PuP.Optionalbonaza

igelchen1962 · 15.10.2013, 10:02

PuP.Optionalbonaza

Hallo Liebe Leute bin 70 Jahre und ziemlich unbedarft.
Habe das Prpblem mit obigen Trojaner.
Es sind lt. Malwarbytes über 80 Eintagungen.
Wie kann ich die Eintagungen löschen?
Über Hilfe wäre ich sehr dankbar. Nicht zuviel Kenntnisse voraussetzen.
Danke
igelchen1962

schrauber · 15.10.2013, 10:33

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

igelchen1962 · 15.10.2013, 18:22

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Dieter (ATTENTION: The logged in user is not administrator) on DIETER-PC on 15-10-2013 19:17:22
Running from C:\Users\Dieter\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\SysWOW64\UMonit.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7302\Monitor.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7302\PACTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files (x86)\FUJIFILM\MyFinePix Studio\dd.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Lenovo) C:\Windows\jmesoft\hotkey.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Farbar) C:\Users\Dieter\Downloads\FRST64(1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11543656 2010-10-26] (Realtek Semiconductor)
HKLM\...\Run: [UMonit] - C:\windows\SysWOW64\UMonit.exe [28672 2010-12-01] ()
HKLM\...\Run: [Lenovo EE Boot Optimizer] - C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2011-10-19] (Lenovo)
HKLM\...\Run: [PAC7302_Monitor] - C:\windows\PixArt\PAC7302\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM\...\Run: [PACTray] - C:\windows\Pixart\PAC7302\PACTray.exe [327680 2009-03-23] (PixArt Imaging Incorporation)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1281512 2013-01-27] (Microsoft Corporation)
HKLM\...\Run: [EKAIO2StatusMonitor] - C:\windows\system32\spool\DRIVERS\x64\3\EKAiO2MUI.exe [2841088 2011-03-10] (Eastman Kodak Company)
HKLM\...\Runonce: [MSPCLOCK] - rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\Runonce: [MSPQM] - rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\Runonce: [MSKSSRV] - rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\Runonce: [MSTEE.CxTransform] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [MSTEE.Splitter] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [WDM_DRMKAUD] - rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install
HKLM\...\RunOnce: [*Restore] - C:\windows\System32\rstrui.exe /runonce [296960 2010-11-21] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Device Detection] - C:\Program Files (x86)\FUJIFILM\MyFinePix Studio\dd.exe [857136 2013-09-12] ()
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKLM-x32\...\Run: [jmekey] - C:\windows\jmesoft\hotkey.exe [118784 2011-03-21] (Lenovo)
HKLM-x32\...\Run: [jmesoft] - C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-03-16] ()
HKLM-x32\...\Run: [Lenovo Eye Distance System] - C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe [265216 2010-09-09] (Lenovo)
HKLM-x32\...\Run: [Lenovo Dynamic Brightness System] - C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe [285696 2010-10-08] (Lenovo)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-05] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-14] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WinampAgent] - C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-20] (Nullsoft, Inc.)
HKLM-x32\...\Run: [EKStatusMonitor] - C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2844608 2012-10-15] (Eastman Kodak Company)
HKLM-x32\...\Run: [Conime] - %windir%\system32\conime.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LEND&bmod=LEND
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://t-online.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU -  No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (YouTube) - C:\Users\Dieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Dieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Skype Click to Call) - C:\Users\Dieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0
CHR Extension: (Gmail) - C:\Users\Dieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [aipfmkinhleccnodemkoofnnofpbbpac] - C:\Users\Admin\AppData\Roaming\BabSolution\CR\searchgol.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

==================== Services (Whitelisted) =================

R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-03-16] ()
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

R3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [57856 2010-12-17] (GenesysLogic)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
R3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [532480 2009-04-28] (PixArt Imaging Inc.)
R0 WinI2C-DDC; C:\Windows\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.)
S1 ghbxaxhe; \??\C:\windows\system32\drivers\ghbxaxhe.sys [x]
S1 jrgekwki; \??\C:\windows\system32\drivers\jrgekwki.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-15 19:17 - 2013-10-15 19:17 - 01954124 _____ (Farbar) C:\Users\Dieter\Downloads\FRST64(1).exe
2013-10-15 19:15 - 2013-10-15 19:15 - 00753504 _____ C:\Users\Dieter\Downloads\ZipExtractorSetup.exe
2013-10-15 16:13 - 2013-10-15 16:32 - 00000000 ____D C:\Users\Dieter\Desktop\Simna
2013-10-15 14:12 - 2013-10-14 21:01 - 00118423 _____ C:\Users\Dieter\Desktop\Solitaire.SolitaireSave-ms
2013-10-15 11:17 - 2013-10-15 11:17 - 00016062 _____ C:\Users\Dieter\Downloads\Addition.txt
2013-10-15 11:16 - 2013-10-15 11:16 - 00000000 ____D C:\FRST
2013-10-15 11:15 - 2013-10-15 11:15 - 01954124 _____ (Farbar) C:\Users\Dieter\Downloads\FRST64.exe
2013-10-15 11:13 - 2013-10-15 11:13 - 00000472 _____ C:\Users\Dieter\Downloads\defogger_disable.log
2013-10-15 11:11 - 2013-10-15 11:11 - 00050477 _____ C:\Users\Dieter\Downloads\Defogger.exe
2013-10-12 18:54 - 2013-10-12 18:54 - 01528184 _____ (Microsoft Corporation) C:\Users\Dieter\Downloads\GenuineCheck(1).exe
2013-10-12 18:42 - 2013-10-12 18:42 - 01528184 _____ (Microsoft Corporation) C:\Users\Dieter\Downloads\GenuineCheck.exe
2013-10-11 16:24 - 2013-10-11 16:24 - 01048960 _____ C:\Users\Dieter\Downloads\adwcleaner_3.0.0.7.exe
2013-10-11 10:31 - 2013-10-11 10:31 - 00001931 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-11 10:30 - 2013-10-15 11:59 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-09 22:00 - 2013-10-09 22:00 - 00011444 _____ C:\Users\Dieter\Downloads\_RE(1)
2013-10-09 22:00 - 2013-10-09 22:00 - 00011444 _____ C:\Users\Dieter\Downloads\_RE
2013-10-09 15:12 - 2013-10-09 15:12 - 00907304 _____ (BillP Studios) C:\Users\Dieter\Downloads\wpsetup.exe
2013-10-09 14:24 - 2013-10-09 14:24 - 00000000 ____D C:\Users\Dieter\AppData\Roaming\Malwarebytes
2013-10-09 11:14 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-10-09 11:14 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-10-09 11:14 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-10-09 11:14 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-10-09 11:14 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-10-09 11:14 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-10-09 11:14 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-10-09 11:14 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-10-09 11:14 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-10-09 11:14 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-10-09 11:14 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-10-09 11:14 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-10-09 11:14 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-10-09 11:14 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-10-09 11:14 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-10-09 11:14 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-10-09 11:14 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-10-09 11:14 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-10-09 11:14 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-10-09 11:14 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-10-09 11:14 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-10-09 11:14 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-10-09 11:14 - 2013-09-23 00:54 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-10-09 11:14 - 2013-09-23 00:54 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-10-09 11:14 - 2013-09-23 00:54 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-10-09 11:14 - 2013-09-23 00:54 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-10-09 11:14 - 2013-09-23 00:54 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-10-09 11:14 - 2013-09-21 05:38 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-10-09 11:14 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-10-09 11:14 - 2013-09-21 04:48 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-10-09 11:14 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-09 10:09 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2013-10-09 10:09 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2013-10-09 10:08 - 2013-09-04 14:12 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2013-10-09 10:08 - 2013-09-04 14:11 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2013-10-09 10:08 - 2013-09-04 14:11 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2013-10-09 10:08 - 2013-09-04 14:11 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2013-10-09 10:08 - 2013-09-04 14:11 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2013-10-09 10:08 - 2013-09-04 14:11 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2013-10-09 10:08 - 2013-09-04 14:11 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2013-10-09 10:08 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-10-09 10:08 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2013-10-09 10:08 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 10:08 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 10:08 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
2013-10-09 10:08 - 2013-07-12 12:40 - 00109824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBAUDIO.sys
2013-10-09 10:08 - 2013-07-03 06:40 - 00042496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbscan.sys
2013-10-09 10:08 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2013-10-09 10:08 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2013-10-09 10:08 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2013-10-09 10:08 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2013-10-09 10:08 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2013-10-09 10:08 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2013-10-09 10:08 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2013-10-09 10:08 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2013-10-09 10:08 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2013-10-09 10:08 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2013-10-09 10:08 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2013-10-09 10:08 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2013-10-09 10:08 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2013-10-09 10:08 - 2012-11-29 00:56 - 00054376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfLdr.sys
2013-10-09 10:08 - 2012-11-29 00:56 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\Wdfres.dll
2013-10-09 10:08 - 2012-11-29 00:56 - 00000003 _____ C:\windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-10-08 13:59 - 2013-10-08 13:59 - 00000000 ____D C:\Users\Dieter\AppData\Local\{B07295BC-0E03-444D-9D7B-6B57003C32B3}
2013-10-08 13:28 - 2013-10-08 13:28 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_wpdcomp_01_09_00.Wdf
2013-10-04 18:51 - 2013-10-04 18:51 - 00000262 _____ C:\windows\wininit.ini
2013-10-04 18:08 - 2013-10-15 11:59 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-04 18:08 - 2013-10-04 18:12 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-04 18:08 - 2013-10-04 18:08 - 00001383 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-10-04 18:08 - 2009-01-25 13:14 - 00017272 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe
2013-10-04 18:07 - 2013-10-04 18:07 - 37672592 _____ (Safer-Networking Ltd.                                       ) C:\Users\Dieter\Downloads\spybotsd-2.1.21-SR2.exe
2013-10-04 17:44 - 2013-10-15 11:57 - 00000000 ____D C:\AdwCleaner
2013-10-04 17:34 - 2013-10-15 18:39 - 00000924 _____ C:\windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-10-04 17:34 - 2013-10-15 17:39 - 00000920 _____ C:\windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-10-04 17:34 - 2013-10-15 11:59 - 00000000 ____D C:\Program Files (x86)\Xvid
2013-10-04 17:34 - 2013-10-15 11:59 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2013-10-04 17:34 - 2013-10-15 11:59 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-10-04 17:34 - 2013-10-15 11:59 - 00000000 ____D C:\Program Files (x86)\DirectVobSub
2013-10-04 17:34 - 2013-10-04 17:34 - 00001991 _____ C:\windows\unins000.dat
2013-10-04 17:34 - 2013-10-04 17:33 - 00715038 _____ C:\windows\unins000.exe
2013-10-04 17:34 - 2012-02-26 16:47 - 00079360 _____ C:\windows\SysWOW64\ff_vfw.dll
2013-10-04 17:34 - 2012-01-09 20:45 - 00178688 _____ C:\windows\SysWOW64\unrar.dll
2013-10-04 17:34 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\windows\system32\lagarith.dll
2013-10-04 17:34 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\windows\SysWOW64\lagarith.dll
2013-10-04 17:34 - 2011-05-30 15:42 - 00255488 _____ C:\windows\system32\xvidvfw.dll
2013-10-04 17:34 - 2011-05-30 15:42 - 00240640 _____ C:\windows\SysWOW64\xvidvfw.dll
2013-10-04 17:34 - 2011-05-23 11:52 - 00153088 _____ C:\windows\SysWOW64\xvid.ax
2013-10-04 17:34 - 2011-05-23 09:49 - 00173568 _____ C:\windows\system32\xvid.ax
2013-10-04 17:34 - 2011-05-23 09:46 - 00645632 _____ C:\windows\SysWOW64\xvidcore.dll
2013-10-04 17:34 - 2011-05-23 09:45 - 00696832 _____ C:\windows\system32\xvidcore.dll
2013-10-04 17:33 - 2013-10-15 11:59 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-04 17:33 - 2013-10-15 11:57 - 00000000 ____D C:\Program Files (x86)\DSP-worx
2013-10-04 17:33 - 2013-10-04 17:58 - 00000000 ____D C:\ProgramData\DivX
2013-10-04 17:33 - 2013-10-04 17:33 - 00000000 ____D C:\Program Files (x86)\OpenSource Flash Video Splitter
2013-10-04 17:33 - 2013-10-04 17:33 - 00000000 ____D C:\Program Files (x86)\Haali
2013-10-04 17:09 - 2013-10-15 11:59 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-04 17:09 - 2013-10-15 11:57 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-04 17:09 - 2013-10-04 17:09 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-04 17:09 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2013-10-04 17:07 - 2013-10-04 17:07 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Dieter\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-24 18:06 - 2013-09-24 18:06 - 00000000 ____D C:\Users\Dieter\AppData\Local\.elfohilfe
2013-09-24 15:51 - 2013-09-24 18:09 - 00097876 _____ C:\Users\Dieter\ESt2012_Müller_Karl-Heinz_und_Müller_Adelheid.elfo
2013-09-21 19:15 - 2013-09-21 19:15 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2013-09-21 19:14 - 2013-09-21 19:15 - 00001233 _____ C:\Users\Public\Desktop\ElsterFormular.lnk
2013-09-20 21:11 - 2013-09-20 21:11 - 196394236 _____ C:\windows\MEMORY.DMP
2013-09-20 21:11 - 2013-09-20 21:11 - 00000000 ____D C:\windows\Minidump
2013-09-20 15:42 - 2013-09-21 19:16 - 00000000 ____D C:\Users\Dieter\AppData\Roaming\elsterformular

==================== One Month Modified Files and Folders =======

2013-10-15 19:17 - 2013-10-15 19:17 - 01954124 _____ (Farbar) C:\Users\Dieter\Downloads\FRST64(1).exe
2013-10-15 19:15 - 2013-10-15 19:15 - 00753504 _____ C:\Users\Dieter\Downloads\ZipExtractorSetup.exe
2013-10-15 19:12 - 2011-12-22 17:15 - 00000000 ____D C:\Users\Dieter\AppData\Roaming\Skype
2013-10-15 19:03 - 2012-04-16 08:45 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-10-15 18:48 - 2011-12-15 21:22 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-15 18:39 - 2013-10-04 17:34 - 00000924 _____ C:\windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-10-15 18:36 - 2011-12-13 21:53 - 00000000 ____D C:\ProgramData\Kodak
2013-10-15 18:06 - 2011-10-19 10:28 - 01738216 _____ C:\windows\WindowsUpdate.log
2013-10-15 17:39 - 2013-10-04 17:34 - 00000920 _____ C:\windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-10-15 16:32 - 2013-10-15 16:13 - 00000000 ____D C:\Users\Dieter\Desktop\Simna
2013-10-15 12:40 - 2013-03-27 19:19 - 00047616 _____ C:\Users\Dieter\Desktop\Blutdruck.xls
2013-10-15 12:16 - 2009-07-14 06:45 - 00020480 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-15 12:16 - 2009-07-14 06:45 - 00020480 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-15 12:13 - 2011-10-19 11:02 - 00643628 _____ C:\windows\system32\perfh007.dat
2013-10-15 12:13 - 2011-10-19 11:02 - 00126188 _____ C:\windows\system32\perfc007.dat
2013-10-15 12:13 - 2009-07-14 07:13 - 01472002 _____ C:\windows\system32\PerfStringBackup.INI
2013-10-15 12:01 - 2011-10-19 10:50 - 00444997 _____ C:\windows\system32\fastboot.set
2013-10-15 12:00 - 2013-03-29 10:31 - 00022884 _____ C:\windows\setupact.log
2013-10-15 12:00 - 2011-12-15 21:22 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-15 12:00 - 2011-12-13 18:43 - 00068856 _____ C:\Users\Dieter\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-15 12:00 - 2011-12-13 18:42 - 00000000 ____D C:\Users\Dieter
2013-10-15 12:00 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-10-15 11:59 - 2013-10-11 10:30 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-15 11:59 - 2013-10-04 18:08 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-15 11:59 - 2013-10-04 17:34 - 00000000 ____D C:\Program Files (x86)\Xvid
2013-10-15 11:59 - 2013-10-04 17:34 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2013-10-15 11:59 - 2013-10-04 17:34 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-10-15 11:59 - 2013-10-04 17:34 - 00000000 ____D C:\Program Files (x86)\DirectVobSub
2013-10-15 11:59 - 2013-10-04 17:33 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-15 11:59 - 2013-10-04 17:09 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-15 11:59 - 2013-07-24 10:29 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-10-15 11:59 - 2013-03-27 23:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-15 11:59 - 2013-03-27 23:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-15 11:59 - 2012-10-20 21:03 - 00000000 ____D C:\Users\Dieter\AppData\Roaming\Winamp
2013-10-15 11:59 - 2012-06-14 15:34 - 00000000 ____D C:\Users\Admin
2013-10-15 11:59 - 2012-01-09 20:53 - 00000000 ____D C:\Users\Dieter\Desktop\Sammelbecken)
2013-10-15 11:59 - 2011-12-27 17:20 - 00000000 ____D C:\ProgramData\FLEXnet
2013-10-15 11:59 - 2011-12-19 19:37 - 00000000 ____D C:\Users\Dieter\AppData\Roaming\WinPatrol
2013-10-15 11:59 - 2011-12-18 18:38 - 00000000 ____D C:\windows\system32\Macromed
2013-10-15 11:59 - 2011-12-13 18:43 - 00000000 ____D C:\Users\Dieter\AppData\Local\Lenovo
2013-10-15 11:59 - 2009-07-14 05:20 - 00000000 ____D C:\windows\registration
2013-10-15 11:59 - 2009-07-14 05:20 - 00000000 ____D C:\windows\AppCompat
2013-10-15 11:59 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-10-15 11:58 - 2012-01-15 17:20 - 00000000 ____D C:\Users\Dieter\Desktop\Cafe Traumhaft
2013-10-15 11:57 - 2013-10-04 17:44 - 00000000 ____D C:\AdwCleaner
2013-10-15 11:57 - 2013-10-04 17:33 - 00000000 ____D C:\Program Files (x86)\DSP-worx
2013-10-15 11:57 - 2013-10-04 17:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-15 11:57 - 2011-12-19 19:37 - 00000000 ____D C:\ProgramData\InstallMate
2013-10-15 11:46 - 2011-12-13 18:57 - 00000000 ____D C:\Users\Dieter\AppData\Local\Mozilla
2013-10-15 11:17 - 2013-10-15 11:17 - 00016062 _____ C:\Users\Dieter\Downloads\Addition.txt
2013-10-15 11:16 - 2013-10-15 11:16 - 00000000 ____D C:\FRST
2013-10-15 11:15 - 2013-10-15 11:15 - 01954124 _____ (Farbar) C:\Users\Dieter\Downloads\FRST64.exe
2013-10-15 11:13 - 2013-10-15 11:13 - 00000472 _____ C:\Users\Dieter\Downloads\defogger_disable.log
2013-10-15 11:11 - 2013-10-15 11:11 - 00050477 _____ C:\Users\Dieter\Downloads\Defogger.exe
2013-10-14 21:01 - 2013-10-15 14:12 - 00118423 _____ C:\Users\Dieter\Desktop\Solitaire.SolitaireSave-ms
2013-10-12 18:54 - 2013-10-12 18:54 - 01528184 _____ (Microsoft Corporation) C:\Users\Dieter\Downloads\GenuineCheck(1).exe
2013-10-12 18:42 - 2013-10-12 18:42 - 01528184 _____ (Microsoft Corporation) C:\Users\Dieter\Downloads\GenuineCheck.exe
2013-10-11 16:24 - 2013-10-11 16:24 - 01048960 _____ C:\Users\Dieter\Downloads\adwcleaner_3.0.0.7.exe
2013-10-11 10:31 - 2013-10-11 10:31 - 00001931 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-10 09:30 - 2013-03-29 10:31 - 00005896 _____ C:\windows\PFRO.log
2013-10-09 22:00 - 2013-10-09 22:00 - 00011444 _____ C:\Users\Dieter\Downloads\_RE(1)
2013-10-09 22:00 - 2013-10-09 22:00 - 00011444 _____ C:\Users\Dieter\Downloads\_RE
2013-10-09 15:12 - 2013-10-09 15:12 - 00907304 _____ (BillP Studios) C:\Users\Dieter\Downloads\wpsetup.exe
2013-10-09 14:24 - 2013-10-09 14:24 - 00000000 ____D C:\Users\Dieter\AppData\Roaming\Malwarebytes
2013-10-09 13:02 - 2009-07-14 06:45 - 00326384 _____ C:\windows\system32\FNTCACHE.DAT
2013-10-09 11:13 - 2013-08-23 23:20 - 00000000 ____D C:\windows\system32\MRT
2013-10-09 11:11 - 2011-12-14 19:51 - 80541720 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-10-08 21:03 - 2012-04-16 08:45 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-10-08 21:03 - 2011-12-18 18:39 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-08 13:59 - 2013-10-08 13:59 - 00000000 ____D C:\Users\Dieter\AppData\Local\{B07295BC-0E03-444D-9D7B-6B57003C32B3}
2013-10-08 13:28 - 2013-10-08 13:28 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_wpdcomp_01_09_00.Wdf
2013-10-08 09:43 - 2009-07-14 07:08 - 00032632 _____ C:\windows\Tasks\SCHEDLGU.TXT
2013-10-04 18:51 - 2013-10-04 18:51 - 00000262 _____ C:\windows\wininit.ini
2013-10-04 18:12 - 2013-10-04 18:08 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-04 18:08 - 2013-10-04 18:08 - 00001383 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-10-04 18:07 - 2013-10-04 18:07 - 37672592 _____ (Safer-Networking Ltd.                                       ) C:\Users\Dieter\Downloads\spybotsd-2.1.21-SR2.exe
2013-10-04 17:58 - 2013-10-04 17:33 - 00000000 ____D C:\ProgramData\DivX
2013-10-04 17:45 - 2011-12-13 18:57 - 00001053 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-04 17:41 - 2013-08-23 21:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-04 17:36 - 2011-12-15 14:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-04 17:34 - 2013-10-04 17:34 - 00001991 _____ C:\windows\unins000.dat
2013-10-04 17:33 - 2013-10-04 17:34 - 00715038 _____ C:\windows\unins000.exe
2013-10-04 17:33 - 2013-10-04 17:33 - 00000000 ____D C:\Program Files (x86)\OpenSource Flash Video Splitter
2013-10-04 17:33 - 2013-10-04 17:33 - 00000000 ____D C:\Program Files (x86)\Haali
2013-10-04 17:09 - 2013-10-04 17:09 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-04 17:07 - 2013-10-04 17:07 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Dieter\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-24 18:09 - 2013-09-24 15:51 - 00097876 _____ C:\Users\Dieter\ESt2012_Müller_Karl-Heinz_und_Müller_Adelheid.elfo
2013-09-24 18:06 - 2013-09-24 18:06 - 00000000 ____D C:\Users\Dieter\AppData\Local\.elfohilfe
2013-09-23 01:28 - 2013-10-09 11:14 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-09-23 01:28 - 2013-10-09 11:14 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-09-23 01:27 - 2013-10-09 11:14 - 14335488 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-09-23 01:27 - 2013-10-09 11:14 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-09-23 01:27 - 2013-10-09 11:14 - 02876928 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-09-23 01:27 - 2013-10-09 11:14 - 02048512 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-09-23 01:27 - 2013-10-09 11:14 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-09-23 01:27 - 2013-10-09 11:14 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-09-23 01:27 - 2013-10-09 11:14 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-09-23 01:27 - 2013-10-09 11:14 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-09-23 01:27 - 2013-10-09 11:14 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-09-23 01:27 - 2013-10-09 11:14 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-09-23 01:27 - 2013-10-09 11:14 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-09-23 00:55 - 2013-10-09 11:14 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-09-23 00:55 - 2013-10-09 11:14 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-09-23 00:55 - 2013-10-09 11:14 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-09-23 00:54 - 2013-10-09 11:14 - 19252224 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-09-23 00:54 - 2013-10-09 11:14 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-09-23 00:54 - 2013-10-09 11:14 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-09-23 00:54 - 2013-10-09 11:14 - 02647552 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-09-23 00:54 - 2013-10-09 11:14 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-09-23 00:54 - 2013-10-09 11:14 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-09-23 00:54 - 2013-10-09 11:14 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-09-23 00:54 - 2013-10-09 11:14 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-09-23 00:54 - 2013-10-09 11:14 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-09-23 00:54 - 2013-10-09 11:14 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-09-23 00:54 - 2013-10-09 11:14 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-09-21 19:16 - 2013-09-20 15:42 - 00000000 ____D C:\Users\Dieter\AppData\Roaming\elsterformular
2013-09-21 19:15 - 2013-09-21 19:15 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2013-09-21 19:15 - 2013-09-21 19:14 - 00001233 _____ C:\Users\Public\Desktop\ElsterFormular.lnk
2013-09-21 18:44 - 2012-09-26 14:53 - 00000000 ____D C:\ProgramData\elsterformular
2013-09-21 05:38 - 2013-10-09 11:14 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-09-21 05:30 - 2013-10-09 11:14 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-09-21 04:48 - 2013-10-09 11:14 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-09-21 04:39 - 2013-10-09 11:14 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-21 02:08 - 2012-04-26 09:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-21 02:08 - 2011-12-13 18:43 - 00000000 ___RD C:\Users\Dieter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-21 02:08 - 2011-12-13 18:43 - 00000000 ___RD C:\Users\Dieter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-21 02:08 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2013-09-20 21:11 - 2013-09-20 21:11 - 196394236 _____ C:\windows\MEMORY.DMP
2013-09-20 21:11 - 2013-09-20 21:11 - 00000000 ____D C:\windows\Minidump

Files to move or delete:
====================
C:\ProgramData\flashax10.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

--- --- ---

schrauber · 16.10.2013, 09:34

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

igelchen1962 · 17.10.2013, 18:54

Combofix Logfile:

Code:

ATTFilter

ComboFix 13-10-16.02 - Admin 17.10.2013  19:29:01.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4008.2289 [GMT 2:00]
ausgeführt von:: c:\users\Dieter\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\users\Dieter\Desktop\Setup.exe
c:\windows\IsUn0407.exe
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-09-17 bis 2013-10-17  ))))))))))))))))))))))))))))))
.
.
2013-10-17 17:44 . 2013-10-17 17:44	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-10-17 17:44 . 2013-10-17 17:44	--------	d-----w-	c:\users\Admin\AppData\Local\temp
2013-10-15 09:16 . 2013-10-15 09:16	--------	d-----w-	C:\FRST
2013-10-11 08:30 . 2013-10-15 09:59	--------	d-----w-	c:\program files\McAfee Security Scan
2013-10-09 12:24 . 2013-10-09 12:24	--------	d-----w-	c:\users\Dieter\AppData\Roaming\Malwarebytes
2013-10-09 08:09 . 2013-07-04 12:50	633856	----a-w-	c:\windows\system32\comctl32.dll
2013-10-09 08:09 . 2013-07-04 11:50	530432	----a-w-	c:\windows\SysWow64\comctl32.dll
2013-10-04 16:08 . 2013-10-04 16:12	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2013-10-04 16:08 . 2013-10-17 17:22	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy 2
2013-10-04 15:44 . 2013-10-15 09:57	--------	d-----w-	C:\AdwCleaner
2013-10-04 15:35 . 2013-10-04 15:58	--------	d-----w-	c:\program files (x86)\Common Files\DivX Shared
2013-10-04 15:33 . 2013-10-15 09:57	--------	d-----w-	c:\program files (x86)\DSP-worx
2013-10-04 15:33 . 2013-10-04 15:33	--------	d-----w-	c:\program files (x86)\Haali
2013-10-04 15:33 . 2013-10-04 15:58	--------	d-----w-	c:\programdata\DivX
2013-10-04 15:33 . 2013-10-04 15:33	--------	d-----w-	c:\program files (x86)\OpenSource Flash Video Splitter
2013-10-04 15:33 . 2013-10-15 09:59	--------	d-----w-	c:\users\Admin\AppData\Roaming\LavFilters
2013-10-04 15:33 . 2013-10-04 15:33	--------	d-----w-	c:\users\Admin\AppData\Roaming\CDXReader
2013-10-04 15:33 . 2013-10-15 09:59	--------	d-----w-	c:\program files (x86)\BonanzaDeals
2013-10-04 15:10 . 2013-10-15 09:58	--------	d-----w-	c:\users\Admin\AppData\Roaming\Malwarebytes
2013-10-04 15:09 . 2013-10-15 09:57	--------	d-----w-	c:\programdata\Malwarebytes
2013-10-04 15:09 . 2013-10-15 09:59	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-10-04 15:09 . 2013-04-04 12:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-10-04 15:09 . 2013-10-04 15:09	--------	d-----w-	c:\users\Admin\AppData\Local\Programs
2013-09-24 16:06 . 2013-09-24 16:06	--------	d-----w-	c:\users\Dieter\AppData\Local\.elfohilfe
2013-09-21 17:15 . 2013-09-21 17:15	--------	d-----w-	c:\program files (x86)\ElsterFormular
2013-09-21 16:38 . 2013-09-21 16:38	--------	d-----w-	c:\users\Admin\AppData\Local\Eastman Kodak Company
2013-09-21 14:23 . 2013-09-21 14:23	--------	d-----w-	c:\users\Admin\AppData\Roaming\Apple Computer
2013-09-21 14:23 . 2013-09-21 16:58	--------	d-----w-	c:\users\Admin\AppData\Roaming\Skype
2013-09-20 13:42 . 2013-09-21 17:16	--------	d-----w-	c:\users\Dieter\AppData\Roaming\elsterformular
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-09 09:11 . 2011-12-14 17:51	80541720	----a-w-	c:\windows\system32\MRT.exe
2013-10-08 19:03 . 2012-04-16 06:45	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-08 19:03 . 2011-12-18 16:39	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-02 02:23 . 2013-09-12 18:52	5550528	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-08-02 02:15 . 2013-09-12 18:52	1732032	----a-w-	c:\windows\system32\ntdll.dll
2013-08-02 02:15 . 2013-09-12 18:52	243712	----a-w-	c:\windows\system32\wow64.dll
2013-08-02 02:15 . 2013-09-12 18:52	362496	----a-w-	c:\windows\system32\wow64win.dll
2013-08-02 02:15 . 2013-09-12 18:52	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2013-08-02 02:14 . 2013-09-12 18:52	215040	----a-w-	c:\windows\system32\winsrv.dll
2013-08-02 02:14 . 2013-09-12 18:52	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2013-08-02 02:13 . 2013-09-12 18:52	424448	----a-w-	c:\windows\system32\KernelBase.dll
2013-08-02 02:13 . 2013-09-12 18:52	1161216	----a-w-	c:\windows\system32\kernel32.dll
2013-08-02 02:12 . 2013-09-12 18:52	43520	----a-w-	c:\windows\system32\csrsrv.dll
2013-08-02 02:12 . 2013-09-12 18:52	6144	---ha-w-	c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	4608	---ha-w-	c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	4096	---ha-w-	c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	4096	---ha-w-	c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	3072	---ha-w-	c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	3072	---ha-w-	c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	3072	---ha-w-	c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	6656	----a-w-	c:\windows\system32\apisetschema.dll
2013-08-02 02:12 . 2013-09-12 18:52	4608	---ha-w-	c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	3584	---ha-w-	c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	3584	---ha-w-	c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	3584	---ha-w-	c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	3584	---ha-w-	c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	3584	---ha-w-	c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	3584	---ha-w-	c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	3584	---ha-w-	c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	3072	---ha-w-	c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	3072	---ha-w-	c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	3072	---ha-w-	c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	3072	---ha-w-	c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	5120	---ha-w-	c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	3072	---ha-w-	c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	3072	---ha-w-	c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	3072	---ha-w-	c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	3072	---ha-w-	c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	3072	---ha-w-	c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 18:52	3072	---ha-w-	c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-02 01:59 . 2013-09-12 18:52	3968960	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-08-02 01:59 . 2013-09-12 18:52	3913664	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-08-02 01:51 . 2013-09-12 18:52	1292192	----a-w-	c:\windows\SysWow64\ntdll.dll
2013-08-02 01:50 . 2013-09-12 18:52	274944	----a-w-	c:\windows\SysWow64\KernelBase.dll
2013-08-02 01:50 . 2013-09-12 18:52	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2013-08-02 01:48 . 2013-09-12 18:52	5120	---ha-w-	c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 18:52	4608	---ha-w-	c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 18:52	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 18:52	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 18:52	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 18:52	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 18:52	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 18:52	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 18:52	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 18:52	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 18:52	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 18:52	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 18:52	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 18:52	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 18:52	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 18:52	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 18:52	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 18:52	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 18:52	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 18:52	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 18:52	6656	----a-w-	c:\windows\SysWow64\apisetschema.dll
2013-08-02 01:48 . 2013-09-12 18:52	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 18:52	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 18:52	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 18:52	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 18:52	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2013-08-02 01:09 . 2013-09-12 18:52	338432	----a-w-	c:\windows\system32\conhost.exe
2013-08-02 00:59 . 2013-09-12 18:52	112640	----a-w-	c:\windows\system32\smss.exe
2013-08-02 00:45 . 2013-09-12 18:52	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2013-08-02 00:45 . 2013-09-12 18:52	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2013-08-02 00:45 . 2013-09-12 18:52	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2013-08-02 00:45 . 2013-09-12 18:52	2048	----a-w-	c:\windows\SysWow64\user.exe
2013-08-02 00:43 . 2013-09-12 18:52	6144	---ha-w-	c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 18:52	4608	---ha-w-	c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 18:52	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 18:52	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-07-26 02:24 . 2013-09-12 18:52	14172672	----a-w-	c:\windows\system32\shell32.dll
2013-07-26 02:24 . 2013-09-12 18:51	197120	----a-w-	c:\windows\system32\shdocvw.dll
2013-07-25 09:25 . 2013-08-23 18:59	1888768	----a-w-	c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-23 18:59	1620992	----a-w-	c:\windows\SysWow64\WMVDECOD.DLL
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-21 19875432]
"WinPatrol"="c:\program files (x86)\BillP Studios\WinPatrol\winpatrol.exe" [2013-09-24 441408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"jmekey"="c:\windows\jmesoft\hotkey.exe" [2011-03-21 118784]
"jmesoft"="c:\windows\jmesoft\ServiceLoader.exe" [2011-03-16 28672]
"Lenovo Eye Distance System"="c:\program files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe" [2010-09-09 265216]
"Lenovo Dynamic Brightness System"="c:\program files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe" [2010-10-08 285696]
"CLMLServer"="c:\program files (x86)\Lenovo\Power2Go\CLMLSvc.exe" [2009-12-04 103720]
"UpdateP2GoShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2012-06-20 74752]
"EKStatusMonitor"="c:\program files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe" [2012-10-15 2844608]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"KodakHomeCenter"="c:\program files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" [2012-10-19 2235840]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.130\SSScheduler.exe [2013-9-6 324320]
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE -b -l [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R1 ghbxaxhe;ghbxaxhe;c:\windows\system32\drivers\ghbxaxhe.sys;c:\windows\SYSNATIVE\drivers\ghbxaxhe.sys [x]
R1 jrgekwki;jrgekwki;c:\windows\system32\drivers\jrgekwki.sys;c:\windows\SYSNATIVE\drivers\jrgekwki.sys [x]
R2 JME Keyboard;JME Keyboard Driver;c:\windows\jmesoft\Service.exe;c:\windows\jmesoft\Service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 vcd10bus;Virtual CD v10 Bus Enumerator;c:\windows\system32\DRIVERS\vcd10bus.sys;c:\windows\SYSNATIVE\DRIVERS\vcd10bus.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 WinI2C-DDC;WinI2C-DDC Kernel Mode Driver;c:\windows\system32\drivers\DDCDrv.sys;c:\windows\SYSNATIVE\drivers\DDCDrv.sys [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [x]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [x]
S2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 GeneStor;Genesys Logic Storage Driver;c:\windows\system32\DRIVERS\GeneStor.sys;c:\windows\SYSNATIVE\DRIVERS\GeneStor.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2013-10-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 19:03]
.
2013-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-15 19:22]
.
2013-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-15 19:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-30 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-30 392216]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-30 415768]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-10-26 11543656]
"UMonit"="c:\windows\SysWOW64\UMonit.exe" [2010-12-01 28672]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2011-10-19 114688]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584]
"PACTray"="c:\windows\Pixart\PAC7302\PACTray.exe" [2009-03-23 327680]
"EKAIO2StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKAiO2MUI.exe" [2011-03-10 2841088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"MSPCLOCK"="streamci" [X]
"MSPQM"="streamci" [X]
"MSKSSRV"="streamci" [X]
"MSTEE.CxTransform"="streamci" [X]
"MSTEE.Splitter"="streamci" [X]
"WDM_DRMKAUD"="streamci" [X]
"*Restore"="c:\windows\System32\rstrui.exe" [2010-11-21 296960]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=LEND&bmod=LEND
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=072413&q=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-10-04 17:33; {f9d03c26-0575-497e-821d-f7956d23e0ca}; c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}
FF - ExtSQL: 2013-10-04 17:34; ffxtlbr@searchgol.com; c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\extensions\ffxtlbr@searchgol.com
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-Conime - c:\windows\system32\conime.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-MGI_PHOTOSUITE_V806 - c:\windows\IsUn0407.exe
AddRemove-Codec Pack Packages - c:\users\Admin\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z\Codec Pack Packages\uninstaller.exe
AddRemove-DigitalSite - c:\users\Admin\AppData\Roaming\DIGITA~1\UpdateProc\UpdateTask.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-10-17  19:46:51
ComboFix-quarantined-files.txt  2013-10-17 17:46
.
Vor Suchlauf: 10 Verzeichnis(se), 866.167.128.064 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 866.318.000.128 Bytes frei
.
- - End Of File - - 937325C44E32E11CF65A97DDAE46992A

--- --- ---
A36C5E4F47E84449FF07ED3517B43A31

schrauber · 18.10.2013, 14:42

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

igelchen1962 · 26.10.2013, 17:27

Malwarebytes Anti-Malware 1.75.0.1300
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2013.10.26.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Admin :: DIETER-PC [Administrator]

26.10.2013 17:56:18
mbam-log-2013-10-26 (17-56-18).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 230699
Laufzeit: 4 Minute(n), 25 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 5
HKCR\CLSID\{112BA211-334C-4A90-90EC-2AD1CDAB287C} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{112BA211-334C-4A90-90EC-2AD1CDAB287C} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{1FAFD711-ABF9-4F6A-8130-5166C7371427} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\BONANZADEALS (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\BONANZADEALS (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 4
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{1FAFD711-ABF9-4F6A-8130-5166C7371427} (PUP.Optional.Iminent.A) -> Daten: Iminent Toolbar -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{1FAFD711-ABF9-4F6A-8130-5166C7371427} (PUP.Optional.Iminent.A) -> Daten: -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\BonanzaDeals|ChromeCrxPath (PUP.Optional.BonanzaDeals.A) -> Daten: C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\BonanzaDeals|ChromeCrxPath (PUP.Optional.BonanzaDeals.A) -> Daten: C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Users\Admin\Downloads\Microsoft%20Security%20Essentials.exe (PUP.Optional.Firseria) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Installer\2332b8.msi (PUP.Optional.Iminent) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)JRT Logfile:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Home Premium x64
Ran by Admin on 26.10.2013 at 18:11:36,87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.10.2013 at 18:11:37,01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

--- --- ---
Ich weiß nicht was ich verkehrt gemacht habe, aber bei dem adwcleaner ist keine Textdatei bei neustart erschienen.
Gruß

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-10-2013 01
Ran by Dieter (ATTENTION: The logged in user is not administrator) on DIETER-PC on 26-10-2013 18:18:22
Running from C:\Users\Dieter\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\SysWOW64\UMonit.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7302\Monitor.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7302\PACTray.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKAiO2MUI.exe
() C:\Program Files (x86)\FUJIFILM\MyFinePix Studio\dd.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Lenovo) C:\Windows\jmesoft\hotkey.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Microsoft Corporation) C:\windows\splwow64.exe
(Farbar) C:\Users\Dieter\Downloads\FRST64(2).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11543656 2010-10-26] (Realtek Semiconductor)
HKLM\...\Run: [UMonit] - C:\windows\SysWOW64\UMonit.exe [28672 2010-12-01] ()
HKLM\...\Run: [Lenovo EE Boot Optimizer] - C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2011-10-19] (Lenovo)
HKLM\...\Run: [PAC7302_Monitor] - C:\windows\PixArt\PAC7302\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM\...\Run: [PACTray] - C:\windows\Pixart\PAC7302\PACTray.exe [327680 2009-03-23] (PixArt Imaging Incorporation)
HKLM\...\Run: [EKAIO2StatusMonitor] - C:\windows\system32\spool\DRIVERS\x64\3\EKAiO2MUI.exe [2841088 2011-03-10] (Eastman Kodak Company)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Device Detection] - C:\Program Files (x86)\FUJIFILM\MyFinePix Studio\dd.exe [857136 2013-09-12] ()
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKLM-x32\...\Run: [jmekey] - C:\windows\jmesoft\hotkey.exe [118784 2011-03-21] (Lenovo)
HKLM-x32\...\Run: [jmesoft] - C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-03-16] ()
HKLM-x32\...\Run: [Lenovo Eye Distance System] - C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe [265216 2010-09-09] (Lenovo)
HKLM-x32\...\Run: [Lenovo Dynamic Brightness System] - C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe [285696 2010-10-08] (Lenovo)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-05] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-14] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WinampAgent] - C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-20] (Nullsoft, Inc.)
HKLM-x32\...\Run: [EKStatusMonitor] - C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2844608 2012-10-15] (Eastman Kodak Company)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Conime] - %windir%\system32\conime.exe
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Start Search
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKCU - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=C2399F0C-80C9-4FD2-B15D-B14F1B509EF7&ref=toolbox&q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\StartWeb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (YouTube) - C:\Users\Dieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Dieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Skype Click to Call) - C:\Users\Dieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0
CHR Extension: (Gmail) - C:\Users\Dieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

==================== Services (Whitelisted) =================

R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-03-16] ()
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [57856 2010-12-17] (GenesysLogic)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [532480 2009-04-28] (PixArt Imaging Inc.)
R0 WinI2C-DDC; C:\Windows\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.)
R0 WinI2C-DDC; C:\Windows\SysWow64\drivers\DDCDrv.sys [15712 2010-03-23] (Nicomsoft Ltd.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S1 ghbxaxhe; \??\C:\windows\system32\drivers\ghbxaxhe.sys [x]
S1 jrgekwki; \??\C:\windows\system32\drivers\jrgekwki.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-26 18:18 - 2013-10-26 18:18 - 01956160 _____ (Farbar) C:\Users\Dieter\Downloads\FRST64(2).exe
2013-10-26 18:10 - 2013-10-26 18:10 - 01033335 _____ (Thisisu) C:\Users\Dieter\Downloads\JRT.exe
2013-10-26 17:55 - 2013-10-26 17:55 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-26 17:54 - 2013-10-26 17:54 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Dieter\Downloads\mbam-setup-1.75.0.1300(2).exe
2013-10-26 17:31 - 2013-10-26 17:31 - 01060070 _____ C:\Users\Dieter\Downloads\adwcleaner(1).exe
2013-10-19 16:57 - 2013-10-19 16:57 - 00000000 ____D C:\Users\Dieter\AppData\Local\{CFDDDFF0-A2A4-4FC1-AC6C-BD5EBF9B1775}
2013-10-18 20:11 - 2013-10-18 20:11 - 01050644 _____ C:\Users\Dieter\Downloads\adwcleaner.exe
2013-10-18 20:06 - 2013-10-26 17:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-18 20:06 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2013-10-18 20:02 - 2013-10-18 20:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Dieter\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-10-17 20:18 - 2013-10-17 20:18 - 00000635 _____ C:\windows\SysWOW64\InstallUtil.InstallLog
2013-10-17 19:46 - 2013-10-17 19:46 - 00025792 _____ C:\ComboFix.txt
2013-10-17 19:26 - 2011-06-26 08:45 - 00256000 _____ C:\windows\PEV.exe
2013-10-17 19:26 - 2010-11-07 19:20 - 00208896 _____ C:\windows\MBR.exe
2013-10-17 19:26 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2013-10-17 19:26 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2013-10-17 19:26 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2013-10-17 19:26 - 2000-08-31 02:00 - 00098816 _____ C:\windows\sed.exe
2013-10-17 19:26 - 2000-08-31 02:00 - 00080412 _____ C:\windows\grep.exe
2013-10-17 19:26 - 2000-08-31 02:00 - 00068096 _____ C:\windows\zip.exe
2013-10-17 19:16 - 2013-10-17 19:46 - 00000000 ____D C:\Qoobox
2013-10-17 19:16 - 2013-10-17 19:45 - 00000000 ____D C:\windows\erdnt
2013-10-17 19:15 - 2013-10-17 19:15 - 00001392 _____ C:\Users\Dieter\Desktop\ComboFix - Verknüpfung.lnk
2013-10-17 19:05 - 2013-10-17 19:05 - 05134711 ____R (Swearware) C:\Users\Dieter\Desktop\ComboFix.exe
2013-10-15 19:17 - 2013-10-15 19:17 - 01954124 _____ (Farbar) C:\Users\Dieter\Downloads\FRST64(1).exe
2013-10-15 16:13 - 2013-10-15 16:32 - 00000000 ____D C:\Users\Dieter\Desktop\Simna
2013-10-15 14:12 - 2013-10-14 21:01 - 00118423 _____ C:\Users\Dieter\Desktop\Solitaire.SolitaireSave-ms
2013-10-15 11:17 - 2013-10-15 11:17 - 00016062 _____ C:\Users\Dieter\Downloads\Addition.txt
2013-10-15 11:16 - 2013-10-15 11:16 - 00000000 ____D C:\FRST
2013-10-15 11:15 - 2013-10-15 11:15 - 01954124 _____ (Farbar) C:\Users\Dieter\Downloads\FRST64.exe
2013-10-15 11:13 - 2013-10-15 11:13 - 00000472 _____ C:\Users\Dieter\Downloads\defogger_disable.log
2013-10-15 11:11 - 2013-10-15 11:11 - 00050477 _____ C:\Users\Dieter\Downloads\Defogger.exe
2013-10-12 18:54 - 2013-10-12 18:54 - 01528184 _____ (Microsoft Corporation) C:\Users\Dieter\Downloads\GenuineCheck(1).exe
2013-10-12 18:42 - 2013-10-12 18:42 - 01528184 _____ (Microsoft Corporation) C:\Users\Dieter\Downloads\GenuineCheck.exe
2013-10-11 16:24 - 2013-10-11 16:24 - 01048960 _____ C:\Users\Dieter\Downloads\adwcleaner_3.0.0.7.exe
2013-10-11 10:31 - 2013-10-11 10:31 - 00001931 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-11 10:30 - 2013-10-15 11:59 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-09 22:00 - 2013-10-09 22:00 - 00011444 _____ C:\Users\Dieter\Downloads\_RE(1)
2013-10-09 22:00 - 2013-10-09 22:00 - 00011444 _____ C:\Users\Dieter\Downloads\_RE
2013-10-09 15:12 - 2013-10-09 15:12 - 00907304 _____ (BillP Studios) C:\Users\Dieter\Downloads\wpsetup.exe
2013-10-09 14:24 - 2013-10-09 14:24 - 00000000 ____D C:\Users\Dieter\AppData\Roaming\Malwarebytes
2013-10-09 11:14 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-10-09 11:14 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-10-09 11:14 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-10-09 11:14 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-10-09 11:14 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-10-09 11:14 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-10-09 11:14 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-10-09 11:14 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-10-09 11:14 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-10-09 11:14 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-10-09 11:14 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-10-09 11:14 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-10-09 11:14 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-10-09 11:14 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-10-09 11:14 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-10-09 11:14 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-10-09 11:14 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-10-09 11:14 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-10-09 11:14 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-10-09 11:14 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-10-09 11:14 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-10-09 11:14 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-10-09 11:14 - 2013-09-23 00:54 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-10-09 11:14 - 2013-09-23 00:54 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-10-09 11:14 - 2013-09-23 00:54 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-10-09 11:14 - 2013-09-23 00:54 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-10-09 11:14 - 2013-09-23 00:54 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-10-09 11:14 - 2013-09-21 05:38 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-10-09 11:14 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-10-09 11:14 - 2013-09-21 04:48 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-10-09 11:14 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-09 10:09 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2013-10-09 10:09 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2013-10-09 10:08 - 2013-09-04 14:12 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2013-10-09 10:08 - 2013-09-04 14:11 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2013-10-09 10:08 - 2013-09-04 14:11 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2013-10-09 10:08 - 2013-09-04 14:11 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2013-10-09 10:08 - 2013-09-04 14:11 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2013-10-09 10:08 - 2013-09-04 14:11 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2013-10-09 10:08 - 2013-09-04 14:11 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2013-10-09 10:08 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-10-09 10:08 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2013-10-09 10:08 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 10:08 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 10:08 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
2013-10-09 10:08 - 2013-07-12 12:40 - 00109824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBAUDIO.sys
2013-10-09 10:08 - 2013-07-03 06:40 - 00042496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbscan.sys
2013-10-09 10:08 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2013-10-09 10:08 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2013-10-09 10:08 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2013-10-09 10:08 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2013-10-09 10:08 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2013-10-09 10:08 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2013-10-09 10:08 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2013-10-09 10:08 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2013-10-09 10:08 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2013-10-09 10:08 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2013-10-09 10:08 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2013-10-09 10:08 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2013-10-09 10:08 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2013-10-09 10:08 - 2012-11-29 00:56 - 00054376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfLdr.sys
2013-10-09 10:08 - 2012-11-29 00:56 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\Wdfres.dll
2013-10-09 10:08 - 2012-11-29 00:56 - 00000003 _____ C:\windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-10-08 13:59 - 2013-10-08 13:59 - 00000000 ____D C:\Users\Dieter\AppData\Local\{B07295BC-0E03-444D-9D7B-6B57003C32B3}
2013-10-08 13:28 - 2013-10-08 13:28 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_wpdcomp_01_09_00.Wdf
2013-10-04 18:08 - 2013-10-17 19:22 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-04 18:08 - 2013-10-04 18:12 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-04 18:07 - 2013-10-04 18:07 - 37672592 _____ (Safer-Networking Ltd.                                       ) C:\Users\Dieter\Downloads\spybotsd-2.1.21-SR2.exe
2013-10-04 17:44 - 2013-10-26 18:03 - 00000000 ____D C:\AdwCleaner
2013-10-04 17:34 - 2013-10-15 11:59 - 00000000 ____D C:\Program Files (x86)\Xvid
2013-10-04 17:34 - 2013-10-15 11:59 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2013-10-04 17:34 - 2013-10-15 11:59 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-10-04 17:34 - 2013-10-15 11:59 - 00000000 ____D C:\Program Files (x86)\DirectVobSub
2013-10-04 17:34 - 2013-10-04 17:34 - 00001991 _____ C:\windows\unins000.dat
2013-10-04 17:34 - 2013-10-04 17:33 - 00715038 _____ C:\windows\unins000.exe
2013-10-04 17:34 - 2012-02-26 16:47 - 00079360 _____ C:\windows\SysWOW64\ff_vfw.dll
2013-10-04 17:34 - 2012-01-09 20:45 - 00178688 _____ C:\windows\SysWOW64\unrar.dll
2013-10-04 17:34 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\windows\system32\lagarith.dll
2013-10-04 17:34 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\windows\SysWOW64\lagarith.dll
2013-10-04 17:34 - 2011-05-30 15:42 - 00255488 _____ C:\windows\system32\xvidvfw.dll
2013-10-04 17:34 - 2011-05-30 15:42 - 00240640 _____ C:\windows\SysWOW64\xvidvfw.dll
2013-10-04 17:34 - 2011-05-23 11:52 - 00153088 _____ C:\windows\SysWOW64\xvid.ax
2013-10-04 17:34 - 2011-05-23 09:49 - 00173568 _____ C:\windows\system32\xvid.ax
2013-10-04 17:34 - 2011-05-23 09:46 - 00645632 _____ C:\windows\SysWOW64\xvidcore.dll
2013-10-04 17:34 - 2011-05-23 09:45 - 00696832 _____ C:\windows\system32\xvidcore.dll
2013-10-04 17:33 - 2013-10-15 11:57 - 00000000 ____D C:\Program Files (x86)\DSP-worx
2013-10-04 17:33 - 2013-10-04 17:58 - 00000000 ____D C:\ProgramData\DivX
2013-10-04 17:33 - 2013-10-04 17:33 - 00000000 ____D C:\Program Files (x86)\OpenSource Flash Video Splitter
2013-10-04 17:33 - 2013-10-04 17:33 - 00000000 ____D C:\Program Files (x86)\Haali
2013-10-04 17:09 - 2013-10-15 11:57 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-04 17:07 - 2013-10-04 17:07 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Dieter\Downloads\mbam-setup-1.75.0.1300.exe

==================== One Month Modified Files and Folders =======

2013-10-26 18:18 - 2013-10-26 18:18 - 01956160 _____ (Farbar) C:\Users\Dieter\Downloads\FRST64(2).exe
2013-10-26 18:12 - 2009-07-14 06:45 - 00020480 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-26 18:12 - 2009-07-14 06:45 - 00020480 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-26 18:10 - 2013-10-26 18:10 - 01033335 _____ (Thisisu) C:\Users\Dieter\Downloads\JRT.exe
2013-10-26 18:10 - 2011-12-13 19:45 - 00001912 _____ C:\windows\epplauncher.mif
2013-10-26 18:10 - 2011-10-19 11:02 - 00653928 _____ C:\windows\system32\perfh007.dat
2013-10-26 18:10 - 2011-10-19 11:02 - 00129800 _____ C:\windows\system32\perfc007.dat
2013-10-26 18:10 - 2009-07-14 07:13 - 01498506 _____ C:\windows\system32\PerfStringBackup.INI
2013-10-26 18:06 - 2011-12-22 17:15 - 00000000 ____D C:\Users\Dieter\AppData\Roaming\Skype
2013-10-26 18:05 - 2013-03-29 10:31 - 00024452 _____ C:\windows\setupact.log
2013-10-26 18:05 - 2011-12-15 21:22 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-26 18:05 - 2011-12-13 21:53 - 00000000 ____D C:\ProgramData\Kodak
2013-10-26 18:05 - 2011-10-19 10:50 - 00546417 _____ C:\windows\system32\fastboot.set
2013-10-26 18:05 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-10-26 18:04 - 2013-03-29 10:31 - 00009880 _____ C:\windows\PFRO.log
2013-10-26 18:04 - 2011-10-19 10:28 - 01535198 _____ C:\windows\WindowsUpdate.log
2013-10-26 18:03 - 2013-10-04 17:44 - 00000000 ____D C:\AdwCleaner
2013-10-26 18:03 - 2012-04-16 08:45 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-10-26 17:55 - 2013-10-26 17:55 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-26 17:55 - 2013-10-18 20:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-26 17:54 - 2013-10-26 17:54 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Dieter\Downloads\mbam-setup-1.75.0.1300(2).exe
2013-10-26 17:48 - 2011-12-15 21:22 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-26 17:31 - 2013-10-26 17:31 - 01060070 _____ C:\Users\Dieter\Downloads\adwcleaner(1).exe
2013-10-26 17:22 - 2013-03-27 19:19 - 00052736 _____ C:\Users\Dieter\Desktop\Blutdruck.xls
2013-10-22 23:09 - 2012-06-14 15:34 - 00000000 ____D C:\Users\Admin
2013-10-22 10:46 - 2011-12-22 17:15 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-22 10:46 - 2011-12-22 17:15 - 00000000 ____D C:\ProgramData\Skype
2013-10-20 15:21 - 2011-12-20 16:58 - 00022528 _____ C:\Users\Dieter\Desktop\Adressliste Privat.xls
2013-10-19 16:57 - 2013-10-19 16:57 - 00000000 ____D C:\Users\Dieter\AppData\Local\{CFDDDFF0-A2A4-4FC1-AC6C-BD5EBF9B1775}
2013-10-18 20:11 - 2013-10-18 20:11 - 01050644 _____ C:\Users\Dieter\Downloads\adwcleaner.exe
2013-10-18 20:02 - 2013-10-18 20:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Dieter\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-10-17 20:18 - 2013-10-17 20:18 - 00000635 _____ C:\windows\SysWOW64\InstallUtil.InstallLog
2013-10-17 20:01 - 2013-08-23 21:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-17 19:46 - 2013-10-17 19:46 - 00025792 _____ C:\ComboFix.txt
2013-10-17 19:46 - 2013-10-17 19:16 - 00000000 ____D C:\Qoobox
2013-10-17 19:46 - 2009-07-14 05:20 - 00000000 ___HD C:\Users\Default
2013-10-17 19:45 - 2013-10-17 19:16 - 00000000 ____D C:\windows\erdnt
2013-10-17 19:44 - 2009-07-14 04:34 - 00000215 _____ C:\windows\system.ini
2013-10-17 19:22 - 2013-10-04 18:08 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-17 19:15 - 2013-10-17 19:15 - 00001392 _____ C:\Users\Dieter\Desktop\ComboFix - Verknüpfung.lnk
2013-10-17 19:05 - 2013-10-17 19:05 - 05134711 ____R (Swearware) C:\Users\Dieter\Desktop\ComboFix.exe
2013-10-15 19:17 - 2013-10-15 19:17 - 01954124 _____ (Farbar) C:\Users\Dieter\Downloads\FRST64(1).exe
2013-10-15 16:32 - 2013-10-15 16:13 - 00000000 ____D C:\Users\Dieter\Desktop\Simna
2013-10-15 12:00 - 2011-12-13 18:43 - 00068856 _____ C:\Users\Dieter\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-15 12:00 - 2011-12-13 18:42 - 00000000 ____D C:\Users\Dieter
2013-10-15 11:59 - 2013-10-11 10:30 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-15 11:59 - 2013-10-04 17:34 - 00000000 ____D C:\Program Files (x86)\Xvid
2013-10-15 11:59 - 2013-10-04 17:34 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2013-10-15 11:59 - 2013-10-04 17:34 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-10-15 11:59 - 2013-10-04 17:34 - 00000000 ____D C:\Program Files (x86)\DirectVobSub
2013-10-15 11:59 - 2013-07-24 10:29 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-10-15 11:59 - 2013-03-27 23:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-15 11:59 - 2013-03-27 23:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-15 11:59 - 2012-10-20 21:03 - 00000000 ____D C:\Users\Dieter\AppData\Roaming\Winamp
2013-10-15 11:59 - 2012-01-09 20:53 - 00000000 ____D C:\Users\Dieter\Desktop\Sammelbecken)
2013-10-15 11:59 - 2011-12-27 17:20 - 00000000 ____D C:\ProgramData\FLEXnet
2013-10-15 11:59 - 2011-12-19 19:37 - 00000000 ____D C:\Users\Dieter\AppData\Roaming\WinPatrol
2013-10-15 11:59 - 2011-12-18 18:38 - 00000000 ____D C:\windows\system32\Macromed
2013-10-15 11:59 - 2011-12-13 18:43 - 00000000 ____D C:\Users\Dieter\AppData\Local\Lenovo
2013-10-15 11:59 - 2009-07-14 05:20 - 00000000 ____D C:\windows\registration
2013-10-15 11:59 - 2009-07-14 05:20 - 00000000 ____D C:\windows\AppCompat
2013-10-15 11:59 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-10-15 11:58 - 2012-01-15 17:20 - 00000000 ____D C:\Users\Dieter\Desktop\Cafe Traumhaft
2013-10-15 11:57 - 2013-10-04 17:33 - 00000000 ____D C:\Program Files (x86)\DSP-worx
2013-10-15 11:57 - 2013-10-04 17:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-15 11:57 - 2011-12-19 19:37 - 00000000 ____D C:\ProgramData\InstallMate
2013-10-15 11:46 - 2011-12-13 18:57 - 00000000 ____D C:\Users\Dieter\AppData\Local\Mozilla
2013-10-15 11:17 - 2013-10-15 11:17 - 00016062 _____ C:\Users\Dieter\Downloads\Addition.txt
2013-10-15 11:16 - 2013-10-15 11:16 - 00000000 ____D C:\FRST
2013-10-15 11:15 - 2013-10-15 11:15 - 01954124 _____ (Farbar) C:\Users\Dieter\Downloads\FRST64.exe
2013-10-15 11:13 - 2013-10-15 11:13 - 00000472 _____ C:\Users\Dieter\Downloads\defogger_disable.log
2013-10-15 11:11 - 2013-10-15 11:11 - 00050477 _____ C:\Users\Dieter\Downloads\Defogger.exe
2013-10-14 21:01 - 2013-10-15 14:12 - 00118423 _____ C:\Users\Dieter\Desktop\Solitaire.SolitaireSave-ms
2013-10-12 18:54 - 2013-10-12 18:54 - 01528184 _____ (Microsoft Corporation) C:\Users\Dieter\Downloads\GenuineCheck(1).exe
2013-10-12 18:42 - 2013-10-12 18:42 - 01528184 _____ (Microsoft Corporation) C:\Users\Dieter\Downloads\GenuineCheck.exe
2013-10-11 16:24 - 2013-10-11 16:24 - 01048960 _____ C:\Users\Dieter\Downloads\adwcleaner_3.0.0.7.exe
2013-10-11 10:31 - 2013-10-11 10:31 - 00001931 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-09 22:00 - 2013-10-09 22:00 - 00011444 _____ C:\Users\Dieter\Downloads\_RE(1)
2013-10-09 22:00 - 2013-10-09 22:00 - 00011444 _____ C:\Users\Dieter\Downloads\_RE
2013-10-09 15:12 - 2013-10-09 15:12 - 00907304 _____ (BillP Studios) C:\Users\Dieter\Downloads\wpsetup.exe
2013-10-09 14:24 - 2013-10-09 14:24 - 00000000 ____D C:\Users\Dieter\AppData\Roaming\Malwarebytes
2013-10-09 13:02 - 2009-07-14 06:45 - 00326384 _____ C:\windows\system32\FNTCACHE.DAT
2013-10-09 11:13 - 2013-08-23 23:20 - 00000000 ____D C:\windows\system32\MRT
2013-10-09 11:11 - 2011-12-14 19:51 - 80541720 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-10-08 21:03 - 2012-04-16 08:45 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-10-08 21:03 - 2011-12-18 18:39 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-08 13:59 - 2013-10-08 13:59 - 00000000 ____D C:\Users\Dieter\AppData\Local\{B07295BC-0E03-444D-9D7B-6B57003C32B3}
2013-10-08 13:28 - 2013-10-08 13:28 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_wpdcomp_01_09_00.Wdf
2013-10-08 09:43 - 2009-07-14 07:08 - 00032632 _____ C:\windows\Tasks\SCHEDLGU.TXT
2013-10-04 18:12 - 2013-10-04 18:08 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-04 18:07 - 2013-10-04 18:07 - 37672592 _____ (Safer-Networking Ltd.                                       ) C:\Users\Dieter\Downloads\spybotsd-2.1.21-SR2.exe
2013-10-04 17:58 - 2013-10-04 17:33 - 00000000 ____D C:\ProgramData\DivX
2013-10-04 17:45 - 2011-12-13 18:57 - 00001053 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-04 17:36 - 2011-12-15 14:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-04 17:34 - 2013-10-04 17:34 - 00001991 _____ C:\windows\unins000.dat
2013-10-04 17:33 - 2013-10-04 17:34 - 00715038 _____ C:\windows\unins000.exe
2013-10-04 17:33 - 2013-10-04 17:33 - 00000000 ____D C:\Program Files (x86)\OpenSource Flash Video Splitter
2013-10-04 17:33 - 2013-10-04 17:33 - 00000000 ____D C:\Program Files (x86)\Haali
2013-10-04 17:07 - 2013-10-04 17:07 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Dieter\Downloads\mbam-setup-1.75.0.1300.exe

Files to move or delete:
====================
C:\ProgramData\flashax10.exe


Some content of TEMP:
====================
C:\Users\Dieter\AppData\Local\Temp\dotNetFx40_Client_setup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---
Was habe ich falsch gemacht??
Nachdem adwcleaner ist bei Neustart keine Textdatei erschienen.??

schrauber · 27.10.2013, 07:28

Schau mal unter C:\AdwCleaner ob die dort liegt.

igelchen1962 · 30.10.2013, 12:06

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.006 - Bericht erstellt am 04/10/2013 um 17:44:43
# Updated 01/10/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Admin - DIETER-PC
# Gestartet von : C:\Users\Admin\Downloads\adwcleaner.exe
# Option : Suchen

***** [ Dienste ] *****

Dienst Gefunden : bonanzadealslive
Dienst Gefunden : bonanzadealslivem
Dienst Gefunden : WajamUpdater
Dienst Gefunden : WsysSvc

***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\searchplugins\searchgol.xml
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\user.js
Datei Gefunden : C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\searchplugins\11-suche.xml
Ordner Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com
Ordner Gefunden C:\Program Files (x86)\BonanzaDealsLive
Ordner Gefunden C:\Program Files (x86)\searchgol
Ordner Gefunden C:\Program Files (x86)\Wajam
Ordner Gefunden C:\ProgramData\Babylon
Ordner Gefunden C:\ProgramData\BonanzaDealsLive
Ordner Gefunden C:\ProgramData\eSafe
Ordner Gefunden C:\ProgramData\Partner
Ordner Gefunden C:\Users\Admin\AppData\Local\BonanzaDealsLive
Ordner Gefunden C:\Users\Admin\AppData\Local\Temp\eIntaller
Ordner Gefunden C:\Users\Admin\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
Ordner Gefunden C:\Users\Admin\AppData\Roaming\BabSolution
Ordner Gefunden C:\Users\Admin\AppData\Roaming\digitalsite
Ordner Gefunden C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Ordner Gefunden C:\Users\Admin\AppData\Roaming\searchgol

***** [ Verknüpfungen ] *****

Verknüpfung Gefunden : C:\Users\Public\Desktop\Mozilla Firefox.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=HitachiXHDS721010CLA332_JP2940J82KBTPL2KBTPLX&ts=1380900834 )
Verknüpfung Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=HitachiXHDS721010CLA332_JP2940J82KBTPL2KBTPLX&ts=1380900834 )
Verknüpfung Gefunden : C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=HitachiXHDS721010CLA332_JP2940J82KBTPL2KBTPLX&ts=1380900834 )
Verknüpfung Gefunden : C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=HitachiXHDS721010CLA332_JP2940J82KBTPL2KBTPLX&ts=1380900834 )
Verknüpfung Gefunden : C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=HitachiXHDS721010CLA332_JP2940J82KBTPL2KBTPLX&ts=1380900834 )
Verknüpfung Gefunden : C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=HitachiXHDS721010CLA332_JP2940J82KBTPL2KBTPLX&ts=1380900834 )
Verknüpfung Gefunden : C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=HitachiXHDS721010CLA332_JP2940J82KBTPL2KBTPLX&ts=1380900834 )

***** [ Registrierungsdatenbank ] *****

Daten Gefunden : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command [(Default)] - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=HitachiXHDS721010CLA332_JP2940J82KBTPL2KBTPLX&ts=1380900834
Daten Gefunden : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=HitachiXHDS721010CLA332_JP2940J82KBTPL2KBTPLX&ts=1380900834
Schlüssel Gefunden : HKCU\Software\BabSolution
Schlüssel Gefunden : HKCU\Software\dsiteproducts
Schlüssel Gefunden : HKCU\Software\InstallCore
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Schlüssel Gefunden : HKCU\Software\Searchgol
Schlüssel Gefunden : HKCU\Software\Wajam
Schlüssel Gefunden : [x64] HKCU\Software\BabSolution
Schlüssel Gefunden : [x64] HKCU\Software\dsiteproducts
Schlüssel Gefunden : [x64] HKCU\Software\InstallCore
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : [x64] HKCU\Software\Searchgol
Schlüssel Gefunden : [x64] HKCU\Software\Wajam
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00078E95-3A4A-4137-8DE7-2824908D1C17}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{8F547BDD-FCD4-48F8-A06F-573D6F404A3C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\S
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Schlüssel Gefunden : HKLM\Software\eSafeSecControl
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_winpatrol_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_winpatrol_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8F547BDD-FCD4-48F8-A06F-573D6F404A3C}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchgol
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search-Gol Chrome Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSysControl
Schlüssel Gefunden : HKLM\Software\qvo6Software
Schlüssel Gefunden : HKLM\Software\Searchgol
Schlüssel Gefunden : HKLM\Software\Wajam
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Wert Gefunden : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{00078E95-3A4A-4137-8DE7-2824908D1C17}]

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16686

Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=HitachiXHDS721010CLA332_JP2940J82KBTPL2KBTPLX&ts=1380900834
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=HitachiXHDS721010CLA332_JP2940J82KBTPL2KBTPLX&ts=1380900834
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=HitachiXHDS721010CLA332_JP2940J82KBTPL2KBTPLX&ts=1380900834
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=HitachiXHDS721010CLA332_JP2940J82KBTPL2KBTPLX&ts=1380900834
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=HitachiXHDS721010CLA332_JP2940J82KBTPL2KBTPLX&ts=1380900834

-\\ Mozilla Firefox v23.0.1 (de)

[ Datei : C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\prefs.js ]

Zeile gefunden : user_pref("browser.search.defaultenginename", "qvo6");
Zeile gefunden : user_pref("browser.search.selectedEngine", "qvo6");

-\\ Google Chrome v

[ Datei : C:\Users\Dieter\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [12491 octets] - [04/10/2013 17:44:43]

########## EOF - \AdwCleaner\AdwCleaner[R0].txt - [12552 octets] ##########

--- --- ---
AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.007 - Bericht erstellt am 11/10/2013 um 16:24:56
# Updated 09/10/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Admin - DIETER-PC
# Gestartet von : C:\Users\Dieter\Downloads\adwcleaner_3.0.0.7.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\searchplugins\bingp.xml
Datei Gefunden : C:\windows\System32\Tasks\digitalsite
Datei Gefunden : C:\windows\Tasks\digitalsite.job

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v23.0.1 (de)

[ Datei : C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\prefs.js ]

Zeile gefunden : user_pref("browser.newtab.url", "hxxp://www.searchgol.com/?babsrc=NT_ss&mntrId=08864437E6702DEE&affID=125035&tsp=5025");
Zeile gefunden : user_pref("browser.startup.homepage", "hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=08864437E6702DEE&affID=125035&tsp=5025");
Zeile gefunden : user_pref("extensions.searchgol.admin", false);
Zeile gefunden : user_pref("extensions.searchgol.aflt", "babsst");
Zeile gefunden : user_pref("extensions.searchgol.appId", "{4277F7CF-0000-46CF-BA49-D624465C4BAB}");
Zeile gefunden : user_pref("extensions.searchgol.autoRvrt", "false");
Zeile gefunden : user_pref("extensions.searchgol.dfltLng", "de");
Zeile gefunden : user_pref("extensions.searchgol.excTlbr", false);
Zeile gefunden : user_pref("extensions.searchgol.ffxUnstlRst", false);
Zeile gefunden : user_pref("extensions.searchgol.id", "08863d9e0000000000004437e6702dee");
Zeile gefunden : user_pref("extensions.searchgol.instlDay", "15982");
Zeile gefunden : user_pref("extensions.searchgol.instlRef", "sst");
Zeile gefunden : user_pref("extensions.searchgol.newTab", false);
Zeile gefunden : user_pref("extensions.searchgol.prdct", "searchgol");
Zeile gefunden : user_pref("extensions.searchgol.prtnrId", "searchgol");
Zeile gefunden : user_pref("extensions.searchgol.rvrt", "false");
Zeile gefunden : user_pref("extensions.searchgol.smplGrp", "none");
Zeile gefunden : user_pref("extensions.searchgol.tlbrId", "base");
Zeile gefunden : user_pref("extensions.searchgol.tlbrSrchUrl", "");
Zeile gefunden : user_pref("extensions.searchgol.vrsn", "1.8.16.19");
Zeile gefunden : user_pref("extensions.searchgol.vrsnTs", "1.8.16.1917:34:51");
Zeile gefunden : user_pref("extensions.searchgol.vrsni", "1.8.16.19");

-\\ Google Chrome v

[ Datei : C:\Users\Dieter\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [12671 octets] - [04/10/2013 17:44:43]
AdwCleaner[R1].txt - [3768 octets] - [11/10/2013 16:24:57]
AdwCleaner[S0].txt - [10150 octets] - [04/10/2013 17:45:17]

########## EOF - \AdwCleaner\AdwCleaner[R1].txt - [3889 octets] ##########

--- --- ---
AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.010 - Bericht erstellt am 26/10/2013 um 17:37:31
# Updated 20/10/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Admin - DIETER-PC
# Gestartet von : C:\Users\Dieter\Downloads\adwcleaner(1).exe
# Option : Suchen

***** [ Dienste ] *****

Dienst Gefunden : SProtection

***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\all-iminent.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\webbooster@iminent.com.xpi
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\searchplugins\iminent.xml
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\user.js
Datei Gefunden : C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\Extensions\webbooster@iminent.com.xpi
Datei Gefunden : C:\windows\System32\Tasks\BonanzaDealsUpdate
Ordner Gefunden : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj
Ordner Gefunden : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb
Ordner Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}
Ordner Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com
Ordner Gefunden C:\Program Files (x86)\BonanzaDeals
Ordner Gefunden C:\Program Files (x86)\Common Files\Umbrella
Ordner Gefunden C:\Program Files (x86)\Iminent
Ordner Gefunden C:\Program Files (x86)\IminentToolbar
Ordner Gefunden C:\ProgramData\Iminent
Ordner Gefunden C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
Ordner Gefunden C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
Ordner Gefunden C:\Users\Admin\AppData\Roaming\Iminent
Ordner Gefunden C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
Ordner Gefunden C:\Users\Dieter\AppData\Roaming\Iminent

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\BonanzaDealsLive
Schlüssel Gefunden : HKCU\Software\Iminent
Schlüssel Gefunden : [x64] HKCU\Software\BonanzaDealsLive
Schlüssel Gefunden : [x64] HKCU\Software\Iminent
Schlüssel Gefunden : HKLM\Software\BonanzaDealsLive
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4277F7CF-0000-46CF-BA49-D624465C4BAB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{88AF4F6A-C6B7-4229-9275-824E98BF97F9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\BonanzaDealsLive.exe
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickCtrl.9
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLive.Update3WebControl.3
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{118E1BF6-6279-432F-A285-373A77B90C7A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{14CEEA2F-3D21-46ED-A7D2-89056C520E5E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1CC8D970-F626-4F19-815F-890032BB6606}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{539F74BF-7E5C-46BD-9D45-35B1A91C9CBD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{5B5E5D0E-7C83-4A32-ADD2-E5F488DD6783}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6802463D-636F-41FE-9924-4CAD56906590}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{806785D0-375F-4C2C-92E3-B8EE65D28E83}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{840A13FF-B464-4782-9C96-AAF3092E55DD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{944661E7-67B9-4DF7-BFF2-05388C166D34}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{9448AC19-EB62-46D5-B7DA-B059A7DB466A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{A7CF66EF-4F0D-46B1-AF71-A500378D6C34}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{B71934E5-6B93-448D-9D32-CBAA5150C5D8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D8E43B96-EB46-4820-92B7-232AEB735685}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E970727E-0508-4BEB-8B72-BBA9D0D047C7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{EBF1F869-D2F0-4D31-A877-386C853A9C3D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F3CF4912-CF0A-451B-AF3B-C4F216C715E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F904AC50-215C-42AB-A532-77E9FDBA9B19}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.iminentESrvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.iminentESrvc.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.searchgolESrvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.searchgolESrvc.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\I
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iminent.iminentappCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iminent.iminentappCore.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iminent.iminentdskBnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iminent.iminentdskBnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iminent.iminentHlpr
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iminent.iminentHlpr.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3860D897-7DCD-473C-9744-B21DB133AB20}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\searchgol.searchgolappCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\searchgol.searchgolappCore.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\searchgol.searchgoldskBnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\searchgol.searchgoldskBnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\searchgol.searchgolHlpr
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\searchgol.searchgolHlpr.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{105F25A9-C42F-48A6-998D-0494E8AE336A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{88AF4F6A-C6B7-4229-9275-824E98BF97F9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\aipfmkinhleccnodemkoofnnofpbbpac
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb
Schlüssel Gefunden : HKLM\Software\Iminent
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C5CBB76-7379-4490-AA5B-B037C0A36381}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bonanza Deals
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Iminent
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gefunden : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3
Schlüssel Gefunden : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9
Schlüssel Gefunden : HKLM\Software\Umbrella
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{3860D897-7DCD-473C-9744-B21DB133AB20}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger]

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v23.0.1 (de)

[ Datei : C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Dieter\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [12671 octets] - [04/10/2013 17:44:43]
AdwCleaner[R1].txt - [3975 octets] - [11/10/2013 16:24:57]
AdwCleaner[R2].txt - [31025 octets] - [26/10/2013 17:37:31]
AdwCleaner[S0].txt - [10150 octets] - [04/10/2013 17:45:17]
AdwCleaner[S1].txt - [3914 octets] - [11/10/2013 16:25:40]

########## EOF - \AdwCleaner\AdwCleaner[R2].txt - [31207 octets] ##########

--- --- ---

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.010 - Bericht erstellt am 26/10/2013 um 17:43:57
# Updated 20/10/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Admin - DIETER-PC
# Gestartet von : C:\Users\Dieter\Downloads\adwcleaner(1).exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gefunden : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj
Ordner Gefunden : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v23.0.1 (de)

[ Datei : C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Dieter\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [12671 octets] - [04/10/2013 17:44:43]
AdwCleaner[R1].txt - [3975 octets] - [11/10/2013 16:24:57]
AdwCleaner[R2].txt - [31486 octets] - [26/10/2013 17:37:31]
AdwCleaner[R3].txt - [1403 octets] - [26/10/2013 17:43:57]
AdwCleaner[S0].txt - [10150 octets] - [04/10/2013 17:45:17]
AdwCleaner[S1].txt - [3914 octets] - [11/10/2013 16:25:40]
AdwCleaner[S2].txt - [31379 octets] - [26/10/2013 17:39:07]

########## EOF - \AdwCleaner\AdwCleaner[R3].txt - [1645 octets] ##########

--- --- ---
AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.010 - Bericht erstellt am 26/10/2013 um 18:02:59
# Updated 20/10/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Admin - DIETER-PC
# Gestartet von : C:\Users\Dieter\Downloads\adwcleaner(1).exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v23.0.1 (de)

[ Datei : C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Dieter\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [12671 octets] - [04/10/2013 17:44:43]
AdwCleaner[R1].txt - [3975 octets] - [11/10/2013 16:24:57]
AdwCleaner[R2].txt - [31486 octets] - [26/10/2013 17:37:31]
AdwCleaner[R3].txt - [1723 octets] - [26/10/2013 17:43:57]
AdwCleaner[R4].txt - [1215 octets] - [26/10/2013 18:02:59]
AdwCleaner[S0].txt - [10150 octets] - [04/10/2013 17:45:17]
AdwCleaner[S1].txt - [3914 octets] - [11/10/2013 16:25:40]
AdwCleaner[S2].txt - [31379 octets] - [26/10/2013 17:39:07]
AdwCleaner[S3].txt - [1784 octets] - [26/10/2013 17:46:44]

########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [1517 octets] ##########

--- --- ---
AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.006 - Bericht erstellt am 04/10/2013 um 17:45:17
# Updated 01/10/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Admin - DIETER-PC
# Gestartet von : C:\Users\Admin\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : bonanzadealslive
[#] Dienst Gelöscht : bonanzadealslivem
Dienst Gelöscht : WajamUpdater
Dienst Gelöscht : WsysSvc

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BonanzaDealsLive
Ordner Gelöscht : C:\ProgramData\eSafe
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Program Files (x86)\BonanzaDealsLive
Ordner Gelöscht : C:\Program Files (x86)\searchgol
Ordner Gelöscht : C:\Program Files (x86)\Wajam
Ordner Gelöscht : C:\Users\Admin\AppData\Local\BonanzaDealsLive
Ordner Gelöscht : C:\Users\Admin\AppData\Local\Temp\eIntaller
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\digitalsite
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\searchgol
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com
Datei Gelöscht : C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\searchplugins\11-suche.xml
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\searchplugins\searchgol.xml
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\user.js

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\S
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_winpatrol_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_winpatrol_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00078E95-3A4A-4137-8DE7-2824908D1C17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8F547BDD-FCD4-48F8-A06F-573D6F404A3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8F547BDD-FCD4-48F8-A06F-573D6F404A3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{00078E95-3A4A-4137-8DE7-2824908D1C17}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Searchgol
Schlüssel Gelöscht : HKCU\Software\Wajam
Schlüssel Gelöscht : HKLM\Software\eSafeSecControl
Schlüssel Gelöscht : HKLM\Software\qvo6Software
Schlüssel Gelöscht : HKLM\Software\Searchgol
Schlüssel Gelöscht : HKLM\Software\Wajam
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search-Gol Chrome Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchgol
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSysControl

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16686

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v23.0.1 (de)

[ Datei : C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultenginename", "qvo6");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "qvo6");

-\\ Google Chrome v

[ Datei : C:\Users\Dieter\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [12671 octets] - [04/10/2013 17:44:43]
AdwCleaner[S0].txt - [9995 octets] - [04/10/2013 17:45:17]

########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [10055 octets] ##########

--- --- ---

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.007 - Bericht erstellt am 11/10/2013 um 16:25:40
# Updated 09/10/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Admin - DIETER-PC
# Gestartet von : C:\Users\Dieter\Downloads\adwcleaner_3.0.0.7.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\searchplugins\bingp.xml
Datei Gelöscht : C:\windows\Tasks\digitalsite.job
Datei Gelöscht : C:\windows\System32\Tasks\digitalsite

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v23.0.1 (de)

[ Datei : C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\prefs.js ]

Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://www.searchgol.com/?babsrc=NT_ss&mntrId=08864437E6702DEE&affID=125035&tsp=5025");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=08864437E6702DEE&affID=125035&tsp=5025");
Zeile gelöscht : user_pref("extensions.searchgol.admin", false);
Zeile gelöscht : user_pref("extensions.searchgol.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.searchgol.appId", "{4277F7CF-0000-46CF-BA49-D624465C4BAB}");
Zeile gelöscht : user_pref("extensions.searchgol.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.searchgol.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.searchgol.excTlbr", false);
Zeile gelöscht : user_pref("extensions.searchgol.ffxUnstlRst", false);
Zeile gelöscht : user_pref("extensions.searchgol.id", "08863d9e0000000000004437e6702dee");
Zeile gelöscht : user_pref("extensions.searchgol.instlDay", "15982");
Zeile gelöscht : user_pref("extensions.searchgol.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.searchgol.newTab", false);
Zeile gelöscht : user_pref("extensions.searchgol.prdct", "searchgol");
Zeile gelöscht : user_pref("extensions.searchgol.prtnrId", "searchgol");
Zeile gelöscht : user_pref("extensions.searchgol.rvrt", "false");
Zeile gelöscht : user_pref("extensions.searchgol.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.searchgol.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.searchgol.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.searchgol.vrsn", "1.8.16.19");
Zeile gelöscht : user_pref("extensions.searchgol.vrsnTs", "1.8.16.1917:34:51");
Zeile gelöscht : user_pref("extensions.searchgol.vrsni", "1.8.16.19");

-\\ Google Chrome v

[ Datei : C:\Users\Dieter\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [12671 octets] - [04/10/2013 17:44:43]
AdwCleaner[R1].txt - [3975 octets] - [11/10/2013 16:24:57]
AdwCleaner[S0].txt - [10150 octets] - [04/10/2013 17:45:17]
AdwCleaner[S1].txt - [3772 octets] - [11/10/2013 16:25:40]

########## EOF - \AdwCleaner\AdwCleaner[S1].txt - [3832 octets] ##########

--- --- ---
AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.010 - Bericht erstellt am 26/10/2013 um 17:39:07
# Updated 20/10/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Admin - DIETER-PC
# Gestartet von : C:\Users\Dieter\Downloads\adwcleaner(1).exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : SProtection

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Iminent
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
Ordner Gelöscht : C:\Program Files (x86)\BonanzaDeals
Ordner Gelöscht : C:\Program Files (x86)\Iminent
Ordner Gelöscht : C:\Program Files (x86)\IminentToolbar
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Umbrella
Ordner Gelöscht : C:\Users\Dieter\AppData\Roaming\Iminent
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Iminent
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com
Ordner Gelöscht : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj
Ordner Gelöscht : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb
Datei Gelöscht : C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\Extensions\webbooster@iminent.com.xpi
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\webbooster@iminent.com.xpi
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\all-iminent.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\searchplugins\iminent.xml
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\user.js
Datei Gelöscht : C:\windows\System32\Tasks\BonanzaDealsUpdate

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\aipfmkinhleccnodemkoofnnofpbbpac
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BonanzaDealsLive.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickCtrl.9
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLive.Update3WebControl.3
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.iminentESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.iminentESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.searchgolESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.searchgolESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\I
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iminent.iminentappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iminent.iminentappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iminent.iminentdskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iminent.iminentdskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iminent.iminentHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iminent.iminentHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\searchgol.searchgolappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\searchgol.searchgolappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\searchgol.searchgoldskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\searchgol.searchgoldskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\searchgol.searchgolHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\searchgol.searchgolHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger]
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4277F7CF-0000-46CF-BA49-D624465C4BAB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{88AF4F6A-C6B7-4229-9275-824E98BF97F9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{118E1BF6-6279-432F-A285-373A77B90C7A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{14CEEA2F-3D21-46ED-A7D2-89056C520E5E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1CC8D970-F626-4F19-815F-890032BB6606}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{539F74BF-7E5C-46BD-9D45-35B1A91C9CBD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5B5E5D0E-7C83-4A32-ADD2-E5F488DD6783}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6802463D-636F-41FE-9924-4CAD56906590}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{806785D0-375F-4C2C-92E3-B8EE65D28E83}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{840A13FF-B464-4782-9C96-AAF3092E55DD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{944661E7-67B9-4DF7-BFF2-05388C166D34}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9448AC19-EB62-46D5-B7DA-B059A7DB466A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A7CF66EF-4F0D-46B1-AF71-A500378D6C34}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B71934E5-6B93-448D-9D32-CBAA5150C5D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D8E43B96-EB46-4820-92B7-232AEB735685}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E970727E-0508-4BEB-8B72-BBA9D0D047C7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EBF1F869-D2F0-4D31-A877-386C853A9C3D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F3CF4912-CF0A-451B-AF3B-C4F216C715E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F904AC50-215C-42AB-A532-77E9FDBA9B19}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3860D897-7DCD-473C-9744-B21DB133AB20}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{105F25A9-C42F-48A6-998D-0494E8AE336A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{88AF4F6A-C6B7-4229-9275-824E98BF97F9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C5CBB76-7379-4490-AA5B-B037C0A36381}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3860D897-7DCD-473C-9744-B21DB133AB20}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKCU\Software\BonanzaDealsLive
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\BonanzaDealsLive
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\Umbrella
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bonanza Deals
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v23.0.1 (de)

[ Datei : C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Dieter\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [12671 octets] - [04/10/2013 17:44:43]
AdwCleaner[R1].txt - [3975 octets] - [11/10/2013 16:24:57]
AdwCleaner[R2].txt - [31486 octets] - [26/10/2013 17:37:31]
AdwCleaner[S0].txt - [10150 octets] - [04/10/2013 17:45:17]
AdwCleaner[S1].txt - [3914 octets] - [11/10/2013 16:25:40]
AdwCleaner[S2].txt - [31047 octets] - [26/10/2013 17:39:07]

########## EOF - \AdwCleaner\AdwCleaner[S2].txt - [31108 octets] ##########

--- --- ---

igelchen1962 · 30.10.2013, 12:08

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.010 - Bericht erstellt am 26/10/2013 um 17:46:44
# Updated 20/10/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Admin - DIETER-PC
# Gestartet von : C:\Users\Dieter\Downloads\adwcleaner(1).exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj
Ordner Gelöscht : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v23.0.1 (de)

[ Datei : C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Dieter\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [12671 octets] - [04/10/2013 17:44:43]
AdwCleaner[R1].txt - [3975 octets] - [11/10/2013 16:24:57]
AdwCleaner[R2].txt - [31486 octets] - [26/10/2013 17:37:31]
AdwCleaner[R3].txt - [1723 octets] - [26/10/2013 17:43:57]
AdwCleaner[S0].txt - [10150 octets] - [04/10/2013 17:45:17]
AdwCleaner[S1].txt - [3914 octets] - [11/10/2013 16:25:40]
AdwCleaner[S2].txt - [31379 octets] - [26/10/2013 17:39:07]
AdwCleaner[S3].txt - [1646 octets] - [26/10/2013 17:46:44]

########## EOF - \AdwCleaner\AdwCleaner[S3].txt - [1706 octets] ##########

--- --- ---
AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.010 - Bericht erstellt am 26/10/2013 um 18:03:42
# Updated 20/10/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Admin - DIETER-PC
# Gestartet von : C:\Users\Dieter\Downloads\adwcleaner(1).exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v23.0.1 (de)

[ Datei : C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Dieter\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [12671 octets] - [04/10/2013 17:44:43]
AdwCleaner[R1].txt - [3975 octets] - [11/10/2013 16:24:57]
AdwCleaner[R2].txt - [31486 octets] - [26/10/2013 17:37:31]
AdwCleaner[R3].txt - [1723 octets] - [26/10/2013 17:43:57]
AdwCleaner[R4].txt - [1597 octets] - [26/10/2013 18:02:59]
AdwCleaner[S0].txt - [10150 octets] - [04/10/2013 17:45:17]
AdwCleaner[S1].txt - [3914 octets] - [11/10/2013 16:25:40]
AdwCleaner[S2].txt - [31379 octets] - [26/10/2013 17:39:07]
AdwCleaner[S3].txt - [1784 octets] - [26/10/2013 17:46:44]
AdwCleaner[S4].txt - [1518 octets] - [26/10/2013 18:03:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1578 octets] ##########

--- --- ---
C:\ProgramData\BonanzaDealsLive\Update\Log\BonanzaDealsLive.log->\AdwCleaner\Quarantine\C\ProgramData\BonanzaDealsLive\Update\Log\BonanzaDealsLive.log.vir
C:\ProgramData\eSafe\eGdpSvc.exe->\AdwCleaner\Quarantine\C\ProgramData\eSafe\eGdpSvc.exe.vir
C:\ProgramData\eSafe\log\eGdpSvc.LOG->\AdwCleaner\Quarantine\C\ProgramData\eSafe\log\eGdpSvc.LOG.vir
C:\ProgramData\Partner\debug.log->\AdwCleaner\Quarantine\C\ProgramData\Partner\debug.log.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLive.exe->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLive.exe.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLiveBroker.exe->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLiveBroker.exe.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLiveHandler.exe->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLiveHandler.exe.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLiveHelper.msi->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLiveHelper.msi.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLiveOnDemand.exe->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLiveOnDemand.exe.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdate.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdate.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_am.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_am.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ar.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ar.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_bg.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_bg.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_bn.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_bn.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ca.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ca.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_cs.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_cs.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_da.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_da.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_de.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_de.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_el.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_el.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_en-GB.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_en-GB.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_en.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_en.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_es-419.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_es-419.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_es.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_es.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_et.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_et.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_fa.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_fa.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_fi.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_fi.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_fil.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_fil.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_fr.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_fr.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_gu.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_gu.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_hi.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_hi.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_hr.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_hr.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_hu.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_hu.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_id.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_id.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_is.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_is.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_it.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_it.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_iw.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_iw.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ja.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ja.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_kn.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_kn.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ko.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ko.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_lt.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_lt.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_lv.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_lv.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ml.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ml.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_mr.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_mr.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ms.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ms.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_nl.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_nl.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_no.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_no.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_pl.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_pl.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_pt-BR.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_pt-BR.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_pt-PT.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_pt-PT.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ro.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ro.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ru.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ru.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_sk.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_sk.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_sl.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_sl.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_sr.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_sr.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_sv.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_sv.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_sw.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_sw.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ta.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ta.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_te.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_te.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_th.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_th.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_tr.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_tr.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_uk.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_uk.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ur.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_ur.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_vi.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_vi.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_zh-CN.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_zh-CN.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_zh-TW.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdateres_zh-TW.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\psmachine.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\psmachine.dll.vir
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\psuser.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\psuser.dll.vir
C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\escortShld.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\searchgol\searchgol\1.8.16.19\escortShld.dll.vir
C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\GUninstaller.exe->\AdwCleaner\Quarantine\C\Program Files (x86)\searchgol\searchgol\1.8.16.19\GUninstaller.exe.vir
C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\searchgolApp.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\searchgol\searchgol\1.8.16.19\searchgolApp.dll.vir
C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\searchgolEng.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\searchgol\searchgol\1.8.16.19\searchgolEng.dll.vir
C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\searchgolsrv.exe->\AdwCleaner\Quarantine\C\Program Files (x86)\searchgol\searchgol\1.8.16.19\searchgolsrv.exe.vir
C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\searchgolTlbr.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\searchgol\searchgol\1.8.16.19\searchgolTlbr.dll.vir
C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\uninstall.exe->\AdwCleaner\Quarantine\C\Program Files (x86)\searchgol\searchgol\1.8.16.19\uninstall.exe.vir
C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\bh\searchgol.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\searchgol\searchgol\1.8.16.19\bh\searchgol.dll.vir
C:\Program Files (x86)\Wajam\uninstall.exe->\AdwCleaner\Quarantine\C\Program Files (x86)\Wajam\uninstall.exe.vir
C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe->\AdwCleaner\Quarantine\C\Program Files (x86)\Wajam\Updater\WajamUpdater.exe.vir
C:\Program Files (x86)\Wajam\IE\favicon.ico->\AdwCleaner\Quarantine\C\Program Files (x86)\Wajam\IE\favicon.ico.vir
C:\Program Files (x86)\Wajam\IE\priam_bho.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Wajam\IE\priam_bho.dll.vir
C:\Program Files (x86)\Wajam\IE\wajamLogo.bmp->\AdwCleaner\Quarantine\C\Program Files (x86)\Wajam\IE\wajamLogo.bmp.vir
C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi->\AdwCleaner\Quarantine\C\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi.vir
C:\Users\Admin\AppData\Local\Temp\eIntaller\45508C23790E49859823B60328CED5B4\Config.ini->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Temp\eIntaller\45508C23790E49859823B60328CED5B4\Config.ini.vir
C:\Users\Admin\AppData\Local\Temp\eIntaller\45508C23790E49859823B60328CED5B4\eGdpSvc.exe->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Temp\eIntaller\45508C23790E49859823B60328CED5B4\eGdpSvc.exe.vir
C:\Users\Admin\AppData\Local\Temp\eIntaller\45508C23790E49859823B60328CED5B4\exb.bin->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Temp\eIntaller\45508C23790E49859823B60328CED5B4\exb.bin.vir
C:\Users\Admin\AppData\Local\Temp\eIntaller\45508C23790E49859823B60328CED5B4\exb.ico->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Temp\eIntaller\45508C23790E49859823B60328CED5B4\exb.ico.vir
C:\Users\Admin\AppData\Local\Temp\eIntaller\45508C23790E49859823B60328CED5B4\exb.skin->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Temp\eIntaller\45508C23790E49859823B60328CED5B4\exb.skin.vir
C:\Users\Admin\AppData\Local\Temp\eIntaller\45508C23790E49859823B60328CED5B4\eXQ.exe->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Temp\eIntaller\45508C23790E49859823B60328CED5B4\eXQ.exe.vir
C:\Users\Admin\AppData\Local\Temp\eIntaller\45508C23790E49859823B60328CED5B4\newtab.crx->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Temp\eIntaller\45508C23790E49859823B60328CED5B4\newtab.crx.vir
C:\Users\Admin\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z\Codec Pack Packages\uninstaller.exe->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z\Codec Pack Packages\uninstaller.exe.vir
C:\Users\Admin\AppData\Roaming\BabSolution\Shared\BabMaint.exe->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\BabSolution\Shared\BabMaint.exe.vir
C:\Users\Admin\AppData\Roaming\BabSolution\Shared\BUSolution.dll->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\BabSolution\Shared\BUSolution.dll.vir
C:\Users\Admin\AppData\Roaming\BabSolution\Shared\GUninstaller.exe->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\BabSolution\Shared\GUninstaller.exe.vir
C:\Users\Admin\AppData\Roaming\BabSolution\Shared\searchgol.ico->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\BabSolution\Shared\searchgol.ico.vir
C:\Users\Admin\AppData\Roaming\BabSolution\Shared\SetupParams.ini->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\BabSolution\Shared\SetupParams.ini.vir
C:\Users\Admin\AppData\Roaming\BabSolution\Shared\sqlite3.dll->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\BabSolution\Shared\sqlite3.dll.vir
C:\Users\Admin\AppData\Roaming\BabSolution\CR\searchgol.crx->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\BabSolution\CR\searchgol.crx.vir
C:\Users\Admin\AppData\Roaming\digitalsite\UpdateProc\config.dat->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\digitalsite\UpdateProc\config.dat.vir
C:\Users\Admin\AppData\Roaming\digitalsite\UpdateProc\prod.dat->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\digitalsite\UpdateProc\prod.dat.vir
C:\Users\Admin\AppData\Roaming\digitalsite\UpdateProc\UpdateTask.exe->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\digitalsite\UpdateProc\UpdateTask.exe.vir
C:\Users\Admin\AppData\Roaming\searchgol\sqlite3.dll->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\searchgol\sqlite3.dll.vir
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\uninstall.lnk->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\uninstall.lnk.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\chrome.manifest->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\chrome.manifest.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\install.rdf->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\install.rdf.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\META-INF\manifest.mf->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\META-INF\manifest.mf.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\META-INF\zigbert.rsa->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\META-INF\zigbert.rsa.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\META-INF\zigbert.sf->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\META-INF\zigbert.sf.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\dpk.htm->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\dpk.htm.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\hlprs.js->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\hlprs.js.vi r
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\loader.xul->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\loader.xul.vi r
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\mtstart.js->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\mtstart.js.vi r
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\searchgol.css->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\searchgol.css .vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\searchgol.xul->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\searchgol.xul .vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\serp.js->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\serp.js.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\tmplt.js->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\tmplt.js.vi r
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\arwDwn.gif->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\arwDwn.g if.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\closeo.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\closeo.p ng.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\help_16.gif->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\help_16. gif.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\home.gif->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\home.gif .vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\icon_seperator.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\icon_sep erator.png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\logo.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\logo.png .vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\privecy_16_hot.gif->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\privecy_ 16_hot.gif.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\sign.jpg->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\sign.jpg .vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\specialoffer.gif->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\specialo ffer.gif.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\tellafriend.gif->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\tellafri end.gif.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\uninstall.gif->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\uninstal l.gif.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\ae.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\ae. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\bg.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\bg. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\ch.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\ch. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\cn.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\cn. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\cz.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\cz. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\de.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\de. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\eg.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\eg. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\en.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\en. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\es.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\es. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\fr.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\fr. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\gr.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\gr. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\he.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\he. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\il.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\il. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\it.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\it. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\ja.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\ja. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\jp.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\jp. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\nl.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\nl. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\no.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\no. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\pl.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\pl. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\pt.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\pt. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\ro.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\ro. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\ru.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\ru. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\sa.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\sa. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\se.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\se. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\sv.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\sv. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\tr.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\tr. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\ua.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\ua. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\us.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\content\imgs\flgs\us. png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\components\FFDisp.dll->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@searchgol.com\components\FFDisp.dll .vir
C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\searchplugins\11-suche.xml->\AdwCleaner\Quarantine\C\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\searchplugins\11-suche.xml.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\searchplugins\searchgol.xml->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\searchplugins\searchgol.xml.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\user.js->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\user.js.vir
C:\Users\Public\Desktop\Mozilla Firefox.lnk->\AdwCleaner\Quarantine\C\Users\Public\Desktop\Mozilla Firefox.lnk.vir
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk->\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk.vir
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk.vir
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk.vir
C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk.vir
C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk.vir
C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\searchplugins\bingp.xml->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\searchplugins\bingp.xml.vir
C:\windows\Tasks\digitalsite.job->\AdwCleaner\Quarantine\C\windows\Tasks\digitalsite.job.vir
C:\windows\System32\Tasks\digitalsite->\AdwCleaner\Quarantine\C\windows\System32\Tasks\digitalsite.vir
C:\ProgramData\Iminent\Mediator\Datas\Cache\apix.iminent.com\1031.11575f00-7bdc-4181-ba0a-b298aeab228c.dat->\AdwCleaner\Quarantine\C\ProgramData\Iminent\Mediator\Datas\Cache\apix.iminent.com\1031.11575f00-7bdc-4181-ba0a-b298aeab228c.dat.vir
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\Blog.lnk->\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\Blog.lnk.vir
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\FAQ.lnk->\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\FAQ.lnk.vir
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\Help.lnk->\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\Help.lnk.vir
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\Iminent.lnk->\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\Iminent.lnk.vir
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\SearchTheWeb.lnk->\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\SearchTheWeb.lnk.vir
C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx.vir
C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.xpi->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDeals\BonanzaDeals.xpi.vir
C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll.vir
C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE64.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDeals\BonanzaDealsIE64.dll.vir
C:\Program Files (x86)\BonanzaDeals\BonanzaDealsUpdate.exe->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDeals\BonanzaDealsUpdate.exe.vir
C:\Program Files (x86)\BonanzaDeals\BonanzaDealsUpdateRun.exe->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDeals\BonanzaDealsUpdateRun.exe.vir
C:\Program Files (x86)\BonanzaDeals\icon.ico->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDeals\icon.ico.vir
C:\Program Files (x86)\BonanzaDeals\uninst.exe->\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDeals\uninst.exe.vir
C:\Program Files (x86)\Iminent\f_in_box.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\f_in_box.dll.vir
C:\Program Files (x86)\Iminent\Iminent.AxImp.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Iminent.AxImp.dll.vir
C:\Program Files (x86)\Iminent\Iminent.Booster.UI.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Iminent.Booster.UI.dll.vir
C:\Program Files (x86)\Iminent\Iminent.Business.Connect.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Iminent.Business.Connect.dll.vir
C:\Program Files (x86)\Iminent\Iminent.Business.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Iminent.Business.dll.vir
C:\Program Files (x86)\Iminent\Iminent.Business.tlb->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Iminent.Business.tlb.vir
C:\Program Files (x86)\Iminent\Iminent.Entity.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Iminent.Entity.dll.vir
C:\Program Files (x86)\Iminent\Iminent.exe->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Iminent.exe.vir
C:\Program Files (x86)\Iminent\Iminent.exe.config->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Iminent.exe.config.vir
C:\Program Files (x86)\Iminent\Iminent.InstallLog->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Iminent.InstallLog.vir
C:\Program Files (x86)\Iminent\Iminent.InstallState->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Iminent.InstallState.vir
C:\Program Files (x86)\Iminent\Iminent.Mediator.ActivePlayers.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Iminent.Mediator.ActivePlayers.dll.vir
C:\Program Files (x86)\Iminent\Iminent.Mediator.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Iminent.Mediator.dll.vir
C:\Program Files (x86)\Iminent\Iminent.Mediator.tlb->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Iminent.Mediator.tlb.vir
C:\Program Files (x86)\Iminent\Iminent.Messengers.exe->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Iminent.Messengers.exe.vir
C:\Program Files (x86)\Iminent\Iminent.Messengers.exe.config->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Iminent.Messengers.exe.config.vir
C:\Program Files (x86)\Iminent\Iminent.Services.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Iminent.Services.dll.vir
C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll.vir
C:\Program Files (x86)\Iminent\Iminent.WinCore.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Iminent.WinCore.dll.vir
C:\Program Files (x86)\Iminent\Iminent.WinCore.WLM.WinEvents.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Iminent.WinCore.WLM.WinEvents.dll.vir
C:\Program Files (x86)\Iminent\Iminent.WinCore.WLM15.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Iminent.WinCore.WLM15.dll.vir
C:\Program Files (x86)\Iminent\Iminent.WinCore.Yahoo.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Iminent.WinCore.Yahoo.dll.vir
C:\Program Files (x86)\Iminent\Iminent.Windows.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Iminent.Windows.dll.vir
C:\Program Files (x86)\Iminent\Iminent.Workflow.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Iminent.Workflow.dll.vir
C:\Program Files (x86)\Iminent\Microsoft.DirectX.AudioVideoPlayback.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Microsoft.DirectX.AudioVideoPlayback.dll.vir
C:\Program Files (x86)\Iminent\Microsoft.Expression.Interactions.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\Microsoft.Expression.Interactions.dll.vir
C:\Program Files (x86)\Iminent\SearchTheWeb.xml->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\SearchTheWeb.xml.vir
C:\Program Files (x86)\Iminent\StartWeb.xml->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\StartWeb.xml.vir
C:\Program Files (x86)\Iminent\System.Data.SQLite.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\System.Data.SQLite.dll.vir
C:\Program Files (x86)\Iminent\System.Data.SQLite.xml->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\System.Data.SQLite.xml.vir
C:\Program Files (x86)\Iminent\System.Windows.Interactivity.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\System.Windows.Interactivity.dll.vir
C:\Program Files (x86)\Iminent\System.Windows.Interactivity.xml->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\System.Windows.Interactivity.xml.vir
C:\Program Files (x86)\Iminent\USearch.xml->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\USearch.xml.vir
C:\Program Files (x86)\Iminent\WPFLocalizeExtension.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\WPFLocalizeExtension.dll.vir
C:\Program Files (x86)\Iminent\WPFLocalizeExtension.xml->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\WPFLocalizeExtension.xml.vir
C:\Program Files (x86)\Iminent\tr\Iminent.Booster.UI.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\tr\Iminent.Booster.UI.resources.dll.vir
C:\Program Files (x86)\Iminent\tr\Iminent.Business.Connect.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\tr\Iminent.Business.Connect.resources.dll.vir
C:\Program Files (x86)\Iminent\tr\Iminent.Messengers.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\tr\Iminent.Messengers.resources.dll.vir
C:\Program Files (x86)\Iminent\tr\Iminent.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\tr\Iminent.resources.dll.vir
C:\Program Files (x86)\Iminent\tr\Iminent.Services.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\tr\Iminent.Services.resources.dll.vir
C:\Program Files (x86)\Iminent\ro\Iminent.Booster.UI.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\ro\Iminent.Booster.UI.resources.dll.vir
C:\Program Files (x86)\Iminent\ro\Iminent.Messengers.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\ro\Iminent.Messengers.resources.dll.vir
C:\Program Files (x86)\Iminent\ro\Iminent.Services.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\ro\Iminent.Services.resources.dll.vir
C:\Program Files (x86)\Iminent\it\Iminent.Booster.UI.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\it\Iminent.Booster.UI.resources.dll.vir
C:\Program Files (x86)\Iminent\it\Iminent.Business.Connect.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\it\Iminent.Business.Connect.resources.dll.vir
C:\Program Files (x86)\Iminent\it\Iminent.Messengers.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\it\Iminent.Messengers.resources.dll.vir
C:\Program Files (x86)\Iminent\it\Iminent.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\it\Iminent.resources.dll.vir
C:\Program Files (x86)\Iminent\it\Iminent.Services.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\it\Iminent.Services.resources.dll.vir
C:\Program Files (x86)\Iminent\it\Microsoft.Expression.Interactions.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\it\Microsoft.Expression.Interactions.resources.dll.vir
C:\Program Files (x86)\Iminent\it\System.Windows.Interactivity.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\it\System.Windows.Interactivity.resources.dll.vir
C:\Program Files (x86)\Iminent\inst\main.ico->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\inst\main.ico.vir
C:\Program Files (x86)\Iminent\inst\msacm32.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\inst\msacm32.dll.vir
C:\Program Files (x86)\Iminent\inst\SearchTheWeb.ico->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\inst\SearchTheWeb.ico.vir
C:\Program Files (x86)\Iminent\inst\Universely.ico->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\inst\Universely.ico.vir
C:\Program Files (x86)\Iminent\inst\Bootstrapper\Bootstrapper.exe->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\inst\Bootstrapper\Bootstrapper.exe.vir
C:\Program Files (x86)\Iminent\fr\Iminent.Booster.UI.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\fr\Iminent.Booster.UI.resources.dll.vir
C:\Program Files (x86)\Iminent\fr\Iminent.Business.Connect.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\fr\Iminent.Business.Connect.resources.dll.vir
C:\Program Files (x86)\Iminent\fr\Iminent.Messengers.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\fr\Iminent.Messengers.resources.dll.vir
C:\Program Files (x86)\Iminent\fr\Iminent.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\fr\Iminent.resources.dll.vir
C:\Program Files (x86)\Iminent\fr\Iminent.Services.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\fr\Iminent.Services.resources.dll.vir
C:\Program Files (x86)\Iminent\fr\Microsoft.Expression.Interactions.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\fr\Microsoft.Expression.Interactions.resources.dll.vir
C:\Program Files (x86)\Iminent\fr\System.Windows.Interactivity.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\fr\System.Windows.Interactivity.resources.dll.vir
C:\Program Files (x86)\Iminent\es\Iminent.Booster.UI.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\es\Iminent.Booster.UI.resources.dll.vir
C:\Program Files (x86)\Iminent\es\Iminent.Business.Connect.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\es\Iminent.Business.Connect.resources.dll.vir
C:\Program Files (x86)\Iminent\es\Iminent.Messengers.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\es\Iminent.Messengers.resources.dll.vir
C:\Program Files (x86)\Iminent\es\Iminent.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\es\Iminent.resources.dll.vir
C:\Program Files (x86)\Iminent\es\Iminent.Services.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\es\Iminent.Services.resources.dll.vir
C:\Program Files (x86)\Iminent\es\Microsoft.Expression.Interactions.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\es\Microsoft.Expression.Interactions.resources.dll.vir
C:\Program Files (x86)\Iminent\es\System.Windows.Interactivity.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\es\System.Windows.Interactivity.resources.dll.vir
C:\Program Files (x86)\Iminent\en\Iminent.Booster.UI.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\en\Iminent.Booster.UI.resources.dll.vir
C:\Program Files (x86)\Iminent\en\Iminent.Business.Connect.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\en\Iminent.Business.Connect.resources.dll.vir
C:\Program Files (x86)\Iminent\en\Iminent.Messengers.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\en\Iminent.Messengers.resources.dll.vir
C:\Program Files (x86)\Iminent\en\Iminent.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\en\Iminent.resources.dll.vir
C:\Program Files (x86)\Iminent\en\Iminent.Services.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\en\Iminent.Services.resources.dll.vir
C:\Program Files (x86)\Iminent\en\Microsoft.Expression.Interactions.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\en\Microsoft.Expression.Interactions.resources.dll.vir
C:\Program Files (x86)\Iminent\en\System.Windows.Interactivity.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\en\System.Windows.Interactivity.resources.dll.vir
C:\Program Files (x86)\Iminent\de\Iminent.Booster.UI.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\de\Iminent.Booster.UI.resources.dll.vir
C:\Program Files (x86)\Iminent\de\Iminent.Business.Connect.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\de\Iminent.Business.Connect.resources.dll.vir
C:\Program Files (x86)\Iminent\de\Iminent.Messengers.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\de\Iminent.Messengers.resources.dll.vir
C:\Program Files (x86)\Iminent\de\Iminent.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\de\Iminent.resources.dll.vir
C:\Program Files (x86)\Iminent\de\Iminent.Services.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\de\Iminent.Services.resources.dll.vir
C:\Program Files (x86)\Iminent\de\Microsoft.Expression.Interactions.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\de\Microsoft.Expression.Interactions.resources.dll.vir
C:\Program Files (x86)\Iminent\de\System.Windows.Interactivity.resources.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\Iminent\de\System.Windows.Interactivity.resources.dll.vir
C:\Program Files (x86)\IminentToolbar\1.8.25.0\iminent.crx->\AdwCleaner\Quarantine\C\Program Files (x86)\IminentToolbar\1.8.25.0\iminent.crx.vir
C:\Program Files (x86)\IminentToolbar\1.8.25.0\iminentApp.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\IminentToolbar\1.8.25.0\iminentApp.dll.vir
C:\Program Files (x86)\IminentToolbar\1.8.25.0\iminentEng.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\IminentToolbar\1.8.25.0\iminentEng.dll.vir
C:\Program Files (x86)\IminentToolbar\1.8.25.0\iminentsrv.exe->\AdwCleaner\Quarantine\C\Program Files (x86)\IminentToolbar\1.8.25.0\iminentsrv.exe.vir
C:\Program Files (x86)\IminentToolbar\1.8.25.0\iminentTlbr.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\IminentToolbar\1.8.25.0\iminentTlbr.dll.vir
C:\Program Files (x86)\IminentToolbar\1.8.25.0\uninstall.exe->\AdwCleaner\Quarantine\C\Program Files (x86)\IminentToolbar\1.8.25.0\uninstall.exe.vir
C:\Program Files (x86)\IminentToolbar\1.8.25.0\bh\iminent.dll->\AdwCleaner\Quarantine\C\Program Files (x86)\IminentToolbar\1.8.25.0\bh\iminent.dll.vir
C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe->\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\Umbrella\Umbrella.exe.vir
C:\Users\Dieter\AppData\Roaming\Iminent\Mediator\Datas\globalcache.dat->\AdwCleaner\Quarantine\C\Users\Dieter\AppData\Roaming\Iminent\Mediator\Datas\globalcache.dat.vir
C:\Users\Dieter\AppData\Roaming\Iminent\Mediator\Datas\user.dat->\AdwCleaner\Quarantine\C\Users\Dieter\AppData\Roaming\Iminent\Mediator\Datas\user.dat.vir
C:\Users\Admin\AppData\Roaming\Iminent\sqlite3.dll->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Iminent\sqlite3.dll.vir
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals\Bonanza Deals Help.url->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals\Bonanza Deals Help.url.vir
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals\Bonanza Deals.url->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals\Bonanza Deals.url.vir
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals\Uninstall Bonanza Deals.lnk->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals\Uninstall Bonanza Deals.lnk.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}\chrome.manifest->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}\chrome.manifest.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}\install.rdf->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}\install.rdf.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}\defaults\preferences\defaults.js->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}\defaults\preferences\defaults.js.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}\content\bonanzadeals.xul->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}\content\bonanzadeals.xul.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}\content\images\icon32.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}\content\images\icon32.png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\chrome.manifest->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\chrome.manifest.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\install.rdf->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\install.rdf.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\uninstall.exe->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\uninstall.exe.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\dpk.htm->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\dpk.htm.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\hlprs.js->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\hlprs.js.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\iminent.css->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\iminent.css.v ir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\iminent.xul->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\iminent.xul.v ir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\loader.xul->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\loader.xul.vi r
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\mtstart.js->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\mtstart.js.vi r
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\serp.js->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\serp.js.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\tmplt.js->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\tmplt.js.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\arwDwn.gif->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\arwDwn.gif .vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\closeo.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\closeo.png .vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\help_16.gif->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\help_16.gi f.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\home.gif->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\home.gif.v ir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\icon_seperator.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\icon_seper ator.png.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\logo.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\logo.png.v ir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\privecy_16_hot.gif->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\privecy_16 _hot.gif.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\sign.jpg->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\sign.jpg.v ir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\specialoffer.gif->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\specialoff er.gif.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\tellafriend.gif->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\tellafrien d.gif.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\uninstall.gif->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\uninstall. gif.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\ae.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\ae.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\bg.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\bg.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\ch.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\ch.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\cn.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\cn.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\cz.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\cz.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\de.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\de.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\eg.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\eg.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\en.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\en.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\es.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\es.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\fr.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\fr.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\gr.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\gr.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\he.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\he.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\il.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\il.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\it.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\it.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\ja.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\ja.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\jp.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\jp.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\nl.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\nl.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\no.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\no.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\pl.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\pl.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\pt.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\pt.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\ro.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\ro.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\ru.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\ru.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\sa.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\sa.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\se.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\se.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\sv.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\sv.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\tr.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\tr.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\ua.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\ua.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\us.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\content\imgs\flgs\us.pn g.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\components\FFDisp.dll->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\ffxtlbr@iminent.com\components\FFDisp.dll.v ir
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\3.5.0.0_0\background.js->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\3.5.0.0_0\background.js.vir
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\3.5.0.0_0\manifest.json->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\3.5.0.0_0\manifest.json.vir
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\3.5.0.0_0\images\icon128.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\3.5.0.0_0\images\icon128.png.vir
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\3.5.0.0_0\images\icon16.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\3.5.0.0_0\images\icon16.png.vir
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\3.5.0.0_0\images\icon48.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\3.5.0.0_0\images\icon48.png.vir
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\appCntrl.js->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\appCntrl.js.vir
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\bg.html->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\bg.html.vir
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\bg.js->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\bg.js.vir
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\CrmAdpt.dll->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\CrmAdpt.dll.vir
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\ct.js->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\ct.js.vir
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\CTB.dll->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\CTB.dll.vir
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\dpk.js->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\dpk.js.vir
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\hprtkMsg.htm->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\hprtkMsg.htm.vir
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\hprtkMsg.js->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\hprtkMsg.js.vir
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\json2.min.js->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\json2.min.js.vir
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\logo.png->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\logo.png.vir
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\manifest.json->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\manifest.json.vir
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\pref.json->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\pref.json.vir
C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\Extensions\webbooster@iminent.com.xpi->\AdwCleaner\Quarantine\C\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\0lnalqeu.default\Extensions\webbooster@iminent.com.xpi.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\webbooster@iminent.com.xpi->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\Extensions\webbooster@iminent.com.xpi.vir
C:\Program Files (x86)\Mozilla Firefox\defaults\pref\all-iminent.js->\AdwCleaner\Quarantine\C\Program Files (x86)\Mozilla Firefox\defaults\pref\all-iminent.js.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\searchplugins\iminent.xml->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\searchplugins\iminent.xml.vir
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\user.js->\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2ufxwkvf.default\user.js.vir
C:\windows\System32\Tasks\BonanzaDealsUpdate->\AdwCleaner\Quarantine\C\windows\System32\Tasks\BonanzaDealsUpdate.vir

Hi Schrauber,
ich hoffe ich habe alles richtig gemacht.
Gruß igelchen1962

schrauber · 31.10.2013, 08:20

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

27.10.2013, 07:28	#8
schrauber /// the machine /// TB-Ausbilder	PuP.Optionalbonaza Schau mal unter C:\AdwCleaner ob die dort liegt. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

15.10.2013, 10:02	#1
igelchen1962	PuP.Optionalbonaza PuP.Optionalbonaza Hallo Liebe Leute bin 70 Jahre und ziemlich unbedarft. Habe das Prpblem mit obigen Trojaner. Es sind lt. Malwarbytes über 80 Eintagungen. Wie kann ich die Eintagungen löschen? Über Hilfe wäre ich sehr dankbar. Nicht zuviel Kenntnisse voraussetzen. Danke igelchen1962

PuP.Optionalbonaza

Plagegeister aller Art und deren Bekämpfung: PuP.Optionalbonaza