gppttrenderer.dll~PluginType~SPLUGIN_RENDERER~RendererMime~Svideo/X-RN-3GPP-TEXT}{IndexNumber~N0~LoadMultiple~N1~Version~N8224~Copyright~SCopyright(c) RealNetworks, Inc. 2003-2005. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA AAC Audio Format~FileExtensions~SAAC~FileMime~Saudio/aac|audio/aacp~PlgCopy~Shxxp://www.helixcommunity.org~PluginFilename~Saacff.dll~PluginType~SPLUGIN_FILE_FORMAT}{IndexNumber~N0~LoadMultiple~N1~Version~N8224~Copyrigh
[HKEY_CURRENT_USER\Software\RealNetworks\RealShare\16.0\Preferences\MountPoints\DT_Plugins\PluginHandlerData\PluginInfo2]
@="rity~N50~Version~N0~Copyright~SCopyright(c) RealNetworks, Inc. 1995-2009. All rights reserved. Source code for this program is available under the RealNetworks Public Source License. (hxxp://www.helixcommunity.org)~Description~SRealNetworks MPEG Renderer Plugin~PlgCopy~Shxxp://www.helixcommunity.org~PluginFilename~Smp3render.dll~PluginType~SPLUGIN_RENDERER~RendererMime~Saudio/X-MP3-draft-00|audio/X-MP3-draft-00-RN|audio/MPEG-ELEMENTARY|audio/MPEG-ELEMENTARY-RN|audio/MPEG-ELEMENTARY-RAW|audio/rn-mpeg|audio/mpa-robust|audio/MPA|audio/mp1s|audio/mp2p|audio/vnd.rn-mp1s|audio/vnd.rn-mp2p}{IndexNumber~N0~LoadMultiple~N1~Version~N8224~Copyright~SCopyright(c) RealNetworks, Inc. 1995-2009. All rights reserved. Source code for this program is available under the RealNetworks Public Source License. (hxxp://www.helixcommunity.org)~Description~SHelix MP3 File Writer Plugin~FileExtensions~Smp3~FileM
[HKEY_CURRENT_USER\Software\Classes\Applications\RealPlay.exe\SupportedTypes]
".divx"=""
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\DivX\DivX Plus Player\DivX Plus Player.exe"="DivX Plus Player"
[HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\ICM.DIV4]
"Extension"=".divx"
[HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\ICM.DIV6]
"Extension"=".divx"
[HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\ICM.DIVX1]
[HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\ICM.DIVX1]
"Extension"=".divx"
[HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\ICM.DX50]
"Extension"=".divx"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.div]
"Content Type"="video/divx"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{C550CA6A-FFC7-4A72-8F3C-1DE830918F12}]
@="DivX Media Foundation ACM Wrapper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\RealPlay.exe\SupportedTypes]
".divx"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DivX.MediaFoundationACMWrapper]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DivX.MediaFoundationACMWrapper]
@="DivX Media Foundation ACM Wrapper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DivX.MediaFoundationACMWrapper\CurVer]
@="DivX.MediaFoundationACMWrapper.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DivX.MediaFoundationACMWrapper.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DivX.MediaFoundationACMWrapper.1]
@="DivX Media Foundation ACM Wrapper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\ICM.DIV4]
"Extension"=".divx"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\ICM.DIV6]
"Extension"=".divx"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\ICM.DIVX1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\ICM.DIVX1]
"Extension"=".divx"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\ICM.DX50]
"Extension"=".divx"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{929BADAA-0D97-4699-916C-FFBBDA91485D}\1.0\0\win32]
@="C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\ACMWrapperDMO.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B6A3B2ED-EE52-40D6-AC41-BD42EBC95AA4}\1.0\0\win32]
@="C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B6A3B2ED-EE52-40D6-AC41-BD42EBC95AA4}\1.0\HELPDIR]
@="C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{136DCBF5-3874-4B70-AE3E-15997D6334F7}\InprocServer32]
@="C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{349AE5F4-92DB-4EEC-A14F-6595FF5C42DE}\InProcServer32]
@="C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\ACMWrapperDMO.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{4578D46F-1AAF-4FA6-AD9C-401A97CFA291}\InprocServer32]
@="C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{601D45EA-8352-4D12-8E1D-F79618DB6244}]
@="DivX Media Foundation ACM Wrapper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{601D45EA-8352-4D12-8E1D-F79618DB6244}\InprocServer32]
@="C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\ACMWrapperDMO.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{601D45EA-8352-4D12-8E1D-F79618DB6244}\ProgID]
@="DivX.MediaFoundationACMWrapper.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{601D45EA-8352-4D12-8E1D-F79618DB6244}\VersionIndependentProgID]
@="DivX.MediaFoundationACMWrapper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A8786FBA-B1E0-41D8-9A3E-F56D4E226A51}\InprocServer32]
@="C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DEE56715-7081-4D57-91A7-984AE2712268}\InprocServer32]
@="C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F7EF9722-1DEA-4430-B830-C54B382FC90C}\InprocServer32]
@="C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\{C550CA6A-FFC7-4A72-8F3C-1DE830918F12}]
@="DivX Media Foundation ACM Wrapper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{929BADAA-0D97-4699-916C-FFBBDA91485D}\1.0\0\win32]
@="C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\ACMWrapperDMO.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{B6A3B2ED-EE52-40D6-AC41-BD42EBC95AA4}\1.0\0\win32]
@="C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{B6A3B2ED-EE52-40D6-AC41-BD42EBC95AA4}\1.0\HELPDIR]
@="C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins"
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX]
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Shortcuts\DivXPlusShortcuts]
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Shortcuts\DivXPlusShortcuts\Shortcuts\Link\887C705F7DA34748AC162793131482EB]
"0"="C:\Users\Ulrike\Desktop\DivX Movies.lnk"
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Shortcuts\DivXPlusShortcuts\Shortcuts\Link\887C705F7DA34748AC162793131482EB]
"1"="C:\Users\Ulrike\Videos\DivX Movies\Verbessern Sie die Soundtracks Ihrer Videos.lnk"
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Shortcuts\DivXPlusShortcuts\Shortcuts\Link\887C705F7DA34748AC162793131482EB]
"2"="C:\Users\Ulrike\Videos\DivX Movies\DivX.com.lnk"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\DeviceShims\D-Link Systems, Inc\Wireless Media Player\DSM-520]
"SinkProtocolInfo"="http-get:*:audio/x-ms-wma:themediamall.com.trick=seek;AUDIO_CODEC=WMA2;AUDIO_CODEC=WMA3,http-get:*:audio/x-aiff:*,http-get:*:audio/mpeg:*,http-get:*:audio/mp3:*,http-get:*:audio/x-wav:*,http-get:*:audio/lpcm:*,http-get:*:audio/x-mpegurl:*,http-get:*:audio/x-ms-asx:AUDIO_CODEC=WMA2;AUDIO_CODEC=WMA3,http-get:*:audio/vnd.dlna.adts:*,http-get:*:audio/ac3:*,http-get:*:audio/mp4:AUDIO_CODEC=AAC,http-get:*:audio/vnd.dlna.adts:AUDIO_CODEC=AAC,http-get:*:application/ogg:*,http-get:*:video/mpeg:VIDEO_CODEC=MPEG1;VIDEO_CODEC=MPEG2;VIDEO_CODEC=MPEG4;VIDEO_GMC=NO;AUDIO_CODEC=MPEG1L1;AUDIO_CODEC=MPEG1L2;AUDIO_CODEC=MPEG1L3;AUDIO_CODEC=MPEG2L1;AUDIO_CODEC=MPEG2L2;AUDIO_CODEC=MPEG2L3;AUDIO_CODEC=AC3;AUDIO_CODEC=DTS;AUDIO_CODEC=LPCM,http-get:*:video/mpeg2:VIDEO_CODEC=MPEG1;VIDEO_CODEC=MPEG2;VIDEO_CODEC=MPEG4;VIDEO_GMC=NO;AUDIO_CODEC=MPEG1L1;AUDIO_CODEC=MPEG1L2;AUDIO_CODEC=MPEG
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\DivX]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\DivXNetworks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\DivXNetworks\DivX4Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{248C7271-7BAE-4375-893B-0A6E88CD3BED}]
"AppPath"="C:\Program Files (x86)\DivX\DivX Plus Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{248C7271-7BAE-4375-893B-0A6E88CD3BED}]
"AppName"="DivX Plus Player.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89AED3F1-E3D6-4D3A-BA53-14B474145DFC}]
"AppPath"="C:\Program Files (x86)\DivX\DivX Plus Converter"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89AED3F1-E3D6-4D3A-BA53-14B474145DFC}]
"AppName"="DivXConverterLauncher.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EBEEFCAC-5F71-4737-83A0-C54A8FE1BBA7}]
"AppPath"="C:\Program Files (x86)\DivX\DivX Media Server"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EBEEFCAC-5F71-4737-83A0-C54A8FE1BBA7}]
"AppName"="DivXMediaServer.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC0BD41F-F126-4378-A0BD-66A487F1496E}]
"AppPath"="C:\Program Files (x86)\DivX\Setup"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC0BD41F-F126-4378-A0BD-66A487F1496E}]
"AppName"="DivXSetup.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7B63B2922B174135AFC0E1377DD81EC2}]
"Cart URL override"="hxxp://go.divx.com/divx/create/buy/de"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows Media Player NSS\3.0\DeviceShims\D-Link Systems, Inc\Wireless Media Player\DSM-520]
"SinkProtocolInfo"="http-get:*:audio/x-ms-wma:themediamall.com.trick=seek;AUDIO_CODEC=WMA2;AUDIO_CODEC=WMA3,http-get:*:audio/x-aiff:*,http-get:*:audio/mpeg:*,http-get:*:audio/mp3:*,http-get:*:audio/x-wav:*,http-get:*:audio/lpcm:*,http-get:*:audio/x-mpegurl:*,http-get:*:audio/x-ms-asx:AUDIO_CODEC=WMA2;AUDIO_CODEC=WMA3,http-get:*:audio/vnd.dlna.adts:*,http-get:*:audio/ac3:*,http-get:*:audio/mp4:AUDIO_CODEC=AAC,http-get:*:audio/vnd.dlna.adts:AUDIO_CODEC=AAC,http-get:*:application/ogg:*,http-get:*:video/mpeg:VIDEO_CODEC=MPEG1;VIDEO_CODEC=MPEG2;VIDEO_CODEC=MPEG4;VIDEO_GMC=NO;AUDIO_CODEC=MPEG1L1;AUDIO_CODEC=MPEG1L2;AUDIO_CODEC=MPEG1L3;AUDIO_CODEC=MPEG2L1;AUDIO_CODEC=MPEG2L2;AUDIO_CODEC=MPEG2L3;AUDIO_CODEC=AC3;AUDIO_CODEC=DTS;AUDIO_CODEC=LPCM,http-get:*:video/mpeg2:VIDEO_CODEC=MPEG1;VIDEO_CODEC=MPEG2;VIDEO_CODEC=MPEG4;VIDEO_GMC=NO;AUDIO_CODEC=MPEG1L1;AUDIO_CODEC=MPEG1L2;AUDI
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{136DCBF5-3874-4B70-AE3E-15997D6334F7}\InprocServer32]
@="C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{349AE5F4-92DB-4EEC-A14F-6595FF5C42DE}\InProcServer32]
@="C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\ACMWrapperDMO.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{4578D46F-1AAF-4FA6-AD9C-401A97CFA291}\InprocServer32]
@="C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{601D45EA-8352-4D12-8E1D-F79618DB6244}]
@="DivX Media Foundation ACM Wrapper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{601D45EA-8352-4D12-8E1D-F79618DB6244}\InprocServer32]
@="C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\ACMWrapperDMO.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{601D45EA-8352-4D12-8E1D-F79618DB6244}\ProgID]
@="DivX.MediaFoundationACMWrapper.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{601D45EA-8352-4D12-8E1D-F79618DB6244}\VersionIndependentProgID]
@="DivX.MediaFoundationACMWrapper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{A8786FBA-B1E0-41D8-9A3E-F56D4E226A51}\InprocServer32]
@="C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{DEE56715-7081-4D57-91A7-984AE2712268}\InprocServer32]
@="C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{F7EF9722-1DEA-4430-B830-C54B382FC90C}\InprocServer32]
@="C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\AppID\{C550CA6A-FFC7-4A72-8F3C-1DE830918F12}]
@="DivX Media Foundation ACM Wrapper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{929BADAA-0D97-4699-916C-FFBBDA91485D}\1.0\0\win32]
@="C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\ACMWrapperDMO.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{B6A3B2ED-EE52-40D6-AC41-BD42EBC95AA4}\1.0\0\win32]
@="C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{B6A3B2ED-EE52-40D6-AC41-BD42EBC95AA4}\1.0\HELPDIR]
@="C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\AppDataLow\Software\DivX]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\AppDataLow\Software\DivX\Settings\WebPlayer]
"downloadFolder"="DIVX_MOVIES"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\AppDataLow\Software\DivX_Browser_Bar_DE]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.div\UserChoice]
"Progid"="divx_div_file"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.divx]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.divx\UserChoice]
"Progid"="divx_divx_file"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\UserChoice]
"Progid"="divx_mkv_file"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tix]
"Progid"="divx_tix_file"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tix\UserChoice]
"Progid"="divx_tix_file"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.VOB\UserChoice]
"Progid"="divx_vob_file"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Windows\Shell\Associations\MIMEAssociations\ICM.DIV4\UserChoice]
"Progid"="RealPlayer.DIVX.6"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Windows\Shell\Associations\MIMEAssociations\ICM.DIV6\UserChoice]
"Progid"="RealPlayer.DIVX.6"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Windows\Shell\Associations\MIMEAssociations\ICM.DIVX1]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Windows\Shell\Associations\MIMEAssociations\ICM.DIVX1\UserChoice]
"Progid"="RealPlayer.DIVX.6"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Windows\Shell\Associations\MIMEAssociations\ICM.DX50\UserChoice]
"Progid"="RealPlayer.DIVX.6"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Netscape\Netscape Navigator\Viewers]
"TYPE44"="ICM.DIVX1"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\RealNetworks\RealShare\15.0\Preferences\MountPoints\DT_Plugins\PluginHandlerData\PluginInfo0]
@="{IndexNumber~N0~LoadMultiple~N1~Renderer_Granularity~N50~Version~N-268414867~Copyright~SCopyright(c) RealNetworks, Inc. 1995-2009. All rights reserved. Source code for this program is available under the RealNetworks Public Source License. (hxxp://www.helixcommunity.org)~Description~S3GPP Timed Text Renderer Plugin~PlgCopy~Shxxp://www.helixcommunity.org~PluginFilename~S3gppttrenderer.dll~PluginType~SPLUGIN_RENDERER~RendererMime~Svideo/X-RN-3GPP-TEXT}{IndexNumber~N0~LoadMultiple~N1~Version~N-268414867~Copyright~SCopyright(c) RealNetworks, Inc. 2003-2005. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA AAC Audio Format~FileExtensions~SAAC~FileMime~Saudio/aac|audio/aacp~PlgCopy~Shxxp://www.helixcommunity.org~PluginFilename~Saacff.dll~PluginType~SPLUGIN_FILE_FORMAT}{In
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\RealNetworks\RealShare\15.0\Preferences\MountPoints\DT_Plugins\PluginHandlerData\PluginInfo2]
@="egurl|audio/scpls|audio/x-scpls~FileOpenNames~SMP3 Playlist Files (*.m3u,*.pls,*.xpl)~PlgCopy~Shxxp://www.helixcommunity.org~PluginFilename~Smp3metaff.dll~PluginType~SPLUGIN_FILE_FORMAT}{IndexNumber~N0~LoadMultiple~N1~Renderer_Granularity~N50~Version~N0~Copyright~SCopyright(c) RealNetworks, Inc. 1995-2009. All rights reserved. Source code for this program is available under the RealNetworks Public Source License. (hxxp://www.helixcommunity.org)~Description~SRealNetworks MPEG Renderer Plugin~PlgCopy~Shxxp://www.helixcommunity.org~PluginFilename~Smp3render.dll~PluginType~SPLUGIN_RENDERER~RendererMime~Saudio/X-MP3-draft-00|audio/X-MP3-draft-00-RN|audio/MPEG-ELEMENTARY|audio/MPEG-ELEMENTARY-RN|audio/MPEG-ELEMENTARY-RAW|audio/rn-mpeg|audio/mpa-robust|audio/MPA|audio/mp1s|audio/mp2p|audio/vnd.rn-mp1s|audio/vnd.rn-mp2p}{IndexNumber~N0~LoadMultiple~N1~Ver
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\RealNetworks\RealShare\16.0\Preferences\MountPoints\DT_Plugins\PluginHandlerData\PluginInfo0]
@="{IndexNumber~N0~LoadMultiple~N1~Renderer_Granularity~N50~Version~N8224~Copyright~SCopyright(c) RealNetworks, Inc. 1995-2009. All rights reserved. Source code for this program is available under the RealNetworks Public Source License. (hxxp://www.helixcommunity.org)~Description~S3GPP Timed Text Renderer Plugin~PlgCopy~Shxxp://www.helixcommunity.org~PluginFilename~S3gppttrenderer.dll~PluginType~SPLUGIN_RENDERER~RendererMime~Svideo/X-RN-3GPP-TEXT}{IndexNumber~N0~LoadMultiple~N1~Version~N8224~Copyright~SCopyright(c) RealNetworks, Inc. 2003-2005. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA AAC Audio Format~FileExtensions~SAAC~FileMime~Saudio/aac|audio/aacp~PlgCopy~Shxxp://www.helixcommunity.org~PluginFilename~Saacff.dll~PluginType~SPLUGIN_FILE_FORMAT}{IndexNumber~N0
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\RealNetworks\RealShare\16.0\Preferences\MountPoints\DT_Plugins\PluginHandlerData\PluginInfo2]
@="rity~N50~Version~N0~Copyright~SCopyright(c) RealNetworks, Inc. 1995-2009. All rights reserved. Source code for this program is available under the RealNetworks Public Source License. (hxxp://www.helixcommunity.org)~Description~SRealNetworks MPEG Renderer Plugin~PlgCopy~Shxxp://www.helixcommunity.org~PluginFilename~Smp3render.dll~PluginType~SPLUGIN_RENDERER~RendererMime~Saudio/X-MP3-draft-00|audio/X-MP3-draft-00-RN|audio/MPEG-ELEMENTARY|audio/MPEG-ELEMENTARY-RN|audio/MPEG-ELEMENTARY-RAW|audio/rn-mpeg|audio/mpa-robust|audio/MPA|audio/mp1s|audio/mp2p|audio/vnd.rn-mp1s|audio/vnd.rn-mp2p}{IndexNumber~N0~LoadMultiple~N1~Version~N8224~Copyright~SCopyright(c) RealNetworks, Inc. 1995-2009. All rights reserved. Source code for this program is available under the RealNetworks Public Source License. (hxxp://www.helixcommunity.org)~Description~SHelix MP3 File
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Classes\Applications\RealPlay.exe\SupportedTypes]
".divx"=""
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\DivX\DivX Plus Player\DivX Plus Player.exe"="DivX Plus Player"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Classes\MIME\Database\Content Type\ICM.DIV4]
"Extension"=".divx"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Classes\MIME\Database\Content Type\ICM.DIV6]
"Extension"=".divx"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Classes\MIME\Database\Content Type\ICM.DIVX1]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Classes\MIME\Database\Content Type\ICM.DIVX1]
"Extension"=".divx"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Classes\MIME\Database\Content Type\ICM.DX50]
"Extension"=".divx"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001_Classes\Applications\RealPlay.exe\SupportedTypes]
".divx"=""
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\DivX\DivX Plus Player\DivX Plus Player.exe"="DivX Plus Player"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001_Classes\MIME\Database\Content Type\ICM.DIV4]
"Extension"=".divx"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001_Classes\MIME\Database\Content Type\ICM.DIV6]
"Extension"=".divx"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001_Classes\MIME\Database\Content Type\ICM.DIVX1]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001_Classes\MIME\Database\Content Type\ICM.DIVX1]
"Extension"=".divx"
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001_Classes\MIME\Database\Content Type\ICM.DX50]
"Extension"=".divx"
-= EOF =-
|
|
27.07.2013, 16:57
| #14 |
| /// Malwareteam | TR/Ransom.Blocker mein OTL-Log Hi leider dauert die Erstellung eines Fix-Skripts etwas länger (ich lass es nochmal korrekturlesen). Ich bitte dich daher um Verständnis für die Verzögerung.
__________________ Keep Jazzing! DerJazzer Imperare sibi maximum imperium est. ©Seneca Wenn du uns unterstützen möchtest | http://www.anaesthesist-werden.de/ |
|
27.07.2013, 17:22
| #15 |
| /// Malwareteam | TR/Ransom.Blocker mein OTL-Log So, nach langer Fix-Vorbereitung: Holen wir zum "finalen Schlag" aus: Schritt 1 Bitte beide Programme auf jeden Fall neu herunterladen und die alte Version löschen! Downloade Dir bitte AdwCleaner auf deinen Desktop.
Jetzt bitte den AdwCleaner direkt nochmal laufen lassen (ist bei dieser Art Adware manchmal nötig) Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 2 Fixen mit OTL
Code:
ATTFilter :Files
C:\Windows\System32\Tasks\Feven-chromeinstaller
C:\Windows\System32\Tasks\Feven-codedownloader
C:\Windows\System32\Tasks\Feven-enabler
C:\Windows\System32\Tasks\Feven-updater
C:\Windows\System32\Tasks\Plus-HD-2.5-chromeinstaller
C:\Windows\System32\Tasks\Plus-HD-2.5-codedownloader
C:\Windows\System32\Tasks\Plus-HD-2.5-enabler
C:\Windows\System32\Tasks\Plus-HD-2.5-updater
C:\Users\***\AppData\Local\Microsoft\Internet Explorer\DOMStore\W45XU1E4\cap1.conduit-apps[1].xml
C:\Users\***\AppData\LocalLow\DivX_Browser_Bar_DE
C:\Users\***\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\0W2H2R8G\search.conduit[1].xml
C:\Users\***\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\Z11GZW4Y\cap1.conduit-apps[1].xml
C:\ProgramData\BrowserDefender
C:\Users\All Users\BrowserDefender
C:\Users\Ulrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
C:\Program Files (x86)\Delta
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www1.delta-search.com_0.localstorage
C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www1.delta-search.com_0.localstorage-journal
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1HMEQOL6\www1_delta-search_com[1].htm
C:\Users\***AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DCT000KW\bab138.deltatb_dmn[1].zpb
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DCT000KW\delta-toolbar[1].jpg
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DCT000KW\DeltaTB[1].zpb
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DCT000KW\sprite-delta[1].jpg
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W6NGQHDZ\DeltaChromeTB_1001[1].zpb
C:\Users\***\AppData\Roaming\BabSolution
C:\Program Files (x86)\DivX
C:\Users\***\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\R1Z5R3VG\www.divx[1].xml
C:\Users\***\Videos\DivX Movies\DivX.com.lnk
C:\Users\***\AppData\LocalLow\DivX_Browser_Bar_DE
C:\ProgramData\BrowserDefender
C:\Users\All Users\BrowserDefender
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\ProgramData\BrowserDefender
C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
C:\ProgramData\Babylon
C:\Users\All Users\Babylon
C:\Users\***\AppData\Roaming\Babylon
C:\Program Files (x86)\Delta
C:\Users\***\AppData\Roaming\Delta
C:\Program Files (x86)\DivX
C:\Program Files (x86)\Common Files\DivX Shared
C:\Program Files (x86)\DivX\DivX Plus Web Player
C:\Users\***\AppData\LocalLow\DivX_Browser_Bar_DE
C:\Users\***\Videos\DivX Movies
:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F6357A3-D1AE-41B7-8A3B-6DA4DCEEABDE}]
"Path"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A09202C-4D51-481B-97FD-11DDAF8720F2}]
"Path"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0337E54-A674-4F4A-9978-E928F7A339F2}]
"Path"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D414980A-C6F6-40E3-9FA9-4B9448519819}]
"Path"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven-chromeinstaller]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven-codedownloader]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven-enabler]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven-updater]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46B65791-2C6D-46D6-8879-0377381E4A91}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{484E80F2-2D24-48A4-9553-B704477907F1}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A65704D1-D32F-4816-8DC8-FF4D6D53248E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4E1B981-079B-4BF2-9E24-B277C7BC64BF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.5-chromeinstaller]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.5-codedownloader]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.5-enabler]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.5-updater]
[-HKEY_CURRENT_USER\Software\AppDataLow\Software\DivX_Browser_Bar_DE]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Wajam]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Wajam]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Wajam]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Wajam]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Wajam]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Wajam]
[-HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\AppDataLow\Software\DivX_Browser_Bar_DE]
[-HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Wajam]
[-HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Wajam]
[-HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Wajam]
[-HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Wajam]
[-HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Wajam]
[-HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Wajam]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Internet Explorer\TypedURLs]
"url26"=-
[-HKEY_CURRENT_USER\Software\5a53d98ce668ea12]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2803F4A8-C895-412B-8463-8F633CCFB559}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\5a53d98ce668ea12]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BrowserDefendert]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BrowserDefendert]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BrowserDefendert]
[-HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\5a53d98ce668ea12]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}\LocalServer32]
@=""C:\Program Files (x86)\Delta\delta\1.8.22.0\deltasrv.exe""
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0\0\win3]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Delta]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{82E1477C-B154-48D3-9891-33D83C26BCD3}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\delta]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}]
[-HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\5a53d98ce668ea12]
[-HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\BabSolution]
[-HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Delta]
[HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Internet Explorer\Main]
"bProtector Start Page"=-
[-HKEY_USERS\S-1-5-21-538976363-1389243005-1723249960-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\WebCakeUpdaterService]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\Application\WebCakeUpdaterService]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\WebCakeUpdaterService]
:Commands
[emptytemp]
Schritt 3 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 4 ESET Online Scanner
Schritt 5 Downloade Dir bitte  SecurityCheck und:
Schritt 6 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Bitte poste in deiner nächsten Antwort
__________________ Keep Jazzing! DerJazzer Imperare sibi maximum imperium est. ©Seneca Wenn du uns unterstützen möchtest | http://www.anaesthesist-werden.de/ |
|
| Themen zu TR/Ransom.Blocker mein OTL-Log |
| adobe, antivir, autorun, avira, becker, bingbar, canon, delta chrome toolbar, diner dash, firefox, flash player, format, home, homepage, iexplore.exe, install.exe, intranet, launch, microsoft office starter 2010, mozilla, msiinstaller, object, packard bell, plug-in, realtek, registry, rundll, scan, search protect, security, software, sprotection, svchost.exe, symantec, temp, tr/ransom.blocker, trojaner, udp, viren, wajam, wildtangent games, windows |
WARNUNG an die MITLESER: 
Textbox. 
Linear-Darstellung
