| |
| |||||||
Log-Analyse und Auswertung: Problem mit getwindowinfoWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
24.10.2013, 07:09
| #1 |
| |  Problem mit getwindowinfo getwindoinfo öffnet sich von selbst. hier der scan. und danke für informationen zur beseitigung. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-10-2013 Ran by User (administrator) on MIKEPC on 23-10-2013 16:04:58 Running from C:\Users\User\Downloads Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Microsoft Corporation) C:\Windows\system32\SLsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe () C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe () C:\Program Files\Updater By Sweetpacks\ExtensionUpdaterService.exe () C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe (AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe (Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Gainward Co.) C:\Program Files (x86)\EXPERTool\TBPANEL.exe (ICQ) C:\Users\User\AppData\Roaming\ICQM\icq.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe (Windows Net) C:\Users\User\AppData\Roaming\Windows Net Data\net.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe () C:\Program Files (x86)\AVG Secure Search\vprot.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe () C:\Program Files (x86)\Razer\Diamondback 3G\razertra.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (Razer Inc.) C:\Program Files (x86)\Razer\Diamondback 3G\razerofa.exe () C:\Program Files (x86)\Speed Analysis 2\BackgroundHost.exe () C:\Program Files (x86)\Zula Games\BackgroundHost.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\klwtblfs.exe () C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBarSSB.3.0.dll (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe (Plus HD) C:\program files (x86)\plus-hd-2.3\plus-hd-2.3-bg.exe (Feven) C:\program files (x86)\feven\feven-bg.exe (Plus HD) C:\program files (x86)\plus-hd-1.8\plus-hd-1.8-bg.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation) HKCU\...\Run: [GAINWARD] - C:\Program Files (x86)\EXPERTool\TBPanel.exe [2265416 2011-04-08] (Gainward Co.) HKCU\...\Run: [icq] - C:\Users\User\AppData\Roaming\ICQM\icq.exe [27598184 2013-04-12] (ICQ) HKCU\...\Run: [Snoozer] - C:\Users\User\AppData\Roaming\Snz\Snz.exe [1137764 2013-08-28] () HKCU\...\Run: [OMESupervisor] - C:\Users\User\AppData\Local\omesuperv.exe [2218359 2013-08-28] () HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-15] (Samsung) MountPoints2: D - D:\Bin\ASSETUP.exe MountPoints2: {8890b55c-e86f-11e1-af2e-806e6f6e6963} - E:\EasySuite.exe HKLM-x32\...\Run: [P17RunE] - C:\Windows\\SysWOW64\P17RunE.dll [14848 2008-03-28] (Creative Technology Ltd.) HKLM-x32\...\Run: [Diamondback] - C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe [147456 2007-08-01] () HKLM-x32\...\Run: [VolPanel] - C:\Program Files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe [221300 2008-05-05] (Creative Technology Ltd) HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-15] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1564872 2012-06-06] (Ask) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [SweetIM] - C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [115032 2012-05-29] (SweetIM Technologies Ltd.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC) HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-10-17] (Kaspersky Lab ZAO) HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG Secure Search\vprot.exe [2404376 2013-10-02] () HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.) HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] () HKLM-x32\...\Run: [TkBellExe] - c:\program files (x86)\real\realplayer\Update\realsched.exe [295512 2013-09-24] (RealNetworks, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\Gast\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\Gast\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.) HKU\Gast\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation) HKU\Gast\...\Run: [soyys] - "c:\users\user\appdata\local\soyys.exe" soyys HKU\Gast\...\Run: [Creative MediaSource Go] - C:\Program Files (x86)\Creative\MediaSource5\Go\CTCMSGoU.exe [204800 2006-11-09] (Creative Technology Ltd) HKU\Gast\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" HKU\Gast\...\Run: [GAINWARD] - C:\Program Files (x86)\EXPERTool\TBPanel.exe [2265416 2011-04-08] (Gainward Co.) HKU\Gast\...\Run: [icq] - C:\Users\Gast\AppData\Roaming\ICQM\icq.exe -CU HKU\Gast\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-15] (Samsung) HKU\Gast\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-15] (Samsung) HKU\Gast\...\Run: [SCheck] - C:\Users\User\AppData\Roaming\SCheck\SCheck.exe [36864 2013-04-10] () HKU\Gast\...\Run: [SSync] - C:\Users\User\AppData\Roaming\SSync\SSync.exe [36864 2013-04-10] () HKU\Gast\...\Run: [DataMgr] - C:\Users\User\AppData\Roaming\DataMgr\DataMgr.exe [168824 2013-07-21] (HTTO Group, Ltd.) HKU\Gast\...\Run: [Intermediate] - C:\Users\User\AppData\Roaming\Intermediate\Intermediate.exe [36864 2013-04-10] () HKU\Gast\...\RunOnce: [StartMSu] - C:\Program Files (x86)\Creative\MediaSource5\Startmsu.exe [81920 2008-10-30] (Creative Technology Ltd) HKU\Gast\...\RunOnce: [InetReg] - "C:\Program Files (x86)\Creative\Produktregistrierung\German\InetReg.exe" /PreProcess=RegFlash.exe /Delay=6 HKU\Gast\...\RunOnce: [CTAutoUpdate] - C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe [430968 2009-01-15] (Creative Technology Ltd) HKU\User_2\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\User_2\...\Run: [NTRedirect] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\User_2\AppData\Roaming\BabSolution\Shared\NTRedirect.dll",Run <===== ATTENTION HKU\User_2\...\Run: [Optimizer Pro] - C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe HKU\User_2\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" HKU\User_2\...\Run: [GAINWARD] - C:\Program Files (x86)\EXPERTool\TBPanel.exe [2265416 2011-04-08] (Gainward Co.) HKU\User_2\...\Run: [icq] - C:\Users\User_2\AppData\Roaming\ICQM\icq.exe -CU HKU\User_2\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-15] (Samsung) HKU\User_2\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-15] (Samsung) HKU\User_2\...\Run: [SCheck] - C:\Users\User\AppData\Roaming\SCheck\SCheck.exe [36864 2013-04-10] () HKU\User_2\...\Run: [SSync] - C:\Users\User\AppData\Roaming\SSync\SSync.exe [36864 2013-04-10] () HKU\User_2\...\Run: [DataMgr] - C:\Users\User\AppData\Roaming\DataMgr\DataMgr.exe [168824 2013-07-21] (HTTO Group, Ltd.) HKU\User_2\...\Run: [Intermediate] - C:\Users\User\AppData\Roaming\Intermediate\Intermediate.exe [36864 2013-04-10] () HKU\User_2\...\RunOnce: [CTAutoUpdate] - C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe [430968 2009-01-15] (Creative Technology Ltd) Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk ShortcutTarget: net.lnk -> C:\Users\User\AppData\Roaming\Windows Net Data\net.exe (Windows Net) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q= HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?rd=1&ucc=DE&dcc=DE&opt=0&ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q= HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=9441001FC68CF6E7&affID=119392&tt=070813_wc2&tsp=4972 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q= StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM-x32 - DefaultScope {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://search.certified-toolbar.com?si=99&st=bs&tid=0&q={searchTerms} SearchScopes: HKLM-x32 - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://search.certified-toolbar.com?si=99&st=bs&tid=0&q={searchTerms} SearchScopes: HKLM-x32 - {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm049YYde&ptnrS=XPxdm049YYde&si=2271&ptb=13BDF01F-C9F4-46AB-B26C-79A9260924CF&psa=&ind=2012082502&st=sb&n=77edf146&searchfor={searchTerms} SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=99&st=bs&tid=0&q={searchTerms} SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.certified-toolbar.com?si=62606&st=bs&tid=6533&ver=4.3&ts=1376294794506&tguid=62606-6533-1376294794506-B3B2E5069E1C8CEB5A6C7CB8C3699AF2&q={searchTerms} SearchScopes: HKCU - DefaultScope {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p13_serp_ie_de_display?ie=UTF8&tagbase=bds-p13&tbrId=v1_abb-channel-13_adeece99ba0b4d33bffcefd967f54842_30_39_20130312_DE_ie_ds_&tag=bds-p13-serp-de-ie-21&query={searchTerms} SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=9441001FC68CF6E7&affID=119649&tsp=4949 SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=YYYYYYYYDE&apn_uid=1377442A-3CD2-44A0-857A-FC8B3B849F17&apn_sauid=99A68A09-6521-4C32-BF85-E0BF4E7CEE8A SearchScopes: HKCU - {47695818-E252-44F9-81C8-40BCF7702D52} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2801937 SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKCU - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://search.certified-toolbar.com?si=99&st=bs&tid=0&q={searchTerms} SearchScopes: HKCU - {7AD2AA02-5AC2-4ABA-9B31-F09558641CE6} URL = hxxp://search.softonic.com/MOY00009/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=9441a9b700000000000000ff231a40f6&r=680 SearchScopes: HKCU - {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm049YYde&ptnrS=XPxdm049YYde&si=2271&ptb=13BDF01F-C9F4-46AB-B26C-79A9260924CF&psa=&ind=2012082502&st=sb&n=77edf146&searchfor={searchTerms} SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=99&st=bs&tid=0&q={searchTerms} SearchScopes: HKCU - {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p13_serp_ie_de_display?ie=UTF8&tagbase=bds-p13&tbrId=v1_abb-channel-13_adeece99ba0b4d33bffcefd967f54842_30_39_20130312_DE_ie_ds_&tag=bds-p13-serp-de-ie-21&query={searchTerms} SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80772&lng=de SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10053&barid={E561791D-8D4D-4B2F-9DC8-1F70101A0A08} BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\User\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen) BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\System32\mscoree.dll (Microsoft Corporation) BHO: Expat Shield Class - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE_64.dll No File BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO: Updater By Sweetpacks - {DEDAF650-12B8-48f5-A843-BBA100716106} - C:\Program Files\Updater By Sweetpacks\Extension64.dll () BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\User\AppData\Roaming\Complitly\Complitly.dll (SimplyGen) BHO-x32: Plus-HD-1.3 - {11111111-1111-1111-1111-110311121157} - C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-bho.dll (Plus HD) BHO-x32: Feven - {11111111-1111-1111-1111-110311151154} - C:\Program Files (x86)\Feven\Feven-bho.dll (Feven) BHO-x32: Plus-HD-1.8 - {11111111-1111-1111-1111-110311251140} - C:\Program Files (x86)\Plus-HD-1.8\Plus-HD-1.8-bho.dll (Plus HD) BHO-x32: Plus-HD-2.3 - {11111111-1111-1111-1111-110311341126} - C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-bho.dll (Plus HD) BHO-x32: Plus-HD-3.8 - {11111111-1111-1111-1111-110311901130} - C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-bho.dll (Plus HD) BHO-x32: Shopping Assistant Plugin - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.6.7\PriceGongIE.dll (PriceGong) BHO-x32: Speed Analysis 2 - {18DBB6CE-3148-4FEC-B481-103CB3290427} - C:\Program Files (x86)\Speed Analysis 2\ScriptHost.dll (SpeedAnalysis.com) BHO-x32: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab) BHO-x32: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - No File BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO-x32: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation) BHO-x32: Lyrics Finder - {398C01F1-E584-46AD-A649-4F78B435DCFE} - C:\Program Files (x86)\LyricsFinder\lfind.dll (Nijad Software) BHO-x32: DealPly Shopping - {4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly) BHO-x32: mixidj Helper Object - {4D6A9BBF-402C-4301-B1EF-28D04F71D761} - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\bh\mixidj.dll (MixiDJ) BHO-x32: IEiRobinHoodAddon Class - {54E67346-EE5A-45B6-82AA-4F0BB28C79C2} - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\iRobinHood.dll (iRobinHood) BHO-x32: PiccShare BHO - {553318DA-D010-469E-84B1-496563CAE1C0} - C:\Users\User\AppData\Local\ext_piccshare\ext_piccshare.dll (HTTO Group, Ltd) BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Simppull Toolbar - {627af46b-2076-42ae-a2fd-8428734d3e74} - C:\Program Files (x86)\simppulltoolbar\simppulldx.dll () BHO-x32: Sing Along - {6492E171-2427-4932-B414-33574A089F5E} - C:\Program Files (x86)\SingAlong\singalng.dll (Xenophesoft) BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File BHO-x32: DNS Error Helper - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll () BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO-x32: HomeTab - {9fdfb66c-713b-4201-83a6-5b78ae227b41} - C:\Users\User_2\AppData\Roaming\HomeTab\HomeTab.dll (Simply Tech Ltd.) BHO-x32: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\prxtbMyA2.dll (Conduit Ltd.) BHO-x32: HomeTab - {a25e7121-3dd8-41b3-855b-756c5bc45449} - C:\Users\User\AppData\Roaming\HomeTab\HomeTab.dll (Simply Tech Ltd.) BHO-x32: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly) BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam) BHO-x32: Zula Games - {A9337080-7CBF-4E3E-80C1-3867BEDD88E0} - C:\Program Files (x86)\Zula Games\ScriptHost.dll (ZulaGames.com) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: NCH DE Toolbar - {b106b661-3e1b-4015-af5c-195e909f35c6} - C:\Program Files (x86)\NCH_DE\prxtbNCH_.dll (Conduit Ltd.) BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.22.0\bh\delta.dll (Delta-search.com) BHO-x32: Updater For Simppull Toolbar - {C4B8BAB4-1667-11DF-A242-BA9455D89593} - C:\Program Files (x86)\simppulltoolbar\auxi\simppulltoolbAu.dll (Visicom Media) BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Updater By Sweetpacks - {DEDAF650-12B8-48f5-A843-BBA100716106} - C:\Program Files\Updater By Sweetpacks\Extension32.dll () BHO-x32: holasearch Helper Object - {DFF9B2DA-EF99-4B26-83CB-7058299999D8} - C:\Program Files (x86)\holasearch\holasearch\1.8.16.16\bh\holasearch.dll (holasearch.com) BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: No Name - {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - No File BHO-x32: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.8.19.3\bh\Softonic.dll (Softonic.com) BHO-x32: AlxHelper Class - {F443A627-5009-4323-9C1D-7FD598D0D712} - C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com) BHO-x32: PricePeep - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files (x86)\PricePeep\pricepeep.dll (PricePeep) BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC) Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\System32\mscoree.dll (Microsoft Corporation) Toolbar: HKLM-x32 - MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\prxtbMyA2.dll (Conduit Ltd.) Toolbar: HKLM-x32 - Simppull Toolbar - {627af46b-2076-42ae-a2fd-8428734d3e74} - C:\Program Files (x86)\simppulltoolbar\simppulldx.dll () Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) Toolbar: HKLM-x32 - NCH DE Toolbar - {b106b661-3e1b-4015-af5c-195e909f35c6} - C:\Program Files (x86)\NCH_DE\prxtbNCH_.dll (Conduit Ltd.) Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaTlbr.dll (Delta-search.com) Toolbar: HKLM-x32 - Amazon Browser Bar - {EA582743-9076-4178-9AA6-7393FDF4D5CE} - C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com) Toolbar: HKLM-x32 - Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab) Toolbar: HKLM-x32 - Holasearch Toolbar - {C510DFFB-0AFE-484C-BA40-CED5B74C4EEF} - C:\Program Files (x86)\holasearch\holasearch\1.8.16.16\holasearchTlbr.dll (holasearch.com) Toolbar: HKLM-x32 - MixiDJ Toolbar - {CA9B9C89-4662-4ADC-9C23-A452BECD5D19} - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidjTlbr.dll (MixiDJ) Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation) Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File Toolbar: HKLM-x32 - HomeTab - {9fdfb66c-713b-4201-83a6-5b78ae227b41} - C:\Users\User_2\AppData\Roaming\HomeTab\HomeTab.dll (Simply Tech Ltd.) Toolbar: HKLM-x32 - HomeTab - {a25e7121-3dd8-41b3-855b-756c5bc45449} - C:\Users\User\AppData\Roaming\HomeTab\HomeTab.dll (Simply Tech Ltd.) Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.8.19.3\SoftonicTlbr.dll (Softonic.com) Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKCU - No Name - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - No File Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File Toolbar: HKCU - No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File Toolbar: HKCU - No Name - {B106B661-3E1B-4015-AF5C-195E909F35C6} - No File Toolbar: HKCU - No Name - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No File DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262E} hxxp://www.srtest.com/srl_bin/sysreqlab_srl.cab DPF: HKLM-x32 {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.9.113.cab DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15108/CTPID.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll (AVG Secure Search) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default FF user.js: detected! => C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\user.js FF NewTab: about:home FF SearchEngineOrder.1: Web Search FF Homepage: about:home FF Keyword.URL: hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q= FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll (AVG Technologies) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @gametap.com/npdd,version=1.0 - C:\Program Files (x86)\Downloader\npdd.dll (Metaboli) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: electronicarts.com/GameFacePlugin - C:\Users\User\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\searchplugins\softonic.xml FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\searchplugins\Web Search.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Battlefield Play4Free - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\battlefieldplay4free@ea.com FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com FF Extension: Default Manager - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\DefaultManager@Microsoft FF Extension: pricealarm - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM FF Extension: FireJump - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\firejump@firejump.net FF Extension: HomeTab - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\{ad7ef860-f366-4be1-8d12-4363b9356947} FF Extension: FoxyDeal - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D} FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\complitly_0.sqlite FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\complitly_0.sqlite-journal FF Extension: om - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\om@offermosquito.com.xpi FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\WTB_GLOBAL.sqlite FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} FF HKLM\...\Firefox\Extensions: [{DEDAF650-12B8-48f5-A843-BBA100716106}] - C:\Program Files\Updater By Sweetpacks\Firefox FF Extension: Updater By Sweetpacks - C:\Program Files\Updater By Sweetpacks\Firefox FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] - C:\Users\User\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com FF Extension: Speed Analysis 2 - C:\Users\User\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com FF HKLM-x32\...\Firefox\Extensions: [zulagames@ZulaGames.com] - C:\Users\User\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com FF Extension: Zula Games - C:\Users\User\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com FF HKLM-x32\...\Firefox\Extensions: [pluswinks@PlusWinks] - C:\Users\User\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks FF Extension: Cool Smiley Bar for Facebook - C:\Users\User\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.0.1.12 FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\17.0.1.12 FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: No Name - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ FF HKCU\...\Firefox\Extensions: [vinceturk@gmail.com] - C:\Program Files (x86)\KwiClick LLC\KwiClick\ FF Extension: KwiClick - C:\Program Files (x86)\KwiClick LLC\KwiClick\ FF HKCU\...\Firefox\Extensions: [{b64982b1-d112-42b5-b1e4-d3867c4533f8}] - C:\ProgramData\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension FF HKCU\...\Firefox\Extensions: [lfind@nijadsoft.net] - C:\Program Files (x86)\LyricsFinder\FF\ FF Extension: No Name - C:\Program Files (x86)\LyricsFinder\FF\ FF HKCU\...\Firefox\Extensions: [singalong@xenophesoft.com] - C:\Program Files (x86)\SingAlong\FF\ FF Extension: No Name - C:\Program Files (x86)\SingAlong\FF\ FF HKCU\...\Firefox\Extensions: [coollrcs@coolzone.co] - C:\Program Files (x86)\CoolLyrics\FF\ FF Extension: No Name - C:\Program Files (x86)\CoolLyrics\FF\ FF HKCU\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] - C:\Users\User\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com FF Extension: Speed Analysis 2 - C:\Users\User\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com FF HKCU\...\Firefox\Extensions: [zulagames@ZulaGames.com] - C:\Users\User\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com FF Extension: Zula Games - C:\Users\User\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com FF HKCU\...\Firefox\Extensions: [pluswinks@PlusWinks] - C:\Users\User\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks FF Extension: Cool Smiley Bar for Facebook - C:\Users\User\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks FF HKCU\...\Firefox\Extensions: [firejump@firejump.net] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\extensions\firejump@firejump.net FF Extension: FireJump - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\extensions\firejump@firejump.net Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR RestoreOnStartup: "urls_to_restore_on_startup": [ CHR Extension: (Sing Along) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\abepbblpkilpjohncjbccmdjhdhbnhdj\1.114_0 CHR Extension: (FoxyDeal) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiennapmieppnpfhhogglccgepbdajan\6.2.0_0 CHR Extension: (QuickShare Widget) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0 CHR Extension: (PriceGong) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.7_0 CHR Extension: (MixiDJ Toolbar) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\boipimhfjpakfgckhbljjengakjhkcbp\1.1_0 CHR Extension: (Cool Lyrics) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\clffglkbddffcdnehidjiimmoiphomid\1.114_0 CHR Extension: (Kaspersky URL Advisor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.2.558_1 CHR Extension: () - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.3 CHR Extension: (Babylon Toolbar) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.11_0 CHR Extension: (Complitly plugin for chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda\1.1_0 CHR Extension: (PiccShare) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\docfnddcclkgokdfpnmngpiliiachclb\2.0_0 CHR Extension: (Softonic Chrome Toolbar) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0 CHR Extension: (hola Toolbar) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagpjgjmoaccgkkpjeoinehnoaimnbla\1.0_0 CHR Extension: (Feven) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0 CHR Extension: () - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab\background.html CHR Extension: (DealPly) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.5.3.0_0 CHR Extension: (OfferMosquito) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk\0.6.1_0 CHR Extension: () - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gflandjopdloblmlcoiidmncpinmmacn\1.0.0.5 CHR Extension: (Lyrics Finder) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnbcopcndefcccgdofjadnafjljgofam\1.110_0 CHR Extension: (Safe Money) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.2.558_0 CHR Extension: (Plus-HD-1.3) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0 CHR Extension: (RealDownloader) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.1_0 CHR Extension: (Virtual Keyboard) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.2.558_1 CHR Extension: (SweetIM for Facebook) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0 CHR Extension: (Wajam) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0 CHR Extension: (PricePeep) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.2.0.2_0 CHR Extension: (Skype Click to Call) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0 CHR Extension: () - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.5 CHR Extension: (Yontoo) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_1 CHR Extension: (Delta Toolbar) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkgfcicgjhneabbbfhddfcgifljdhhpl\1.4_0 CHR Extension: (Plus-HD-3.8) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0 CHR Extension: (SweetPacks Chrome Extension) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.3_0 CHR Extension: (DealPly Shopping ) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojcgaoafcmbadjkfdippkdddgkeaipbn\3.5.0.0_0 CHR Extension: (Plus-HD-2.3) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0 CHR Extension: (NCH DE) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ommhmgednjnodcljhlljkaiidghdmikk\2.3.19.11_0 CHR Extension: (Amazon 1Button App for Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\3.2013.715.0_0 CHR Extension: (Anti-Banner) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.2.558_0 CHR HKLM-x32\...\Chrome\Extension: [abepbblpkilpjohncjbccmdjhdhbnhdj] - C:\Program Files (x86)\SingAlong\Chrome.crx CHR HKLM-x32\...\Chrome\Extension: [bddpogknpjlgfpbboediomaiiaecfajn] - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx CHR HKLM-x32\...\Chrome\Extension: [bkomkajifikmkfnjgphkjcfeepbnojok] - C:\Program Files (x86)\PriceGong\2.6.7\pricegong.crx CHR HKLM-x32\...\Chrome\Extension: [boipimhfjpakfgckhbljjengakjhkcbp] - C:\Users\User\AppData\Roaming\BabSolution\CR\mixiDj.crx CHR HKLM-x32\...\Chrome\Extension: [clffglkbddffcdnehidjiimmoiphomid] - C:\Program Files (x86)\CoolLyrics\Chrome.crx CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx CHR HKLM-x32\...\Chrome\Extension: [dgjkhjdcljddbedokogakmmdjgnbeanf] - C:\Users\User\AppData\Roaming\SpeedAnalysis2\SpeedAnalysis.crx CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\User\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx CHR HKLM-x32\...\Chrome\Extension: [dlfienamagdnkekbbbocojppncdambda] - C:\Program Files (x86)\Complitly\chrome\ComplitlyChrome.crx CHR HKLM-x32\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files (x86)\Softonic\Softonic\1.8.19.3\Softonic.crx CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\User_2\AppData\Roaming\BabSolution\CR\Delta.crx CHR HKLM-x32\...\Chrome\Extension: [fagpjgjmoaccgkkpjeoinehnoaimnbla] - C:\Users\User\AppData\Roaming\BabSolution\CR\hola.crx CHR HKLM-x32\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx CHR HKLM-x32\...\Chrome\Extension: [gflandjopdloblmlcoiidmncpinmmacn] - C:\Users\User\AppData\Roaming\zulagames\zulagames.crx CHR HKLM-x32\...\Chrome\Extension: [gnbcopcndefcccgdofjadnafjljgofam] - C:\Program Files (x86)\LyricsFinder\Chrome.crx CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx CHR HKLM-x32\...\Chrome\Extension: [iidmoehhpbghchkaogkhmcckhlhebekn] - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\iRobinHoodPartnersVExtension1_42.crx CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\User\AppData\Local\Wajam\Chrome\wajam.crx CHR HKLM-x32\...\Chrome\Extension: [kpepfkjapeclaafmhoelccknpfedainn] - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidj.crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx CHR HKLM-x32\...\Chrome\Extension: [mocblcnaofikinigmceddfghppkkjbog] - C:\Users\User\AppData\Roaming\PlusWinks\PlusWinks.crx CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files (x86)\Yontoo\YontooLayers.crx CHR HKLM-x32\...\Chrome\Extension: [nkgfcicgjhneabbbfhddfcgifljdhhpl] - C:\Users\User\AppData\Roaming\BabSolution\CR\Delta.crx CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\jmdp\SweetNT.crx CHR HKLM-x32\...\Chrome\Extension: [ommhmgednjnodcljhlljkaiidghdmikk] - C:\Users\User\AppData\Local\CRE\ommhmgednjnodcljhlljkaiidghdmikk.crx CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx ==================== Services (Whitelisted) ================= S4 AddonsHelper; C:\Users\User\AppData\Local\Temp\OCS\Downloads\e176f0d38725557d997a73fca0b80043\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe [896512 2013-09-25] () R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-10-17] (Kaspersky Lab ZAO) S3 COMSysApp; C:\Windows\SysWow64\dllhost.exe [7168 2006-11-02] (Microsoft Corporation) S3 Creative HOAL Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTHOALLicensing.exe [79360 2009-03-12] (Creative Labs) R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [819040 2012-12-21] (Infowatch) S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2013\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) S2 IBUpdaterService; C:\Windows\SysWow64\dmwu.exe [675232 2013-07-20] () S3 lxce_device; C:\Windows\system32\lxcecoms.exe [414720 2005-07-06] (Lexmark International, Inc.) S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4032992 2010-09-29] (INCA Internet Co., Ltd.) R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-09-03] () R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] () R2 SrvUpdater; C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe [31744 2013-04-12] () S2 SystemStoreService; C:\Program Files (x86)\SelfUpdater\SystemStore.exe [1948160 2013-03-12] () R2 Updater By Sweetpacks; C:\Program Files\Updater By Sweetpacks\ExtensionUpdaterService.exe [188760 2013-05-29] () R2 Updater Service for AMZN; C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe [222368 2012-05-22] () R2 vToolbarUpdater17.0.12; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [1734680 2013-10-02] (AVG Secure Search) R2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2012-10-05] (Wajam) R2 WSearch; C:\Windows\SysWow64\SearchIndexer.exe [441344 2009-04-11] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-10-02] (AVG Technologies) R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch) R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch) S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20568 2010-05-25] (Devguru Co., Ltd) S3 dgderdrv; C:\Windows\SysWow64\drivers\dgderdrv.sys [20032 2011-10-31] (Devguru Co., Ltd) S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2013-10-17] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-17] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-07-15] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-07-15] (Kaspersky Lab ZAO) S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15680 2006-10-31] () S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4682 2004-12-30] (INCA Internet Co., Ltd.) S3 nv; C:\Windows\System32\DRIVERS\nv4_mini.sys [10068352 2009-06-10] (NVIDIA Corporation) S3 Ph3xIB64; C:\Windows\System32\DRIVERS\Ph3xIB64.sys [1368960 2006-09-30] (Philips Semiconductors GmbH) R3 Razerlow; C:\Windows\System32\drivers\DB3G.sys [21120 2005-11-07] (Razer (Asia-Pacific) Pte Ltd) S3 skfiltv; C:\Windows\System32\drivers\skfiltv.sys [24064 2008-08-14] (Creative Technology Ltd.) S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [203672 2013-06-21] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 TBPanel; No ImagePath S3 dump_wmimmc; \??\C:\Program Files (x86)\ShotOnline\GameGuard\dump_wmimmc.sys [x] S3 IpInIp; system32\DRIVERS\ipinip.sys [x] U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-10-17] (Kaspersky Lab ZAO) S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-23 16:04 - 2013-10-23 16:04 - 01955374 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe 2013-10-23 16:04 - 2013-10-23 16:04 - 00000000 ____D C:\FRST 2013-10-22 17:20 - 2013-10-16 02:48 - 30344992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 22933280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 18290536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 12537632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-10-22 17:20 - 2013-10-16 02:48 - 11415232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 11362672 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 09516872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 09472600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll 2013-10-22 09:41 - 2013-10-22 09:41 - 00000000 ____D C:\Users\User\AppData\Local\{D5E7B1F8-BB83-4166-9AE5-07DB752732EA} 2013-10-20 14:12 - 2013-10-20 14:12 - 00000000 ____D C:\Users\User\AppData\Local\{6EEAA5A0-25F5-41F5-84E7-511B12215B09} 2013-10-19 11:36 - 2013-10-19 11:36 - 00000000 ____D C:\Users\User\AppData\Local\{60E21CC1-DE5F-4E1C-B784-CAFC20EEB4ED} 2013-10-19 11:36 - 2013-10-19 11:36 - 00000000 ____D C:\Users\User\AppData\Local\{55E8C11A-29F3-4036-ABD4-CB97F2158E9A} 2013-10-17 15:50 - 2013-10-17 15:50 - 00000000 ____D C:\Users\Public\Documents\CrashDump 2013-10-17 15:49 - 2013-10-17 15:50 - 00000810 _____ C:\Windows\setupact.log 2013-10-17 15:49 - 2013-10-17 15:49 - 00000000 _____ C:\Windows\setuperr.log 2013-10-16 12:35 - 2013-10-16 12:35 - 00000000 ____D C:\ProgramData\Oracle 2013-10-16 12:35 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-10-16 12:34 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-10-16 12:34 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-10-16 12:34 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-10-16 12:33 - 2013-10-16 12:34 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log 2013-10-09 12:16 - 2013-09-22 17:43 - 17833984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-10-09 12:16 - 2013-09-22 17:01 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-10-09 12:16 - 2013-09-22 16:42 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-10-09 12:16 - 2013-09-22 16:36 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-10-09 12:16 - 2013-09-22 16:33 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-10-09 12:16 - 2013-09-22 16:33 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-10-09 12:16 - 2013-09-22 16:30 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-10-09 12:16 - 2013-09-22 16:27 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-10-09 12:16 - 2013-09-22 16:23 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-10-09 12:16 - 2013-09-22 16:22 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-10-09 12:16 - 2013-09-22 16:21 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-10-09 12:16 - 2013-09-22 16:19 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-10-09 12:16 - 2013-09-22 16:19 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-10-09 12:16 - 2013-09-22 16:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-10-09 12:16 - 2013-09-22 16:15 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-10-09 12:16 - 2013-09-22 16:07 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-10-09 12:16 - 2013-09-22 12:29 - 12336128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-10-09 12:16 - 2013-09-22 12:22 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-10-09 12:16 - 2013-09-22 12:22 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-10-09 12:16 - 2013-09-22 12:14 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-10-09 12:16 - 2013-09-22 12:13 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-10-09 12:16 - 2013-09-22 12:13 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-10-09 12:16 - 2013-09-22 12:12 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-10-09 12:16 - 2013-09-22 12:09 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-10-09 12:16 - 2013-09-22 12:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-10-09 12:16 - 2013-09-22 12:07 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-10-09 12:16 - 2013-09-22 12:06 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-10-09 12:16 - 2013-09-22 12:05 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-10-09 12:16 - 2013-09-22 12:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-10-09 12:16 - 2013-09-22 12:03 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-10-09 12:16 - 2013-09-22 12:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-10-09 12:16 - 2013-09-22 11:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-10-09 08:08 - 2013-08-29 09:48 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-10-09 08:08 - 2013-08-27 05:39 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2013-10-09 08:08 - 2013-08-27 05:39 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2013-10-09 08:08 - 2013-08-27 05:39 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2013-10-09 08:08 - 2013-08-27 05:39 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2013-10-09 08:08 - 2013-08-27 04:47 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2013-10-09 08:08 - 2013-08-27 04:47 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2013-10-09 08:08 - 2013-08-27 04:47 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2013-10-09 08:08 - 2013-08-27 04:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2013-10-09 08:08 - 2013-08-27 04:32 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2013-10-09 08:08 - 2013-08-27 04:30 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2013-10-09 08:08 - 2013-08-27 04:06 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2013-10-09 08:08 - 2013-08-27 04:00 - 01556480 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2013-10-09 08:08 - 2013-08-27 04:00 - 01149952 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2013-10-09 08:08 - 2013-08-27 03:52 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2013-10-09 08:08 - 2013-08-27 03:50 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2013-10-09 08:08 - 2013-08-27 03:32 - 00683008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2013-10-09 08:08 - 2013-08-27 03:28 - 01069056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-10-09 08:08 - 2013-08-01 06:10 - 00901568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-10-09 08:08 - 2013-08-01 05:37 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2013-10-09 08:08 - 2013-07-20 12:45 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 08:08 - 2013-07-20 12:44 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 08:08 - 2013-07-12 11:19 - 00099200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys 2013-10-09 08:08 - 2013-07-04 06:21 - 00532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2013-10-09 08:08 - 2013-07-04 06:13 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2013-10-09 08:08 - 2013-07-03 06:24 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\wiafbdrv.dll 2013-10-09 08:08 - 2013-07-03 04:55 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys 2013-10-09 08:08 - 2013-07-03 04:22 - 00031616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2013-10-09 08:08 - 2013-06-29 04:25 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2013-10-09 08:08 - 2013-06-29 04:25 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2013-10-09 08:08 - 2013-06-29 04:25 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2013-10-09 08:08 - 2013-06-29 04:25 - 00007552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2013-10-09 08:08 - 2013-06-27 01:00 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2013-10-09 08:08 - 2013-06-04 06:16 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2013-10-09 08:08 - 2013-06-04 06:16 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2013-10-09 08:08 - 2013-06-04 04:01 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2013-10-09 08:08 - 2013-06-04 03:49 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2013-10-09 08:08 - 2011-05-05 16:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2013-10-09 08:08 - 2011-05-05 16:17 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2013-10-05 15:07 - 2012-04-24 21:35 - 00693648 _____ (MindSpark) C:\Program Files (x86)\64Uninstall TelevisionFanatic.dll 2013-10-05 15:07 - 2012-04-24 21:35 - 00174024 _____ () C:\Program Files (x86)\64res.dll 2013-10-04 13:35 - 2013-10-04 13:35 - 00000000 ___SD C:\Users\User\Documents\Passwords Database 2013-10-02 07:35 - 2013-10-02 07:35 - 00000127 _____ C:\Windows\wininit.ini 2013-10-02 07:23 - 2013-10-17 06:18 - 00010698 _____ C:\Windows\PFRO.log 2013-10-01 13:47 - 2013-10-01 13:47 - 00001423 _____ C:\Users\User\Desktop\Fixlist.txt 2013-09-28 14:59 - 2013-10-02 07:24 - 00003728 _____ C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml 2013-09-28 08:51 - 2013-09-28 08:51 - 00000000 ____D C:\Windows\system32\IO 2013-09-26 12:39 - 2013-09-26 12:39 - 00000000 ____D C:\Users\User\AppData\Roaming\Softonic 2013-09-26 12:39 - 2013-09-26 12:39 - 00000000 ____D C:\Program Files (x86)\Softonic 2013-09-26 12:38 - 2013-09-26 12:38 - 00400728 _____ (Softonic ) C:\Users\User\Downloads\SoftonicDownloader_fuer_expat-shield.exe 2013-09-26 12:22 - 2013-09-26 12:22 - 00001842 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_lsntpqko.1xe.pbk 2013-09-26 12:04 - 2013-09-26 12:04 - 00001288 _____ C:\Windows\Tasks\Plus-HD-3.8-updater.job 2013-09-26 12:04 - 2013-09-26 12:04 - 00001194 _____ C:\Windows\Tasks\Plus-HD-3.8-codedownloader.job 2013-09-26 12:04 - 2013-09-26 12:04 - 00001092 _____ C:\Windows\Tasks\Plus-HD-3.8-enabler.job 2013-09-26 12:04 - 2009-11-20 15:26 - 00031232 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys 2013-09-26 12:03 - 2013-09-26 13:34 - 00000000 ____D C:\Users\User\AppData\Roaming\Windows Net Data 2013-09-26 12:03 - 2013-09-26 12:04 - 00000000 ____D C:\Program Files (x86)\Plus-HD-3.8 2013-09-26 12:03 - 2013-09-26 12:03 - 00001902 _____ C:\Windows\Tasks\Plus-HD-3.8-chromeinstaller.job 2013-09-26 12:03 - 2013-09-26 12:03 - 00001826 _____ C:\Windows\Tasks\Plus-HD-3.8-firefoxinstaller.job 2013-09-26 12:03 - 2013-09-26 12:03 - 00000000 ____D C:\Program Files (x86)\foxydeal 2013-09-26 12:02 - 2013-09-26 12:02 - 00000000 ____D C:\Users\User\AppData\Roaming\SimplyTech 2013-09-26 12:02 - 2013-09-26 12:02 - 00000000 ____D C:\Users\User\AppData\Roaming\HomeTab 2013-09-26 12:00 - 2013-09-26 12:06 - 00000000 ____D C:\Users\User\AppData\Local\DownloadGuide 2013-09-26 12:00 - 2013-09-26 12:00 - 00478528 _____ C:\Users\User\Downloads\ifreevpn-Downloader.exe 2013-09-26 11:56 - 2013-09-26 11:56 - 00001877 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_vzainmdm.p3e.pbk 2013-09-26 11:56 - 2013-09-26 11:56 - 00001877 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_v5jnzrhf.itx.pbk 2013-09-26 11:56 - 2013-09-26 11:56 - 00001877 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_phptnij0.gqi.pbk 2013-09-26 09:38 - 2013-09-26 09:38 - 00001842 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_qgd2lfzc.4cf.pbk 2013-09-26 09:37 - 2013-10-23 14:54 - 00000000 ____D C:\Users\User\Documents\FIFA 14 2013-09-25 09:29 - 2013-09-25 09:30 - 00001841 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_hlvw0cfy.5hv.pbk 2013-09-25 09:25 - 2013-09-25 09:26 - 00001842 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_eqklbxhr.dqz.pbk 2013-09-25 09:20 - 2013-09-25 09:20 - 00001843 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_3v20slrp.jmw.pbk 2013-09-25 09:17 - 2013-09-25 09:17 - 00001842 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_jfwazffk.z4r.pbk 2013-09-25 09:14 - 2013-09-25 09:14 - 00001842 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN.pbk 2013-09-25 09:12 - 2013-09-25 09:12 - 00000000 ____D C:\Users\User\AppData\Roaming\Opera 2013-09-25 09:11 - 2013-09-25 09:11 - 00613216 _____ C:\Users\User\Downloads\free-vpn Installer.exe 2013-09-25 09:11 - 2013-09-25 09:11 - 00000000 ____D C:\Users\User\AppData\Roaming\OCS 2013-09-25 09:11 - 2013-09-25 09:11 - 00000000 ____D C:\Users\User\AppData\Roaming\DesktopIconForAmazon 2013-09-25 09:11 - 2013-09-25 09:11 - 00000000 ____D C:\ProgramData\DNSErrorHelper 2013-09-25 09:11 - 2011-05-13 14:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\SysWOW64\dhRichClient3.dll 2013-09-25 09:11 - 2011-03-25 22:42 - 00338432 _____ C:\Windows\SysWOW64\sqlite36_engine.dll 2013-09-24 08:30 - 2013-09-24 08:30 - 00000000 ____D C:\Users\User\AppData\Roaming\RealNetworks 2013-09-24 08:29 - 2013-09-24 08:29 - 00000000 ____D C:\ProgramData\RealNetworks 2013-09-24 08:29 - 2013-09-24 08:29 - 00000000 ____D C:\Program Files (x86)\RealNetworks ==================== One Month Modified Files and Folders ======= 2013-10-23 16:04 - 2013-10-23 16:04 - 01955374 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe 2013-10-23 16:04 - 2013-10-23 16:04 - 00000000 ____D C:\FRST 2013-10-23 15:49 - 2009-12-28 14:19 - 00000000 ____D C:\Program Files (x86)\Steam 2013-10-23 14:55 - 2013-03-17 00:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2013-10-23 14:54 - 2013-09-26 09:37 - 00000000 ____D C:\Users\User\Documents\FIFA 14 2013-10-23 14:45 - 2006-11-02 17:22 - 00003840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2013-10-23 14:45 - 2006-11-02 17:22 - 00003840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2013-10-23 10:51 - 2008-01-21 03:53 - 01216014 _____ C:\Windows\WindowsUpdate.log 2013-10-23 10:49 - 2011-09-30 15:51 - 00000000 ____D C:\Program Files (x86)\Origin 2013-10-23 10:45 - 2008-08-08 18:16 - 00065536 _____ C:\Windows\system32\Ikeext.etl 2013-10-23 08:58 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\tracing 2013-10-22 17:23 - 2011-08-30 17:07 - 00000000 ____D C:\ProgramData\NVIDIA 2013-10-22 10:30 - 2013-06-12 16:30 - 00000000 ____D C:\Program Files\Lx_cats 2013-10-22 09:48 - 2013-02-08 23:21 - 00000000 ____D C:\Users\User\Desktop\Bilder 2013-10-22 09:43 - 2011-07-08 16:12 - 00000000 ____D C:\Users\User\AppData\Local\Windows Live 2013-10-22 09:41 - 2013-10-22 09:41 - 00000000 ____D C:\Users\User\AppData\Local\{D5E7B1F8-BB83-4166-9AE5-07DB752732EA} 2013-10-20 14:12 - 2013-10-20 14:12 - 00000000 ____D C:\Users\User\AppData\Local\{6EEAA5A0-25F5-41F5-84E7-511B12215B09} 2013-10-19 11:36 - 2013-10-19 11:36 - 00000000 ____D C:\Users\User\AppData\Local\{60E21CC1-DE5F-4E1C-B784-CAFC20EEB4ED} 2013-10-19 11:36 - 2013-10-19 11:36 - 00000000 ____D C:\Users\User\AppData\Local\{55E8C11A-29F3-4036-ABD4-CB97F2158E9A} 2013-10-18 13:03 - 2013-07-22 12:29 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3 2013-10-18 13:03 - 2013-07-08 08:59 - 00000000 ____D C:\Program Files (x86)\Plus-HD-1.3 2013-10-18 13:02 - 2013-06-21 23:23 - 00000000 ____D C:\Program Files (x86)\CoolLyrics 2013-10-18 13:02 - 2013-06-04 15:51 - 00000000 ____D C:\Program Files (x86)\LyricsFinder 2013-10-18 07:25 - 2008-01-21 13:10 - 01683002 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-18 07:25 - 2008-01-21 13:09 - 00717264 _____ C:\Windows\system32\perfh007.dat 2013-10-18 07:25 - 2008-01-21 13:09 - 00164448 _____ C:\Windows\system32\perfc007.dat 2013-10-17 15:50 - 2013-10-17 15:50 - 00000000 ____D C:\Users\Public\Documents\CrashDump 2013-10-17 15:50 - 2013-10-17 15:49 - 00000810 _____ C:\Windows\setupact.log 2013-10-17 15:49 - 2013-10-17 15:49 - 00000000 _____ C:\Windows\setuperr.log 2013-10-17 06:51 - 2013-03-17 00:08 - 00626272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys 2013-10-17 06:51 - 2013-03-17 00:08 - 00090208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys 2013-10-17 06:51 - 2012-09-03 19:23 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys 2013-10-17 06:51 - 2012-09-03 18:57 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys 2013-10-17 06:51 - 2012-06-19 18:28 - 07717984 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys 2013-10-17 06:18 - 2013-10-02 07:23 - 00010698 _____ C:\Windows\PFRO.log 2013-10-16 12:35 - 2013-10-16 12:35 - 00000000 ____D C:\ProgramData\Oracle 2013-10-16 12:34 - 2013-10-16 12:33 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log 2013-10-16 12:34 - 2012-07-05 22:08 - 00000000 ____D C:\Program Files (x86)\Java 2013-10-16 12:25 - 2012-08-19 11:10 - 00000000 _____ C:\END 2013-10-16 07:49 - 2013-09-09 11:45 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-10-16 07:49 - 2012-04-24 19:33 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-10-16 07:49 - 2011-05-18 16:00 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-10-16 02:48 - 2013-10-22 17:20 - 30344992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 22933280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 18290536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 12537632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-10-16 02:48 - 2013-10-22 17:20 - 11415232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 11362672 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 09516872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 09472600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll 2013-10-16 02:48 - 2013-09-20 15:21 - 15858664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2013-10-16 02:48 - 2013-09-20 15:21 - 00023287 _____ C:\Windows\system32\nvinfo.pb 2013-10-16 02:48 - 2013-09-06 20:02 - 15244272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2013-10-16 02:48 - 2013-02-26 00:32 - 18243632 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2013-10-16 02:48 - 2013-02-26 00:32 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2013-10-16 02:48 - 2013-02-26 00:32 - 02694664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2013-10-15 23:47 - 2011-04-07 23:19 - 06665504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2013-10-15 23:47 - 2011-04-07 23:19 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2013-10-15 23:47 - 2011-04-07 23:19 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2013-10-15 23:47 - 2011-04-07 23:19 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2013-10-15 23:47 - 2011-04-07 23:19 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2013-10-15 23:47 - 2011-04-07 23:18 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2013-10-09 12:38 - 2006-11-02 17:21 - 00280936 _____ C:\Windows\system32\FNTCACHE.DAT 2013-10-09 12:32 - 2010-10-06 11:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-10-09 12:27 - 2009-04-22 16:54 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-10-09 12:23 - 2008-11-14 14:52 - 01662072 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-10-09 12:20 - 2013-07-31 13:25 - 00000000 ____D C:\Windows\system32\MRT 2013-10-09 12:17 - 2006-11-02 14:35 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2013-10-08 07:50 - 2013-10-16 12:34 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-10-08 07:46 - 2013-10-16 12:35 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-10-08 07:46 - 2013-10-16 12:34 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-10-08 07:46 - 2013-10-16 12:34 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-10-05 00:01 - 2010-06-18 17:57 - 00000000 ____D C:\Users\User\AppData\Roaming\TS3Client 2013-10-04 15:27 - 2011-09-14 17:19 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2013-10-04 13:35 - 2013-10-04 13:35 - 00000000 ___SD C:\Users\User\Documents\Passwords Database 2013-10-02 07:35 - 2013-10-02 07:35 - 00000127 _____ C:\Windows\wininit.ini 2013-10-02 07:24 - 2013-09-28 14:59 - 00003728 _____ C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml 2013-10-02 07:24 - 2013-07-20 15:36 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys 2013-10-02 07:24 - 2013-07-20 15:36 - 00000000 ____D C:\Program Files (x86)\AVG Secure Search 2013-10-02 07:23 - 2009-11-30 21:05 - 00000000 ____D C:\Program Files\Google 2013-10-02 07:23 - 2008-08-06 22:02 - 00000000 ____D C:\Program Files (x86)\Google 2013-10-01 13:47 - 2013-10-01 13:47 - 00001423 _____ C:\Users\User\Desktop\Fixlist.txt 2013-10-01 12:53 - 2009-11-30 21:05 - 00000000 ____D C:\ProgramData\Google 2013-10-01 12:53 - 2008-08-06 22:03 - 00000000 ____D C:\Users\User\AppData\Local\Google 2013-10-01 12:22 - 2012-04-24 22:04 - 00000000 ____D C:\Program Files (x86)\SweetIM 2013-09-28 14:59 - 2013-02-06 14:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-28 08:51 - 2013-09-28 08:51 - 00000000 ____D C:\Windows\system32\IO 2013-09-28 08:48 - 2012-09-16 09:59 - 00000000 ___RD C:\Users\User\Desktop\Programme 2013-09-27 06:42 - 2013-04-23 21:20 - 00003455 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog 2013-09-26 13:34 - 2013-09-26 12:03 - 00000000 ____D C:\Users\User\AppData\Roaming\Windows Net Data 2013-09-26 12:39 - 2013-09-26 12:39 - 00000000 ____D C:\Users\User\AppData\Roaming\Softonic 2013-09-26 12:39 - 2013-09-26 12:39 - 00000000 ____D C:\Program Files (x86)\Softonic 2013-09-26 12:38 - 2013-09-26 12:38 - 00400728 _____ (Softonic ) C:\Users\User\Downloads\SoftonicDownloader_fuer_expat-shield.exe 2013-09-26 12:24 - 2013-08-12 10:52 - 00000000 ____D C:\SoloApp 2013-09-26 12:22 - 2013-09-26 12:22 - 00001842 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_lsntpqko.1xe.pbk 2013-09-26 12:06 - 2013-09-26 12:00 - 00000000 ____D C:\Users\User\AppData\Local\DownloadGuide 2013-09-26 12:04 - 2013-09-26 12:04 - 00001288 _____ C:\Windows\Tasks\Plus-HD-3.8-updater.job 2013-09-26 12:04 - 2013-09-26 12:04 - 00001194 _____ C:\Windows\Tasks\Plus-HD-3.8-codedownloader.job 2013-09-26 12:04 - 2013-09-26 12:04 - 00001092 _____ C:\Windows\Tasks\Plus-HD-3.8-enabler.job 2013-09-26 12:04 - 2013-09-26 12:03 - 00000000 ____D C:\Program Files (x86)\Plus-HD-3.8 2013-09-26 12:03 - 2013-09-26 12:03 - 00001902 _____ C:\Windows\Tasks\Plus-HD-3.8-chromeinstaller.job 2013-09-26 12:03 - 2013-09-26 12:03 - 00001826 _____ C:\Windows\Tasks\Plus-HD-3.8-firefoxinstaller.job 2013-09-26 12:03 - 2013-09-26 12:03 - 00000000 ____D C:\Program Files (x86)\foxydeal 2013-09-26 12:03 - 2008-08-05 14:55 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-26 12:02 - 2013-09-26 12:02 - 00000000 ____D C:\Users\User\AppData\Roaming\SimplyTech 2013-09-26 12:02 - 2013-09-26 12:02 - 00000000 ____D C:\Users\User\AppData\Roaming\HomeTab 2013-09-26 12:02 - 2013-08-12 10:08 - 00000000 ____D C:\Program Files (x86)\HomeTab 2013-09-26 12:00 - 2013-09-26 12:00 - 00478528 _____ C:\Users\User\Downloads\ifreevpn-Downloader.exe 2013-09-26 11:56 - 2013-09-26 11:56 - 00001877 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_vzainmdm.p3e.pbk 2013-09-26 11:56 - 2013-09-26 11:56 - 00001877 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_v5jnzrhf.itx.pbk 2013-09-26 11:56 - 2013-09-26 11:56 - 00001877 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_phptnij0.gqi.pbk 2013-09-26 10:44 - 2013-03-12 13:10 - 00000000 ____D C:\Users\User\Documents\FIFA 13 2013-09-26 09:38 - 2013-09-26 09:38 - 00001842 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_qgd2lfzc.4cf.pbk 2013-09-25 09:30 - 2013-09-25 09:29 - 00001841 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_hlvw0cfy.5hv.pbk 2013-09-25 09:26 - 2013-09-25 09:25 - 00001842 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_eqklbxhr.dqz.pbk 2013-09-25 09:20 - 2013-09-25 09:20 - 00001843 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_3v20slrp.jmw.pbk 2013-09-25 09:17 - 2013-09-25 09:17 - 00001842 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_jfwazffk.z4r.pbk 2013-09-25 09:14 - 2013-09-25 09:14 - 00001842 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN.pbk 2013-09-25 09:12 - 2013-09-25 09:12 - 00000000 ____D C:\Users\User\AppData\Roaming\Opera 2013-09-25 09:11 - 2013-09-25 09:11 - 00613216 _____ C:\Users\User\Downloads\free-vpn Installer.exe 2013-09-25 09:11 - 2013-09-25 09:11 - 00000000 ____D C:\Users\User\AppData\Roaming\OCS 2013-09-25 09:11 - 2013-09-25 09:11 - 00000000 ____D C:\Users\User\AppData\Roaming\DesktopIconForAmazon 2013-09-25 09:11 - 2013-09-25 09:11 - 00000000 ____D C:\ProgramData\DNSErrorHelper 2013-09-25 09:11 - 2008-08-05 15:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-09-24 08:59 - 2013-04-21 09:55 - 00000296 _____ C:\Windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2622127104-3349807106-840860686-1000.job 2013-09-24 08:30 - 2013-09-24 08:30 - 00000000 ____D C:\Users\User\AppData\Roaming\RealNetworks 2013-09-24 08:29 - 2013-09-24 08:29 - 00000000 ____D C:\ProgramData\RealNetworks 2013-09-24 08:29 - 2013-09-24 08:29 - 00000000 ____D C:\Program Files (x86)\RealNetworks 2013-09-24 08:28 - 2013-04-21 09:54 - 00201872 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll 2013-09-24 08:28 - 2010-06-11 17:53 - 00000000 ____D C:\ProgramData\Real 2013-09-24 08:28 - 2010-06-11 17:53 - 00000000 ____D C:\Program Files (x86)\Real 2013-09-24 08:27 - 2013-04-21 09:54 - 00272896 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll 2013-09-24 08:27 - 2013-04-21 09:54 - 00006656 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll 2013-09-24 08:27 - 2013-04-21 09:54 - 00005632 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll 2013-09-24 08:26 - 2013-04-21 09:54 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll 2013-09-24 08:26 - 2013-04-21 09:54 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll 2013-09-23 16:34 - 2009-09-15 18:53 - 00000000 ____D C:\Users\User\AppData\Roaming\BitTorrent Files to move or delete: ==================== C:\Users\Public\AlexaNSISPlugin.4596.dll C:\Users\User\AdbeRdr90_de_DE.exe C:\Users\User\antivir_workstation_winu_de_h.exe C:\Users\User\ashampoo_winoptimizer505_sm.exe C:\Users\User\d3dx9_30.dll C:\Users\User\dotnetfx.exe C:\Users\User\dotnetfx2.exe C:\Users\User\Firefox Setup 3.0.1.exe C:\Users\User\GameSpyInstaller263002REG.EXE C:\Users\User\googleearthwin.exe C:\Users\User\IE8-WindowsVista-x86-DEU.exe C:\Users\User\SkypeSetup.exe C:\Users\User\ts2_client_rc2_2032.exe C:\Users\User\Windows6.0-KB936330-X86-wave0.exe C:\Windows\Tasks\{03BA6005-F911-4FEC-9178-9913456B6B8C}.job C:\Windows\Tasks\{25949BD3-CB5B-4423-A287-FAD1A14D3031}.job C:\Windows\Tasks\{7C356296-2E00-4D66-A725-228473CE8776}.job C:\Windows\Tasks\{86CED08D-A7AA-4BAE-A649-FF86FF6AB7BD}.job C:\Windows\Tasks\{A8B90A61-A301-4DEE-A4C4-14469632EB60}.job C:\Windows\Tasks\{D8F637E3-D0D9-43B5-871F-FCAEE0775CAD}.job C:\Windows\Tasks\{DD7517F0-DB25-475B-82EE-99F36813E40C}.job Some content of TEMP: ==================== C:\Users\User\AppData\Local\Temp\ABP_InstallChecker.exe C:\Users\User\AppData\Local\Temp\ABP_TB0001.exe C:\Users\User\AppData\Local\Temp\instloffer.exe C:\Users\User\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe C:\Users\User\AppData\Local\Temp\Offer100.exe C:\Users\User\AppData\Local\Temp\rootsupd.exe C:\Users\User\AppData\Local\Temp\_is60A9.exe C:\Users\User_2\AppData\Local\Temp\80615-82786-flv-media-player.exe C:\Users\User_2\AppData\Local\Temp\apptorun.exe C:\Users\User_2\AppData\Local\Temp\AskSLib.dll C:\Users\User_2\AppData\Local\Temp\Gw2.exe C:\Users\User_2\AppData\Local\Temp\instloffer.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-23 10:53 ==================== End Of Log ============================ |
|
24.10.2013, 09:52
| #2 |
| /// the machine /// TB-Ausbilder    | Problem mit getwindowinfo hi,
__________________ So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Scan mit Combofix
__________________ |
|
25.10.2013, 07:19
| #3 |
| | Problem mit getwindowinfo bekomme die combofix.txt hier nicht rein.
__________________ComboFix 13-10-24.01 - User 25.10.2013 7:22.1.4 - x64 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.8144.6005 [GMT 2:00] ausgeführt von:: c:\users\User\Downloads\ComboFix.exe AV: Kaspersky PURE 3.0 *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5} FW: Kaspersky PURE 3.0 *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E} SP: Kaspersky PURE 3.0 *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . C:\END C:\Install.exe c:\program files (x86)\Complitly c:\program files (x86)\Complitly\chrome\ComplitlyChrome.crx c:\program files (x86)\Complitly\FireFoxExtensionWithFF8Fix.exe c:\program files (x86)\Complitly\FireFoxUninstaller.exe c:\program files (x86)\Complitly\InstTracker.exe c:\program files (x86)\Complitly\support@Complitly.com\chrome.manifest c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\appIcon.png c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\browserOverlay.xul c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\options.js c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\options.xul c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\utils.js c:\program files (x86)\Complitly\support@Complitly.com\defaults\preferences\predictad.js c:\program files (x86)\Complitly\support@Complitly.com\install.rdf c:\program files (x86)\Complitly\System.Data.SQLite.dll c:\program files (x86)\Complitly\unins000.dat c:\program files (x86)\Complitly\unins000.exe c:\program files (x86)\CoolLyrics c:\program files (x86)\CoolLyrics\CoolLyricsUpdater.exe c:\program files (x86)\CoolLyrics\FF\chrome.manifest c:\program files (x86)\CoolLyrics\FF\chrome\content\icon.png c:\program files (x86)\CoolLyrics\FF\chrome\content\main.js c:\program files (x86)\CoolLyrics\FF\chrome\content\overlay.xul c:\program files (x86)\CoolLyrics\FF\install.rdf c:\program files (x86)\CoolLyrics\Uninstall.exe c:\program files (x86)\DealPly c:\program files (x86)\DealPly\DealPly.crx c:\program files (x86)\DealPly\DealPly.xpi c:\program files (x86)\DealPly\DealPlyIE.dll c:\program files (x86)\DealPly\DealPlyIE64.dll c:\program files (x86)\DealPly\DealPlyUpdate.exe c:\program files (x86)\DealPly\DealPlyUpdateRun.exe c:\program files (x86)\DealPly\DealPlyUpdateVer.exe c:\program files (x86)\DealPly\icon.ico c:\program files (x86)\DealPly\uninst.exe c:\program files (x86)\LyricsFinder c:\program files (x86)\LyricsFinder\FF\chrome.manifest c:\program files (x86)\LyricsFinder\FF\chrome\content\icon.png c:\program files (x86)\LyricsFinder\FF\chrome\content\main.js c:\program files (x86)\LyricsFinder\FF\chrome\content\overlay.xul c:\program files (x86)\LyricsFinder\FF\install.rdf c:\program files (x86)\LyricsFinder\lfind.dll c:\program files (x86)\LyricsFinder\LyricsFinderUpdater.exe c:\program files (x86)\LyricsFinder\Uninstall.exe c:\program files (x86)\Mozilla Firefox\components\AskHPRFF.js c:\program files (x86)\PriceGong c:\program files (x86)\PriceGong\2.6.7\PriceGong.crx c:\program files (x86)\PriceGong\2.6.7\PriceGongIE.dll c:\program files (x86)\PriceGong\uninst.exe c:\program files (x86)\PricePeep c:\program files (x86)\PricePeep\installer.ico c:\program files (x86)\PricePeep\pricepeep.dll c:\program files (x86)\PricePeep\uninstall.exe c:\program files (x86)\PricePeep\unutil.exe c:\program files (x86)\SingAlong c:\program files (x86)\SingAlong\chrome.crx c:\program files (x86)\SingAlong\chrome.manifest c:\program files (x86)\SingAlong\FF\chrome.manifest c:\program files (x86)\SingAlong\FF\chrome\content\icon.png c:\program files (x86)\SingAlong\FF\chrome\content\main.js c:\program files (x86)\SingAlong\FF\chrome\content\overlay.xul c:\program files (x86)\SingAlong\FF\install.rdf c:\program files (x86)\SingAlong\singalng.dll c:\program files (x86)\SingAlong\SingalngUpdater.exe c:\program files (x86)\SingAlong\Uninstall.exe c:\program files (x86)\SoftwareUpdater\KeyGen.dll c:\program files (x86)\TelevisionFanaticEI c:\program files (x86)\TelevisionFanaticEI\Installr\1.bin\64EIPlug.dll c:\program files (x86)\TelevisionFanaticEI\Installr\1.bin\64EZSETP.dll c:\program files (x86)\webmediaplayer c:\program files (x86)\webmediaplayer\resources\wmp_translation_file.xml c:\program files (x86)\webmediaplayer\skins\classic.skn c:\program files (x86)\webmediaplayer\sqlite3.dll c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Datenschutzrichtlinien.url c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Deinstallieren.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Geschäftsbedingungen.url c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\WebMediaPlayer.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Website.url c:\users\User\antivir_workstation_winu_de_h.exe c:\users\User\AppData\Local\assembly\tmp c:\users\User\AppData\Local\ext_piccshare_uninst.exe c:\users\User\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data c:\users\User\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences c:\users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_fglhnbihmeinbfgalpnaiembmdhfijli_0 c:\users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_fglhnbihmeinbfgalpnaiembmdhfijli_0\5 c:\users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_fglhnbihmeinbfgalpnaiembmdhfijli_0\6 c:\users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_hhlmghjmomaoodfgjeikphfdljhpcpkl_0 c:\users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_hhlmghjmomaoodfgjeikphfdljhpcpkl_0\7 c:\users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_hhlmghjmomaoodfgjeikphfdljhpcpkl_0\8 c:\users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_omfoidjpeklpjhlhabhcomekbkclkbec_0 c:\users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_omfoidjpeklpjhlhabhcomekbkclkbec_0\10 c:\users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_omfoidjpeklpjhlhabhcomekbkclkbec_0\9 c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\background.html c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\crossriderManifest.json c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\icons\actions\1.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\icons\icon128.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\icons\icon16.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\icons\icon48.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\js\api\chrome.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\js\api\cookie.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\js\api\message.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\js\app\background.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\js\app\extension.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\js\background.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\manifest.json c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\popup.html c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\background.html c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\crossriderManifest.json c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\icons\actions\1.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\icons\icon128.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\icons\icon16.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\icons\icon48.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\api\chrome.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\api\cookie.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\api\message.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\app\background.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\app\extension.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\background.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\app_api.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\async_api.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\bg_app_api.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\cookie_store.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\crossriderAPI.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\data_store.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\delegate.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\events.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\installer.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\logging.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\onBGDocumentLoad.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\popupResource\newPopup.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\popupResource\popup.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\reports.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\util.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\xhr.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\manifest.json c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\popup.html c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\background.html c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\crossriderManifest.json c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\manifest.xml c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins.json c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\1_base.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\101_cortica_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\102_dealply_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\103_intext_5_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\104_jollywallet_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\105_corticas_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\107_coupish_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\108_icm_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\116_ads_only_5_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\117_coupons_intext_ads_5_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\119_similar_web_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\120_luck_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\123_intext_adv_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\125_arcadi2_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\126_revizer_ws_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\127_revizer_p_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\128_superfish_pricora_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\129_widdit_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\13_CrossriderAppUtils.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\135_arcadi3_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\138_getdeal_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\14_CrossriderUtils.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\141_corticas_ru_m.js.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\142_intext_fa_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\155_ibario_pops_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\17_jQuery.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\19_CHAppAPIWrapper.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\21_debug.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\22_resources.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\28_initializer.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\4_jquery_1_7_1.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\47_resources_background.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\64_appApiMessage.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\72_appApiValidation.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\78_CrossriderInfo.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\80_CHPopupAppAPI.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\87_ginyas_wrapper.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\91_monetizationLoader.js.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\92_superfish_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\93_superfish_no_coupons_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\97_resourceApiWrapper.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\userCode\background.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\userCode\extension.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\icons\actions\1.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\icons\icon128.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\icons\icon16.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\icons\icon48.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\api\chrome.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\api\cookie.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\api\message.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\api\pageAction.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\api\pageActionBG.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\background.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\app_api.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\bg_app_api.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\consts.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\cookie_store.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\crossriderAPI.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\delegate.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\events.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\extensionDataStore.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\installer.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\logFile.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\logging.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\onBGDocumentLoad.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\popupResource\newPopup.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\popupResource\popup.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\reports.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\storageWrapper.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\updateManager.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\util.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\xhr.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\main.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\manifest.json c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\popup.html c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\background.html c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\crossriderManifest.json c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\manifest.xml c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins.json c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\1_base.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\101_cortica_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\102_dealply_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\103_intext_5_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\104_jollywallet_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\105_corticas_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\107_coupish_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\108_icm_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\116_ads_only_5_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\117_coupons_intext_ads_5_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\119_similar_web_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\120_luck_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\123_intext_adv_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\125_arcadi2_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\126_revizer_ws_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\127_revizer_p_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\128_superfish_pricora_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\129_widdit_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\13_CrossriderAppUtils.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\132_arcadi_coupons_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\133_arcadi_intext_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\134_arcadi_serp_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\135_arcadi3_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\138_getdeal_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\14_CrossriderUtils.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\141_corticas_ru_m.js.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\142_intext_fa_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\17_jQuery.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\19_CHAppAPIWrapper.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\21_debug.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\22_resources.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\28_initializer.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\4_jquery_1_7_1.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\47_resources_background.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\64_appApiMessage.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\72_appApiValidation.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\78_CrossriderInfo.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\80_CHPopupAppAPI.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\87_ginyas_wrapper.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\91_monetizationLoader.js.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\92_superfish_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\93_superfish_no_coupons_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\97_resourceApiWrapper.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\userCode\background.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\userCode\extension.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\icons\actions\1.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\icons\icon128.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\icons\icon16.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\icons\icon48.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\api\chrome.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\api\cookie.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\api\message.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\api\pageAction.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\api\pageActionBG.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\background.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\app_api.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\bg_app_api.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\consts.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\cookie_store.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\crossriderAPI.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\delegate.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\events.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\extensionDataStore.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\installer.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\logFile.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\logging.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\onBGDocumentLoad.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\popupResource\newPopup.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\popupResource\popup.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\reports.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\storageWrapper.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\updateManager.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\util.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\xhr.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\main.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\manifest.json c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\popup.html c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omfoidjpeklpjhlhabhcomekbkclkbec c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omfoidjpeklpjhlhabhcomekbkclkbec\000112.sst c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omfoidjpeklpjhlhabhcomekbkclkbec\000118.sst c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omfoidjpeklpjhlhabhcomekbkclkbec\000119.log c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omfoidjpeklpjhlhabhcomekbkclkbec\CURRENT c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omfoidjpeklpjhlhabhcomekbkclkbec\LOCK c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omfoidjpeklpjhlhabhcomekbkclkbec\LOG c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omfoidjpeklpjhlhabhcomekbkclkbec\LOG.old c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omfoidjpeklpjhlhabhcomekbkclkbec\MANIFEST-000117 c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fglhnbihmeinbfgalpnaiembmdhfijli_0.localstorage-journal c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fglhnbihmeinbfgalpnaiembmdhfijli_0.localstorage c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hhlmghjmomaoodfgjeikphfdljhpcpkl_0.localstorage-journal c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hhlmghjmomaoodfgjeikphfdljhpcpkl_0.localstorage c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_omfoidjpeklpjhlhabhcomekbkclkbec_0.localstorage-journal c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_omfoidjpeklpjhlhabhcomekbkclkbec_0.localstorage c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences c:\users\User\AppData\Local\lollipop c:\users\User\AppData\Local\omesuperv.exe c:\users\User\AppData\Local\soyys.dat c:\users\User\AppData\Local\soyys_nav.dat c:\users\User\AppData\Local\soyys_navps.dat c:\users\User\AppData\Local\timzfm.dat c:\users\User\AppData\Local\timzfm_nav.dat c:\users\User\AppData\Local\timzfm_navps.dat c:\users\User\AppData\Roaming\.# c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome.manifest c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\asyncDB.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\background.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\browserAction.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\contextMenu.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\dbManager.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\dom_bg.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\fileManager.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\firefox.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\firefoxNotifications.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\firefoxOmnibox.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\message.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\pageAction.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\request.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\tabs.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\webRequest.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\background.html c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\baseObject.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\browser.xul c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\console.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\consts.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\delegate.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\extensionDataStore.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\folderIOWrapper.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\httpObserver.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\IDBWrapper.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\installer.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\logFile.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\prefs.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\progressListenerObserver.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\registry.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\reloadObserver.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\reports.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\requestObject.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\searchSettings.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\uninstallObserver.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\updateManager.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\utils.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\xhr.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\dialog.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\main.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\options.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\options.xul c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\search_dialog.xul c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\defaults\preferences\prefs.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\manifest.xml c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins.json c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\1_base.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\101_cortica_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\102_dealply_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\103_intext_5_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\104_jollywallet_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\105_corticas_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\107_coupish_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\108_icm_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\116_ads_only_5_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\117_coupons_intext_ads_5_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\119_similar_web_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\120_luck_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\123_intext_adv_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\125_arcadi2_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\126_revizer_ws_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\127_revizer_p_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\128_superfish_pricora_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\129_widdit_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\13_CrossriderAppUtils.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\135_arcadi3_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\138_getdeal_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\14_CrossriderUtils.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\141_corticas_ru_m.js.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\142_intext_fa_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\155_ibario_pops_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\159_cortica_rollover_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\16_FFAppAPIWrapper.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\17_jQuery.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\170_icm1_5_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\171_arcadi2_sourceID_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\175_coolmirage_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\21_debug.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\22_resources.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\28_initializer.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\4_jquery_1_7_1.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\47_resources_background.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\64_appApiMessage.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\7_hooks.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\72_appApiValidation.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\78_CrossriderInfo.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\87_ginyas_wrapper.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\9_search_engine_hook.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\91_monetizationLoader.js.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\92_superfish_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\93_superfish_no_coupons_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\98_omniCommands.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\userCode\background.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\userCode\extension.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\install.rdf c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\locale\en-US\translations.dtd c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\button1.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\button2.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\button3.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\button4.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\button5.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\crossrider_statusbar.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\icon128.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\icon16.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\icon24.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\icon48.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\panelarrow-up.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\popup.html c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\skin.css c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\update.css c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome.manifest c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\asyncDB.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\background.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\browserAction.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\contextMenu.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\dbManager.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\dom_bg.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\fileManager.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\firefox.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\firefoxNotifications.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\firefoxOmnibox.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\message.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\pageAction.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\request.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\tabs.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\webRequest.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\background.html c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\baseObject.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\browser.xul c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\console.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\consts.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\delegate.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\extensionDataStore.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\folderIOWrapper.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\httpObserver.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\IDBWrapper.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\installer.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\logFile.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\prefs.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\progressListenerObserver.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\registry.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\reloadObserver.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\reports.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\requestObject.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\searchSettings.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\uninstallObserver.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\updateManager.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\utils.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\xhr.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\dialog.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\main.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\options.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\options.xul c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\search_dialog.xul c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\defaults\preferences\prefs.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\manifest.xml c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins.json c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\1_base.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\101_cortica_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\102_dealply_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\103_intext_5_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\104_jollywallet_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\105_corticas_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\107_coupish_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\108_icm_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\116_ads_only_5_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\117_coupons_intext_ads_5_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\119_similar_web_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\120_luck_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\123_intext_adv_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\125_arcadi2_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\126_revizer_ws_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\127_revizer_p_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\128_superfish_pricora_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\129_widdit_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\13_CrossriderAppUtils.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\135_arcadi3_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\138_getdeal_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\14_CrossriderUtils.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\141_corticas_ru_m.js.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\142_intext_fa_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\155_ibario_pops_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\159_cortica_rollover_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\16_FFAppAPIWrapper.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\17_jQuery.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\170_icm1_5_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\171_arcadi2_sourceID_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\175_coolmirage_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\21_debug.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\22_resources.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\28_initializer.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\4_jquery_1_7_1.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\47_resources_background.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\64_appApiMessage.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\7_hooks.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\72_appApiValidation.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\78_CrossriderInfo.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\87_ginyas_wrapper.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\9_search_engine_hook.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\91_monetizationLoader.js.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\92_superfish_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\93_superfish_no_coupons_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\98_omniCommands.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\userCode\background.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\userCode\extension.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\install.rdf c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\locale\en-US\translations.dtd c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\button1.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\button2.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\button3.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\button4.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\button5.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\crossrider_statusbar.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\icon128.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\icon16.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\icon24.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\icon48.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\panelarrow-up.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\popup.html c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\skin.css c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\update.css c:\users\User\ts2_client_rc2_2032.exe c:\users\User_2\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data c:\users\User_2\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences c:\windows\SysWow64\ccrpTmr6.dll c:\windows\SysWow64\System32\MASetupCleaner.exe c:\windows\SysWow64\System32\muzapp.exe c:\windows\SysWow64\tmp222.tmp c:\windows\SysWow64\tmp252.tmp c:\windows\SysWow64\tmp93F5.tmp c:\windows\SysWow64\tmp9425.tmp c:\windows\wininit.ini . |
|
25.10.2013, 07:21
| #4 |
| | Problem mit getwindowinfo . ((((((((((((((((((((((((((((((((((((((( Treiber/Dienste ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_SrvUpdater . . ((((((((((((((((((((((( Dateien erstellt von 2013-09-25 bis 2013-10-25 )))))))))))))))))))))))))))))) . . 2013-10-25 05:32 . 2013-10-25 05:35 -------- d-----w- c:\users\User\AppData\Local\temp 2013-10-25 05:32 . 2013-10-25 05:32 -------- d-----w- c:\users\User_2\AppData\Local\temp 2013-10-25 05:32 . 2013-10-25 05:32 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2013-10-24 06:52 . 2013-10-24 06:52 -------- d-----w- c:\program files (x86)\7-Zip 2013-10-23 14:04 . 2013-10-23 14:04 -------- d-----w- C:\FRST 2013-10-16 10:35 . 2013-10-16 10:35 -------- d-----w- c:\programdata\Oracle 2013-10-16 10:35 . 2013-10-16 10:35 -------- d-----w- c:\program files (x86)\Common Files\Java 2013-10-16 10:34 . 2013-10-08 05:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-10-09 06:08 . 2013-08-29 07:48 2775552 ----a-w- c:\windows\system32\win32k.sys 2013-10-05 13:07 . 2012-04-24 19:35 693648 ----a-w- c:\program files (x86)\64Uninstall TelevisionFanatic.dll 2013-10-05 13:07 . 2012-04-24 19:35 174024 ----a-w- c:\program files (x86)\64res.dll 2013-09-28 06:51 . 2013-09-28 06:51 -------- d-----w- c:\windows\system32\IO 2013-09-26 10:39 . 2013-09-26 10:39 -------- d-----w- c:\program files (x86)\Softonic 2013-09-26 10:39 . 2013-09-26 10:39 -------- d-----w- c:\users\User\AppData\Roaming\Softonic 2013-09-26 10:04 . 2009-11-20 13:26 31232 ----a-w- c:\windows\system32\drivers\tap0901.sys 2013-09-26 10:03 . 2013-09-26 10:04 -------- d-----w- c:\program files (x86)\Plus-HD-3.8 2013-09-26 10:03 . 2013-09-26 11:34 -------- d-----w- c:\users\User\AppData\Roaming\Windows Net Data 2013-09-26 10:03 . 2013-09-26 10:03 -------- d-----w- c:\program files (x86)\foxydeal 2013-09-26 10:02 . 2013-09-26 10:02 -------- d-----w- c:\users\User\AppData\Roaming\SimplyTech 2013-09-26 10:02 . 2013-09-26 10:02 -------- d-----w- c:\users\User\AppData\Roaming\HomeTab 2013-09-26 10:00 . 2013-09-26 10:06 -------- d-----w- c:\users\User\AppData\Local\DownloadGuide 2013-09-25 07:11 . 2013-09-25 07:11 -------- d-----w- c:\programdata\DNSErrorHelper 2013-09-25 07:11 . 2011-05-13 12:16 493056 ----a-w- c:\windows\SysWow64\dhRichClient3.dll 2013-09-25 07:11 . 2011-03-25 20:42 338432 ----a-w- c:\windows\SysWow64\sqlite36_engine.dll 2013-09-25 07:11 . 2013-09-25 07:11 -------- d-----w- c:\users\User\AppData\Roaming\DesktopIconForAmazon 2013-09-25 07:11 . 2013-09-25 07:11 -------- d-----w- c:\users\User\AppData\Roaming\OCS . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-10-17 04:51 . 2013-03-16 22:08 90208 ----a-w- c:\windows\system32\drivers\klflt.sys 2013-10-17 04:51 . 2013-03-16 22:08 626272 ----a-w- c:\windows\system32\drivers\klif.sys 2013-10-17 04:51 . 2012-09-03 17:23 29280 ----a-w- c:\windows\system32\drivers\klmouflt.sys 2013-10-17 04:51 . 2012-09-03 16:57 29280 ----a-w- c:\windows\system32\drivers\klkbdflt.sys 2013-10-17 04:51 . 2012-06-19 16:28 7717984 ----a-w- c:\windows\system32\drivers\kl1.sys 2013-10-16 05:49 . 2012-04-24 17:33 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-10-16 05:49 . 2011-05-18 14:00 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-10-16 00:48 . 2013-09-20 13:21 15858664 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2013-10-16 00:48 . 2013-09-06 18:02 15244272 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2013-10-16 00:48 . 2013-02-25 22:32 2694664 ----a-w- c:\windows\SysWow64\nvapi.dll 2013-10-16 00:48 . 2013-02-25 22:32 3067560 ----a-w- c:\windows\system32\nvapi64.dll 2013-10-16 00:48 . 2013-02-25 22:32 18243632 ----a-w- c:\windows\system32\nvd3dumx.dll 2013-10-15 21:47 . 2011-04-07 21:19 6665504 ----a-w- c:\windows\system32\nvcpl.dll 2013-10-15 21:47 . 2011-04-07 21:18 3489568 ----a-w- c:\windows\system32\nvsvc64.dll 2013-10-15 21:47 . 2011-04-07 21:19 922912 ----a-w- c:\windows\system32\nvvsvc.exe 2013-10-15 21:47 . 2011-04-07 21:19 63776 ----a-w- c:\windows\system32\nvshext.dll 2013-10-15 21:47 . 2011-04-07 21:19 2559776 ----a-w- c:\windows\system32\nvsvcr.dll 2013-10-15 21:47 . 2011-04-07 21:19 219424 ----a-w- c:\windows\system32\nvmctray.dll 2013-10-14 07:12 . 2013-10-23 06:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9394697B-16BD-4D15-8CEF-6AAD81673A4D}\mpengine.dll 2013-10-09 10:17 . 2006-11-02 12:35 80541720 ----a-w- c:\windows\system32\mrt.exe 2013-10-02 05:24 . 2013-07-20 13:36 46368 ----a-w- c:\windows\system32\drivers\avgtpx64.sys 2013-09-24 06:26 . 2013-04-21 07:54 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll 2013-09-24 06:26 . 2013-04-21 07:54 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll 2013-09-18 20:08 . 2013-09-18 20:08 94208 ----a-w- c:\windows\SysWow64\dpl100.dll 2013-09-12 08:58 . 2013-09-20 13:21 1884448 ----a-w- c:\windows\system32\nvdispco6432723.dll 2013-09-12 08:58 . 2013-09-20 13:21 1511712 ----a-w- c:\windows\system32\nvdispgenco6432723.dll 2013-09-03 14:54 . 2013-09-03 14:47 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2013-09-03 14:54 . 2013-09-03 14:50 282104 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2013-09-03 14:54 . 2013-09-03 14:48 282104 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2013-09-03 12:35 . 2009-10-03 10:48 278800 ------w- c:\windows\system32\MpSigStub.exe 2013-08-26 09:13 . 2013-08-26 09:13 354656 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl 2013-08-19 10:10 . 2009-02-15 17:23 419840 ----a-w- c:\windows\system32\wrap_oal.dll 2013-08-19 10:10 . 2009-02-15 17:23 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll 2013-08-19 10:10 . 2009-02-15 17:23 133632 ----a-w- c:\windows\system32\OpenAL32.dll 2013-08-19 10:10 . 2009-02-15 17:23 110592 ----a-w- c:\windows\SysWow64\OpenAL32.dll 2013-08-18 21:02 . 2013-09-06 18:02 1511712 ----a-w- c:\windows\system32\nvdispgenco6432680.dll 2013-08-18 21:02 . 2013-09-06 18:02 1884448 ----a-w- c:\windows\system32\nvdispco6432680.dll 2013-08-13 06:38 . 2013-08-12 08:08 32328 ----a-w- c:\windows\Launcher.exe 2013-08-02 14:06 . 2013-08-28 12:39 1706496 ----a-w- c:\windows\system32\WMVDECOD.DLL 2013-08-02 04:09 . 2013-08-28 12:39 1548288 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL 2013-07-27 13:02 . 2013-07-27 12:36 111616 ----a-w- c:\windows\SysWow64\ActualEarth.scr . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110311121157}] 2013-07-08 07:00 752488 ----a-w- c:\program files (x86)\Plus-HD-1.3\Plus-HD-1.3-bho.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110311151154}] 2013-07-06 05:31 750952 ----a-w- c:\program files (x86)\Feven\Feven-bho.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110311251140}] 2013-05-19 15:15 743272 ----a-w- c:\program files (x86)\Plus-HD-1.8\Plus-HD-1.8-bho.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110311341126}] 2013-07-22 10:29 752488 ----a-w- c:\program files (x86)\Plus-HD-2.3\Plus-HD-2.3-bho.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110311901130}] 2013-09-26 10:04 752488 ----a-w- c:\program files (x86)\Plus-HD-3.8\Plus-HD-3.8-bho.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{18DBB6CE-3148-4FEC-B481-103CB3290427}] 2013-05-30 08:47 382272 ----a-w- c:\program files (x86)\Speed Analysis 2\ScriptHost.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}] 2009-11-08 08:55 297808 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}] 2013-04-26 02:57 307608 ----a-w- c:\program files (x86)\mixidj\mixidj\1.8.18.8\bh\mixidj.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{54E67346-EE5A-45B6-82AA-4F0BB28C79C2}] 2013-08-02 01:46 769320 ----a-w- c:\program files (x86)\iRobinHood\iRobinHood Addon\iRobinHood.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{553318DA-D010-469E-84B1-496563CAE1C0}] 2013-07-21 13:24 119160 ----a-w- c:\users\User\AppData\Local\ext_piccshare\ext_piccshare.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{627af46b-2076-42ae-a2fd-8428734d3e74}] 2010-02-10 16:36 86016 ----a-w- c:\program files (x86)\simppulltoolbar\simppulldx.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{9B6B03F1-16CF-4491-BBBB-E872802DD717}] 2013-09-25 07:11 138752 ----a-w- c:\programdata\DNSErrorHelper\bho.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{9fdfb66c-713b-4201-83a6-5b78ae227b41}] 2013-08-01 06:48 1071176 ----a-w- c:\users\User_2\AppData\Roaming\HomeTab\HomeTab.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}] 2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\MyAshampoo\prxtbMyA2.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{a25e7121-3dd8-41b3-855b-756c5bc45449}] 2013-08-15 02:23 1072200 ----a-w- c:\users\User\AppData\Roaming\HomeTab\HomeTab.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0}] 2013-07-01 13:58 382272 ----a-w- c:\program files (x86)\Zula Games\ScriptHost.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{b106b661-3e1b-4015-af5c-195e909f35c6}] 2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\NCH_DE\prxtbNCH_.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] 2013-07-23 02:50 311536 ----a-w- c:\program files (x86)\Delta\delta\1.8.22.0\bh\delta.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C4B8BAB4-1667-11DF-A242-BA9455D89593}] 2009-10-20 15:50 258008 ----a-w- c:\program files (x86)\simppulltoolbar\auxi\simppulltoolbAu.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2012-06-06 19:33 1519304 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{DEDAF650-12B8-48f5-A843-BBA100716106}] 2013-05-29 08:24 169304 ----a-w- c:\program files\Updater By Sweetpacks\Extension32.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}] 2013-05-06 15:36 301464 ----a-w- c:\program files (x86)\Softonic\Softonic\1.8.19.3\bh\Softonic.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F443A627-5009-4323-9C1D-7FD598D0D712}] 2012-08-15 19:35 2162272 ----a-w- c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] 2013-03-06 20:52 197920 ----a-w- c:\program files (x86)\Yontoo\YontooIEClient.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\program files (x86)\MyAshampoo\prxtbMyA2.dll" [2011-05-09 176936] "{627af46b-2076-42ae-a2fd-8428734d3e74}"= "c:\program files (x86)\simppulltoolbar\simppulldx.dll" [2010-02-10 86016] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-06-06 1519304] "{b106b661-3e1b-4015-af5c-195e909f35c6}"= "c:\program files (x86)\NCH_DE\prxtbNCH_.dll" [2011-05-09 176936] "{82E1477C-B154-48D3-9891-33D83C26BCD3}"= "c:\program files (x86)\Delta\delta\1.8.22.0\deltaTlbr.dll" [2013-07-23 300952] "{EA582743-9076-4178-9AA6-7393FDF4D5CE}"= "c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll" [2012-08-15 2162272] "{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}"= "c:\program files (x86)\mixidj\mixidj\1.8.18.8\mixidjTlbr.dll" [2013-04-26 300952] "{9fdfb66c-713b-4201-83a6-5b78ae227b41}"= "c:\users\User_2\AppData\Roaming\HomeTab\HomeTab.dll" [2013-08-01 1071176] "{a25e7121-3dd8-41b3-855b-756c5bc45449}"= "c:\users\User\AppData\Roaming\HomeTab\HomeTab.dll" [2013-08-15 1072200] "{5018CFD2-804D-4C99-9F81-25EAEA2769DE}"= "c:\program files (x86)\Softonic\Softonic\1.8.19.3\SoftonicTlbr.dll" [2013-05-06 288664] . [HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}] . [HKEY_CLASSES_ROOT\clsid\{627af46b-2076-42ae-a2fd-8428734d3e74}] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CLASSES_ROOT\clsid\{b106b661-3e1b-4015-af5c-195e909f35c6}] . [HKEY_CLASSES_ROOT\clsid\{82e1477c-b154-48d3-9891-33d83c26bcd3}] [HKEY_CLASSES_ROOT\delta.deltadskBnd.1] [HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] [HKEY_CLASSES_ROOT\delta.deltadskBnd] . [HKEY_CLASSES_ROOT\clsid\{ea582743-9076-4178-9aa6-7393fdf4d5ce}] [HKEY_CLASSES_ROOT\TypeLib\{33D0AD98-3347-4A54-8929-5163EBEB9F72}] . [HKEY_CLASSES_ROOT\clsid\{ca9b9c89-4662-4adc-9c23-a452becd5d19}] [HKEY_CLASSES_ROOT\mixidj.mixidjdskBnd.1] [HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] [HKEY_CLASSES_ROOT\mixidj.mixidjdskBnd] . [HKEY_CLASSES_ROOT\clsid\{9fdfb66c-713b-4201-83a6-5b78ae227b41}] [HKEY_CLASSES_ROOT\wtb.Band.1] [HKEY_CLASSES_ROOT\TypeLib\{cc60fe81-0b1d-4dd6-a479-8d1f3ae81c99}] [HKEY_CLASSES_ROOT\wtb.Band] . [HKEY_CLASSES_ROOT\clsid\{a25e7121-3dd8-41b3-855b-756c5bc45449}] [HKEY_CLASSES_ROOT\wtb.Band.1] [HKEY_CLASSES_ROOT\TypeLib\{2690da64-4be2-4afa-b159-af0e41f23b6e}] [HKEY_CLASSES_ROOT\wtb.Band] . [HKEY_CLASSES_ROOT\clsid\{5018cfd2-804d-4c99-9f81-25eaea2769de}] [HKEY_CLASSES_ROOT\Softonic.dskBnd.1] [HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] [HKEY_CLASSES_ROOT\Softonic.dskBnd] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon] @="{dd230880-495a-11d1-b064-008048ec2fc5}" [HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}] 2012-12-20 17:20 459784 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968] "GAINWARD"="c:\program files (x86)\EXPERTool\TBPanel.exe" [2011-04-08 2265416] "icq"="c:\users\User\AppData\Roaming\ICQM\icq.exe" [2013-04-12 27598184] "Snoozer"="c:\users\User\AppData\Roaming\Snz\Snz.exe" [2013-08-28 1137764] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "P17RunE"="P17RunE.dll" [2008-03-28 14848] "Diamondback"="c:\program files (x86)\Razer\Diamondback 3G\razerhid.exe" [2007-08-01 147456] "VolPanel"="c:\program files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe" [2008-05-05 221300] "KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-07-15 311152] "ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-06-06 1564872] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720] "SweetIM"="c:\program files (x86)\SweetIM\Messenger\SweetIM.exe" [2012-05-29 115032] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] "DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-08-21 450560] "AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe" [2013-10-17 356128] "vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2013-10-02 2404376] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392] "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-08-29 1861968] "TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2013-09-24 295512] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] . c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ net.lnk - c:\users\User\AppData\Roaming\Windows Net Data\net.exe [2013-9-26 709120] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "Userinit"="userinit.exe" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 . R4 AddonsHelper;AddonsHelper;c:\users\User\AppData\Local\Temp\OCS\Downloads\e176f0d38725557d997a73fca0b80043\8a2438a7aa1e858526caff1f4deab159\AddonsHelpe r.exe;c:\users\User\AppData\Local\Temp\OCS\Downloads\e176f0d38725557d997a73fca0b80043\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe [x] . . --- Andere Dienste/Treiber im Speicher --- . *NewlyCreated* - WS2IFSL . HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs Themes . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-09-21 07:18 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe . Inhalt des "geplante Tasks" Ordners . 2013-10-16 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-12 05:49] . 2013-07-06 c:\windows\Tasks\Feven-chromeinstaller.job - c:\program files (x86)\Feven\Feven-chromeinstaller.exe [2013-07-06 05:30] . 2013-07-06 c:\windows\Tasks\Feven-codedownloader.job - c:\program files (x86)\Feven\Feven-codedownloader.exe [2013-07-06 05:31] . 2013-07-06 c:\windows\Tasks\Feven-enabler.job - c:\program files (x86)\Feven\Feven-enabler.exe [2013-07-06 05:31] . 2013-07-06 c:\windows\Tasks\Feven-firefoxinstaller.job - c:\program files (x86)\Feven\Feven-firefoxinstaller.exe [2013-07-06 05:31] . 2013-07-06 c:\windows\Tasks\Feven-updater.job - c:\program files (x86)\Feven\Feven-updater.exe [2013-07-06 05:31] . 2013-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore1ce822718b863c0.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-20 09:06] . 2013-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-20 09:06] . 2013-07-08 c:\windows\Tasks\Plus-HD-1.3-chromeinstaller.job - c:\program files (x86)\Plus-HD-1.3\Plus-HD-1.3-chromeinstaller.exe [2013-07-08 06:59] . 2013-07-08 c:\windows\Tasks\Plus-HD-1.3-codedownloader.job - c:\program files (x86)\Plus-HD-1.3\Plus-HD-1.3-codedownloader.exe [2013-07-08 06:59] . 2013-07-08 c:\windows\Tasks\Plus-HD-1.3-enabler.job - c:\program files (x86)\Plus-HD-1.3\Plus-HD-1.3-enabler.exe [2013-07-08 07:00] . 2013-07-08 c:\windows\Tasks\Plus-HD-1.3-firefoxinstaller.job - c:\program files (x86)\Plus-HD-1.3\Plus-HD-1.3-firefoxinstaller.exe [2013-07-08 06:59] . 2013-07-08 c:\windows\Tasks\Plus-HD-1.3-updater.job - c:\program files (x86)\Plus-HD-1.3\Plus-HD-1.3-updater.exe [2013-07-08 07:00] . 2013-05-19 c:\windows\Tasks\Plus-HD-1.8-chromeinstaller.job - c:\program files (x86)\Plus-HD-1.8\Plus-HD-1.8-chromeinstaller.exe [2013-05-19 15:15] . 2013-05-19 c:\windows\Tasks\Plus-HD-1.8-codedownloader.job - c:\program files (x86)\Plus-HD-1.8\Plus-HD-1.8-codedownloader.exe [2013-05-19 15:15] . 2013-05-19 c:\windows\Tasks\Plus-HD-1.8-enabler.job - c:\program files (x86)\Plus-HD-1.8\Plus-HD-1.8-enabler.exe [2013-05-19 15:15] . 2013-05-19 c:\windows\Tasks\Plus-HD-1.8-firefoxinstaller.job - c:\program files (x86)\Plus-HD-1.8\Plus-HD-1.8-firefoxinstaller.exe [2013-05-19 15:15] . 2013-05-19 c:\windows\Tasks\Plus-HD-1.8-updater.job - c:\program files (x86)\Plus-HD-1.8\Plus-HD-1.8-updater.exe [2013-05-19 15:15] . 2013-07-22 c:\windows\Tasks\Plus-HD-2.3-chromeinstaller.job - c:\program files (x86)\Plus-HD-2.3\Plus-HD-2.3-chromeinstaller.exe [2013-07-22 10:29] . 2013-07-22 c:\windows\Tasks\Plus-HD-2.3-codedownloader.job - c:\program files (x86)\Plus-HD-2.3\Plus-HD-2.3-codedownloader.exe [2013-07-22 10:29] . 2013-07-22 c:\windows\Tasks\Plus-HD-2.3-enabler.job - c:\program files (x86)\Plus-HD-2.3\Plus-HD-2.3-enabler.exe [2013-07-22 10:29] . 2013-07-22 c:\windows\Tasks\Plus-HD-2.3-firefoxinstaller.job - c:\program files (x86)\Plus-HD-2.3\Plus-HD-2.3-firefoxinstaller.exe [2013-07-22 10:29] . 2013-07-22 c:\windows\Tasks\Plus-HD-2.3-updater.job - c:\program files (x86)\Plus-HD-2.3\Plus-HD-2.3-updater.exe [2013-07-22 10:29] . 2013-09-26 c:\windows\Tasks\Plus-HD-3.8-chromeinstaller.job - c:\program files (x86)\Plus-HD-3.8\Plus-HD-3.8-chromeinstaller.exe [2013-09-26 10:03] . 2013-09-26 c:\windows\Tasks\Plus-HD-3.8-codedownloader.job - c:\program files (x86)\Plus-HD-3.8\Plus-HD-3.8-codedownloader.exe [2013-09-26 10:03] . 2013-09-26 c:\windows\Tasks\Plus-HD-3.8-enabler.job - c:\program files (x86)\Plus-HD-3.8\Plus-HD-3.8-enabler.exe [2013-09-26 10:04] . 2013-09-26 c:\windows\Tasks\Plus-HD-3.8-firefoxinstaller.job - c:\program files (x86)\Plus-HD-3.8\Plus-HD-3.8-firefoxinstaller.exe [2013-09-26 10:03] . 2013-09-26 c:\windows\Tasks\Plus-HD-3.8-updater.job - c:\program files (x86)\Plus-HD-3.8\Plus-HD-3.8-updater.exe [2013-09-26 10:04] . 2013-09-24 c:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2622127104-3349807106-840860686-1000.job - c:\program files (x86)\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13] . 2012-03-25 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2622127104-3349807106-840860686-1000.job - c:\program files (x86)\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13] . 2013-09-11 c:\windows\Tasks\ReclaimerResumeInstall_User.job - c:\users\User\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-09-11 05:31] . 2013-07-06 c:\windows\Tasks\Software Updater.job - c:\program files (x86)\SelfUpdater\SoftwareUpdater.Bootstrapper.exe [2013-03-12 05:21] . 2012-03-25 c:\windows\Tasks\SystweakAdvancedDriverUpdaterRunAtStartup.job - c:\program files (x86)\Advanced Driver Updater\adu.exe [2011-08-02 16:16] . 2013-07-24 c:\windows\Tasks\User_Feed_Synchronization-{7D800EA4-AEB3-4E16-AA3B-A96CCE4DD79D}.job - c:\windows\system32\msfeedssync.exe [2011-05-26 16:46] . 2010-10-09 c:\windows\Tasks\{03BA6005-F911-4FEC-9178-9913456B6B8C}.job - c:\program files (x86)\Skype\Phone\Skype.exe [2013-04-19 13:19] . 2011-08-18 c:\windows\Tasks\{25949BD3-CB5B-4423-A287-FAD1A14D3031}.job - c:\program files (x86)\Skype\Phone\Skype.exe [2013-04-19 13:19] . 2011-06-17 c:\windows\Tasks\{7C356296-2E00-4D66-A725-228473CE8776}.job - c:\program files (x86)\Skype\Phone\Skype.exe [2013-04-19 13:19] . 2011-10-21 c:\windows\Tasks\{86CED08D-A7AA-4BAE-A649-FF86FF6AB7BD}.job - c:\program files (x86)\Skype\Phone\Skype.exe [2013-04-19 13:19] . 2011-02-21 c:\windows\Tasks\{A8B90A61-A301-4DEE-A4C4-14469632EB60}.job - c:\program files (x86)\Skype\Phone\Skype.exe [2013-04-19 13:19] . 2010-09-26 c:\windows\Tasks\{D8F637E3-D0D9-43B5-871F-FCAEE0775CAD}.job - c:\program files (x86)\Skype\Phone\Skype.exe [2013-04-19 13:19] . 2011-05-21 c:\windows\Tasks\{DD7517F0-DB25-475B-82EE-99F36813E40C}.job - c:\program files (x86)\Skype\Phone\Skype.exe [2013-04-19 13:19] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon] @="{dd230880-495a-11d1-b064-008048ec2fc5}" [HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}] 2012-12-20 17:22 492040 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184] "Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-08-27 1028896] . ------- Zusätzlicher Suchlauf ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p13_serp_ie_de_display?ie=UTF8&tagbase=bds-p13&tbrId=v1_abb-channel-13_adeece99ba0b4d33bffcefd967f54842_30_39_20130312_DE_ie_sp_ uDefault_Search_URL = hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q= mStart Page = about:newtab mDefault_Search_URL = hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q= mSearch Page = hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q= mLocal Page = c:\windows\SysWOW64\blank.htm mSearch Bar = hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q= uInternet Settings,ProxyOverride = *.local mSearchAssistant = IE: Hinzufügen zu Anti-Banner - c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm IE: Kaspersky PURE - c:\progra~2\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll/616 IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Web-Suche - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html IE: {{54E67346-EE5A-45B6-82AA-4F0BB28C79C2} - {54E67346-EE5A-45B6-82AA-4F0BB28C79C2} - c:\program files (x86)\iRobinHood\iRobinHood Addon\iRobinHood.dll TCP: DhcpNameServer = 192.168.2.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\ FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: keyword.URL - hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q= FF - ExtSQL: 2013-09-03 16:41; battlefieldplay4free@ea.com; c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\extensions\battlefieldplay4free@ea.com FF - ExtSQL: 2013-09-24 08:29; {DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}; c:\programdata\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF - ExtSQL: 2013-09-26 12:03; {F58A62EB-38DC-43C4-A539-DC52E135208D}; c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D} FF - ExtSQL: 2013-09-26 12:24; EFGLQA@78ETGYN-0W7FN789T87.COM; c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\extensions\EFGLQA@78ETGYN-0W7FN789T87.COM FF - ExtSQL: 2013-09-26 14:03; {ad7ef860-f366-4be1-8d12-4363b9356947}; c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\extensions\{ad7ef860-f366-4be1-8d12-4363b9356947} FF - ExtSQL: 2013-10-19 11:36; DefaultManager@Microsoft; c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\extensions\DefaultManager@Microsoft FF - ExtSQL: !HIDDEN! 2013-07-20 15:07; pluswinks@PlusWinks; c:\users\User\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks FF - ExtSQL: !HIDDEN! 2013-07-20 15:35; speedanalysis02@SpeedAnalysis.com; c:\users\User\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com FF - ExtSQL: !HIDDEN! 2013-07-20 15:35; zulagames@ZulaGames.com; c:\users\User\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com FF - ExtSQL: !HIDDEN! 2013-09-25 09:12; firejump@firejump.net; c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\extensions\firejump@firejump.net FF - user.js: extensions.Softonic.hpOld0 - about:home FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=1&cc=&mi=9441a9b700000000000000ff231a40f6&q= FF - user.js: extensions.Softonic.id - 9441a9b700000000000000ff231a40f6 FF - user.js: extensions.Softonic.appId - {7ABBFE1C-E485-44AA-8F36-353751B4124D} FF - user.js: extensions.Softonic.instlDay - 15974 FF - user.js: extensions.Softonic.vrsn - 1.8.19.3 FF - user.js: extensions.Softonic.vrsni - 1.8.19.3 FF - user.js: extensions.Softonic.vrsnTs - 1.8.19.312:40 FF - user.js: extensions.Softonic.prtnrId - softonic FF - user.js: extensions.Softonic.prdct - Softonic FF - user.js: extensions.Softonic.aflt - SD FF - user.js: extensions.Softonic.smplGrp - none FF - user.js: extensions.Softonic.tlbrId - 2013desingbrand FF - user.js: extensions.Softonic.instlRef - MOY00009 FF - user.js: extensions.Softonic.dfltLng - de FF - user.js: extensions.Softonic.excTlbr - false FF - user.js: extensions.Softonic.ffxUnstlRst - false FF - user.js: extensions.Softonic.admin - false FF - user.js: extensions.Softonic.autoRvrt - false FF - user.js: extensions.Softonic.rvrt - false FF - user.js: extensions.Softonic.hmpg - true FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=13&cc=&mi=9441a9b700000000000000ff231a40f6 FF - user.js: extensions.Softonic.dfltSrch - true FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic) FF - user.js: extensions.Softonic.kw_url - hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=2&cc=&mi=9441a9b700000000000000ff231a40f6&q= FF - user.js: extensions.Softonic.dnsErr - true FF - user.js: extensions.Softonic.newTab - true FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/MOY00009/tb_v1/?SearchSource=15&cc=&mi=9441a9b700000000000000ff231a40f6 . - - - - Entfernte verwaiste Registrierungseinträge - - - - . BHO-{1631550F-191D-4826-B069-D9439253D926} - c:\program files (x86)\PriceGong\2.6.7\PriceGongIE.dll BHO-{398C01F1-E584-46AD-A649-4F78B435DCFE} - c:\program files (x86)\LyricsFinder\lfind.dll BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) BHO-{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - c:\program files (x86)\DealPly\DealPlyIE.dll BHO-{E4E6BF2A-1667-11DF-A01F-1F9655D89593} - (no file) BHO-{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - c:\program files (x86)\PricePeep\pricepeep.dll Toolbar-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) Wow6432Node-HKCU-Run-OMESupervisor - c:\users\User\AppData\Local\omesuperv.exe Wow6432Node-HKLM-Run-<NO NAME> - (no file) SafeBoot-WudfPf SafeBoot-WudfRd BHO-{3706EE7C-3CAD-445D-8A43-03EBC3B75908} - c:\program files (x86)\Expat Shield\HssIE\ExpatIE_64.dll WebBrowser-{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - (no file) WebBrowser-{B106B661-3E1B-4015-AF5C-195E909F35C6} - (no file) AddRemove-BabylonToolbar - c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.8.0.7\uninstall.exe AddRemove-bi_uninstaller - c:\users\User\Local Settings\Application Data\Bundled software uninstaller\biclient.exe AddRemove-coollrcs@coolzone.co - c:\program files (x86)\CoolLyrics\uninstall.exe AddRemove-DealPly - c:\program files (x86)\DealPly\uninst.exe AddRemove-lfind@nijadsoft.net - c:\program files (x86)\LyricsFinder\uninstall.exe AddRemove-PlusWinks - c:\program files (x86)\Cool Smiley Bar for Facebook\uninst.exe AddRemove-PriceGong - c:\program files (x86)\PriceGong\uninst.exe AddRemove-PricePeep - c:\program files (x86)\PricePeep\uninstall.exe AddRemove-singalong@xenophesoft.com - c:\program files (x86)\SingAlong\uninstall.exe AddRemove-Updater Service - c:\windows\system32\dmwu.exe AddRemove-Vodafone WCDMA Composite Device Drive - c:\windows\system32\Samsung_USB_Drivers\4\SSVDUninstall.exe AddRemove-WebMediaPlayer - c:\program files (x86)\WebMediaPlayer\uninst.exe AddRemove-{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} - c:\programdata\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe AddRemove-{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 - c:\program files (x86)\Complitly\unins000.exe AddRemove-3367472892.portal.qtrax.com - c:\program files (x86)\Microsoft Silverlight\5.1.20513.0\Silverlight.Configuration.exe AddRemove-DSite - c:\users\User\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe AddRemove-FoxTab Media Player - c:\program files (x86)\FoxTabFLVPlayer\Uninstall\Uninstall.exe AddRemove-PiccShare - c:\users\User\AppData\Local\ext_piccshare_uninst.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_USERS\S-1-5-21-2622127104-3349807106-840860686-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{a25e7121-3dd8-41b3-855b-756c5bc45449}] @Denied: (A 2) (Administrators) @Denied: (A 2) (S-1-5-21-2622127104-3349807106-840860686-1000) @Allowed: (Read) (RestrictedCode) "Flags"=dword:00000400 . [HKEY_USERS\S-1-5-21-2622127104-3349807106-840860686-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] @Allowed: (Read) (RestrictedCode) "??"=hex:38,6d,90,74,34,a2,d1,d7,f3,66,e1,a9,b6,9e,35,5f,ba,6b,93,14,80,a7,79, 86,e7,35,cd,c6,12,1b,c6,76,ae,cb,32,d1,53,40,65,b3,fa,fa,0d,e4,85,89,c6,fc,\ "??"=hex:60,6d,eb,71,0e,20,dc,bd,0c,b9,91,5e,2b,9c,6f,76 . [HKEY_USERS\S-1-5-21-2622127104-3349807106-840860686-1000\Software\SecuROM\License information*] "datasecu"=hex:60,0c,00,52,f5,3d,e5,15,b2,b7,19,ff,c8,4a,4c,98,13,df,b1,f2,d6, ce,fe,63,7d,6f,89,e0,32,ea,0f,28,f7,1d,2f,95,35,66,ee,2d,5c,21,da,ba,a0,0c,\ "rkeysecu"=hex:52,26,9b,1b,f0,a5,58,79,5a,1c,17,16,39,a2,60,e9 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}] @Denied: (A 2) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0] @="Shockwave Flash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] @Denied: (A 2) (Everyone) @="" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0] @="FlashBroker" . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows CE Services] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes] "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . ------------------------ Weitere laufende Prozesse ------------------------ . c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe c:\windows\SysWOW64\PnkBstrA.exe c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe c:\program files\Updater By Sweetpacks\ExtensionUpdaterService.exe c:\program files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe c:\program files (x86)\Wajam\Updater\WajamUpdater.exe c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe c:\windows\SysWOW64\rundll32.exe c:\program files (x86)\Razer\Diamondback 3G\razertra.exe c:\program files (x86)\Razer\Diamondback 3G\razerofa.exe c:\program files (x86)\Internet Explorer\iexplore.exe c:\program files (x86)\Internet Explorer\iexplore.exe c:\program files (x86)\plus-hd-1.3\plus-hd-1.3-bg.exe c:\program files (x86)\feven\feven-bg.exe c:\program files (x86)\plus-hd-1.8\plus-hd-1.8-bg.exe c:\program files (x86)\plus-hd-2.3\plus-hd-2.3-bg.exe c:\program files (x86)\Speed Analysis 2\BackgroundHost.exe c:\program files (x86)\Zula Games\BackgroundHost.exe c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBarSSB.3.0.dll c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\klwtblfs.exe c:\windows\SysWOW64\conime.exe . ************************************************************************** . Zeit der Fertigstellung: 2013-10-25 07:43:12 - PC wurde neu gestartet ComboFix-quarantined-files.txt 2013-10-25 05:43 . Vor Suchlauf: 20 Verzeichnis(se), 213.786.955.776 Bytes frei Nach Suchlauf: 25 Verzeichnis(se), 216.877.199.360 Bytes frei . - - End Of File - - D2F38B9F599D31BD128854736662AA01 5C616939100B85E558DA92B899A0FC36 war leider nur so möglich. |
|
25.10.2013, 08:49
| #5 |
| /// the machine /// TB-Ausbilder | Problem mit getwindowinfo Bitte in Codetags posten, das geht. Bitte lade den Suspicious File Packer von hier runter: http://www.safer-networking.org/files/sfp.zip
Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.10.2013, 10:15
| #6 |
| | Problem mit getwindowinfoCode:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows (TM) Vista Home Premium x64
Ran by User on 25.10.2013 at 10:59:53,35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Successfully stopped: [Service] addonshelper
Successfully deleted: [Service] addonshelper
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apnupdater
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440}
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.babylonesrvc
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.babylonesrvc.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sim-packages
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\vafplayer
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{8D5CFE57-B0FD-4396-97A2-DFD0B7DA935B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\babylonhelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\complitly.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\extension.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\genericasktoolbar.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\hometab.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\priam_bho.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\pricegongie.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\pricepeep.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\viprotocol.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\yontooieclient.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1631550F-191D-4826-B069-D9439253D926}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1E44819B-54E1-411B-9D9F-38D7B913BCF2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{398C01F1-E584-46AD-A649-4F78B435DCFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{553318DA-D010-469E-84B1-496563CAE1C0}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{886634B3-7045-443A-A52B-E83AD1A90391}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A1EC45B2-B5F7-4B87-955E-E97F778ACAE8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B71E4FEB-89F8-4ACB-A60F-A7DE399119AE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C46EFEA4-B0F3-428B-9E77-650E3634EC56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D2C54F93-A898-437F-AE89-7BDD918954A5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F816170D-C994-4B74-B9A4-234C3838C9EB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C17A0751-580B-466B-8271-5C73EFDC1295}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{58B41DCD-55B2-48EB-A55A-E330070FFC00}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9BA19DB8-5C5A-4C13-AEEB-A1336113333E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\complitly
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dealply
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\delta
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\distromatic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dsiteproducts
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\funmoods
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\hometab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\httogroup
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminent
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\mixidj
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\performersoft llc
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\piccshare
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\qtrax
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbarbackup
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbarlog
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\somoto
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\tuguu sl
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wajam
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wnlt
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\coollyrics
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\lyricsfinder
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\plus-hd-1.3
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\plus-hd-2.3
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricepeep
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\Qtrax
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\web-suche
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2622127104-3349807106-840860686-1000\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dealply
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\delta
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\desksvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\esafeseccontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\mixidj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\softonic
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\alxssb.alxtbssb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\alxssb.alxtbssb.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\b
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\babylon.dskbnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\babylon.dskbnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylnapp.appcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylnapp.appcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\conduit.engine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltaappcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltaappcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\escort.escrtbtn.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.holasearchesrvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.holasearchesrvc.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\holasearch.holasearchappcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\holasearch.holasearchappcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\holasearch.holasearchdskbnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\holasearch.holasearchdskbnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\holasearch.holasearchhlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\holasearch.holasearchhlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.bandobjectattribute
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.bho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.dockingpanel
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.iesmartbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.iesmartbarbandobject
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.smartbardisplaystate
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.smartbarmenuform
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mixidj.mixidjappcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mixidj.mixidjappcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\softonicapp.appcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\softonicapp.appcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\speedupmypc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\srv.softonicsrvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\srv.softonicsrvc.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.notificationsource
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.notificationsource.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.sourcesinkimpl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.sourcesinkimpl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.toolbarinfo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.toolbarinfo.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5882DB3D-175D-4CDC-A030-1B7EC2BC8EC6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\babylontoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\dealply
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\delta
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\delta chrome toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\domaiq uninstaller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\filesfrog update checker
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\foxydeal
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\hola chrome toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\holasearch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\mixidj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\openit open it!
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\plus-hd-2.3
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\pricegong
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\pricepeep
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchthewebarp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\softonic
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\softwareupdater
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\speed analysis 2
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15d2d75c-9cb2-4efd-bad7-b9b4cb4bc693}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4ffbb818-b13c-11e0-931d-b2664824019b}_is1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7683b745-6060-41fd-aa75-0bbb383fead4}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{83aa2913-c123-4146-85bd-ad8f93971d39}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86d4b82a-abed-442a-be86-96357b70f4fe}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{d85ffe92-bf14-4e9b-bccd-e5c16069e65f}_is1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ebe677c0-cbcb-4ebf-8098-e27e1b5271cf}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0031257.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0031257.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0031257.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0031554.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0031554.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0031554.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0032540.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0032540.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0032540.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0033426.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0033426.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0033426.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0039030.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0039030.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0039030.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311121157}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311151154}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311251140}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311341126}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311901130}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322122257}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322152254}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322252240}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322342226}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322902230}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355125557}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355155554}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355255540}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355345526}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355905530}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366126657}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366156654}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366256640}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366346626}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366906630}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311121157}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311151154}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311251140}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311341126}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311901130}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322122257}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322152254}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322252240}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322342226}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322902230}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550355125557}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550355155554}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550355255540}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550355345526}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550355905530}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366126657}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366156654}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366256640}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366346626}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366906630}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0031257.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0031257.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0031257.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0031554.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0031554.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0031554.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0032540.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0032540.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0032540.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0033426.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0033426.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0033426.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0039030.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0039030.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0039030.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2475029
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2801937
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355125557}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355155554}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355255540}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355345526}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355905530}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366126657}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366156654}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366256640}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366346626}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366906630}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311121157}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311151154}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311251140}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311341126}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311901130}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311121157}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311151154}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311251140}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311341126}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311901130}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311121157}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311151154}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311251140}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311341126}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311901130}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550355125557}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550355155554}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550355255540}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550355345526}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550355905530}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366126657}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366156654}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366256640}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366346626}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366906630}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311121157}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311151154}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311251140}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341126}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311901130}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{47695818-E252-44F9-81C8-40BCF7702D52}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7AD2AA02-5AC2-4ABA-9B31-F09558641CE6}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{398C01F1-E584-46AD-A649-4F78B435DCFE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{553318DA-D010-469E-84B1-496563CAE1C0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{627AF46B-2076-42AE-A2FD-8428734D3E74}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B106B661-3E1B-4015-AF5C-195E909F35C6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C4B8BAB4-1667-11DF-A242-BA9455D89593}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4E6BF2A-1667-11DF-A01F-1F9655D89593}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9fdfb66c-713b-4201-83a6-5b78ae227b41}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9fdfb66c-713b-4201-83a6-5b78ae227b41}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a25e7121-3dd8-41b3-855b-756c5bc45449}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{a25e7121-3dd8-41b3-855b-756c5bc45449}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b106b661-3e1b-4015-af5c-195e909f35c6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{b106b661-3e1b-4015-af5c-195e909f35c6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DEDAF650-12B8-48f5-A843-BBA100716106}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DEDAF650-12B8-48f5-A843-BBA100716106}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DFF9B2DA-EF99-4B26-83CB-7058299999D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DFF9B2DA-EF99-4B26-83CB-7058299999D8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_current_user\software\ask.com"
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\apn"
Successfully deleted: [Registry Key] "hkey_local_machine\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\appid\{9b0cb95c-933a-4b8c-b6d4-edcd19a43874}"
~~~ Files
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.3-chromeinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.3-codedownloader.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.3-enabler.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.3-firefoxinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.3-updater.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.8-chromeinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.8-codedownloader.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.8-enabler.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.8-firefoxinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.8-updater.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-2.3-enabler.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-2.3-firefoxinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-2.3-updater.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-3.8-chromeinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-3.8-codedownloader.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-3.8-enabler.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-3.8-firefoxinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-3.8-updater.job
Failed to delete: [File] "C:\Users\User\appdata\local\google\chrome\user data\default\ext_piccshare"
Successfully deleted: [File] "C:\Users\User\appdata\local\google\chrome\user data\default\local storage\http_start.iminent.com_0.localstorage"
Successfully deleted: [File] "C:\Users\User\appdata\local\google\chrome\user data\default\local storage\http_start.iminent.com_0.localstorage-journal"
Successfully deleted: [File] "C:\Users\User\appdata\local\google\chrome\user data\default\local storage\http_www1.delta-search.com_0.localstorage"
Successfully deleted: [File] "C:\Users\User\appdata\local\google\chrome\user data\default\local storage\http_www1.delta-search.com_0.localstorage-journal"
Successfully deleted: [File] "C:\Users\User\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com"
Successfully deleted: [File] "C:\Users\Public\Desktop\open it!.lnk"
Successfully deleted: [File] "C:\Users\User\AppData\Roaming\microsoft\windows\start menu\programs\qtrax player.lnk"
Successfully deleted: [File] "C:\Windows\syswow64\conduitengine.tmp"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\esafe"
Successfully deleted: [Folder] "C:\ProgramData\pc optimizer pro"
Successfully deleted: [Folder] "C:\ProgramData\sweetim"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\babsolution"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\complitly"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\datamgr"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\dealply"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\delta"
Failed to delete: [Folder] "C:\Users\User\AppData\Roaming\desk 365"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\digitalsite"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\dsite"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\file scout"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\funmoods"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\intermediate"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\mixidj"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\pccustubinstaller"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\pdfforge"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\performersoft"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\pluswinks"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\scheck"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\simplytech"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\softonic"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\ssync"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\yontoo"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\zulagames"
Successfully deleted: [Folder] "C:\Users\User\appdata\local\amazon browser bar"
Successfully deleted: [Folder] "C:\Users\User\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\User\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\User\appdata\local\downloadguide"
Successfully deleted: [Folder] "C:\Users\User\appdata\local\ext_piccshare"
Failed to delete: [Folder] "C:\Users\User\appdata\local\smartbar"
Successfully deleted: [Folder] "C:\Users\User\appdata\local\televisionfanatic"
Successfully deleted: [Folder] "C:\Users\User\appdata\local\wajam"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\delta"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\mixidj"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\myashampoo"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\simplytech"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\simppulltoolbar"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\smartbar"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\softonic"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\televisionfanaticei"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\toolbar4"
Failed to delete: [Folder] "C:\Program Files (x86)\amazon browser bar"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Failed to delete: [Folder] "C:\Program Files (x86)\delta"
Successfully deleted: [Folder] "C:\Program Files (x86)\filesfrog update checker"
Successfully deleted: [Folder] "C:\Program Files (x86)\free offers from freeze.com"
Successfully deleted: [Folder] "C:\Program Files (x86)\inbox toolbar"
Failed to delete: [Folder] "C:\Program Files (x86)\mixidj"
Successfully deleted: [Folder] "C:\Program Files (x86)\myashampoo"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"
Failed to delete: [Folder] "C:\Program Files (x86)\openit"
Successfully deleted: [Folder] "C:\Program Files (x86)\pc speed maximizer"
Failed to delete: [Folder] "C:\Program Files (x86)\simppulltoolbar"
Failed to delete: [Folder] "C:\Program Files (x86)\softonic"
Successfully deleted: [Folder] "C:\Program Files (x86)\sweetim"
Successfully deleted: [Folder] "C:\Program Files (x86)\tuguu sl"
Successfully deleted: [Folder] "C:\Program Files (x86)\w3i, llc"
Failed to delete: [Folder] "C:\Program Files (x86)\wajam"
Failed to delete: [Folder] "C:\Program Files (x86)\yontoo"
Failed to delete: [Folder] "C:\Program Files (x86)\zula games"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dealply"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\open it!"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\microsoft\windows\start menu\programs\dealply"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\microsoft\windows\start menu\programs\filesfrog update checker"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\microsoft\windows\start menu\programs\wajam"
Successfully deleted: [Folder] "C:\Windows\syswow64\arfc"
Successfully deleted: [Folder] "C:\Windows\syswow64\jmdp"
Successfully deleted: [Folder] "C:\Windows\syswow64\wnlt"
Successfully deleted: [Folder] "C:\Users\User\music\qtrax media library"
Successfully deleted: [Folder] "C:\Users\User\qtrax"
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{55E8C11A-29F3-4036-ABD4-CB97F2158E9A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{60E21CC1-DE5F-4E1C-B784-CAFC20EEB4ED}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6EEAA5A0-25F5-41F5-84E7-511B12215B09}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D5E7B1F8-BB83-4166-9AE5-07DB752732EA}
Successfully deleted: [Folder] "C:\ProgramData\ask"
Failed to delete: [Folder] "C:\Users\User\appdata\locallow\asktoolbar"
Failed to delete: [Folder] "C:\Program Files (x86)\ask.com"
Successfully deleted: [Folder] "C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}"
~~~ FireFox
Successfully deleted: [File] C:\user.js
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\web search.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\web search.xml"
Successfully deleted: [File] C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\lcrz3lot.default\user.js
Successfully deleted: [File] C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\lcrz3lot.default\bprotector_extensions.sqlite
Successfully deleted: [File] C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\lcrz3lot.default\bprotector_prefs.js
Successfully deleted: [File] C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\lcrz3lot.default\searchplugins\softonic.xml
Successfully deleted: [File] C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\lcrz3lot.default\searchplugins\web search.xml
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\lfind@nijadsoft.net
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\singalong@xenophesoft.com
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\zulagames@zulagames.com
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\zulagames@zulagames.com
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}
Successfully deleted the following from C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\lcrz3lot.default\prefs.js
user_pref("browser.search.defaultengine", "Web Search");
user_pref("browser.search.order.1", "Web Search");
user_pref("extensions.Softonic.admin", false);
user_pref("extensions.Softonic.aflt", "SD");
user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
user_pref("extensions.Softonic.autoRvrt", "false");
user_pref("extensions.Softonic.dfltLng", "de");
user_pref("extensions.Softonic.dfltSrch", true);
user_pref("extensions.Softonic.dnsErr", true);
user_pref("extensions.Softonic.excTlbr", false);
user_pref("extensions.Softonic.ffxUnstlRst", false);
user_pref("extensions.Softonic.hmpg", true);
user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=13&cc=&mi=9441a9b700000000000000ff231a40f6");
user_pref("extensions.Softonic.hpOld0", "about:home");
user_pref("extensions.Softonic.id", "9441a9b700000000000000ff231a40f6");
user_pref("extensions.Softonic.instlDay", "15974");
user_pref("extensions.Softonic.instlRef", "MOY00009");
user_pref("extensions.Softonic.kw_url", "hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=2&cc=&mi=9441a9b700000000000000ff231a40f6&q=");
user_pref("extensions.Softonic.newTab", true);
user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00009/tb_v1/?SearchSource=15&cc=&mi=9441a9b700000000000000ff231a40f6");
user_pref("extensions.Softonic.prdct", "Softonic");
user_pref("extensions.Softonic.prtnrId", "softonic");
user_pref("extensions.Softonic.rvrt", "false");
user_pref("extensions.Softonic.smplGrp", "none");
user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
user_pref("extensions.Softonic.tlbrId", "2013desingbrand");
user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=1&cc=&mi=9441a9b700000000000000ff231a40f6&q=");
user_pref("extensions.Softonic.vrsn", "1.8.19.3");
user_pref("extensions.Softonic.vrsnTs", "1.8.19.312:40:00");
user_pref("extensions.Softonic.vrsni", "1.8.19.3");
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.backgroundjs", "\n\n/****************************************************
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/530e52021dc20843b1aa62957edeb9f8.value", "%22var%20adsDe
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9.value", "%22function%20
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/833447eaff04548ccb80787286a7cad9_DE.value", "%22var%20ca
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/d5baae4ef839769f8eb7e9f9d82d8a40_DE.value", "%22var%20ca
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.js", "\n\n /************************************************************
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_102.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_104.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_119.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_120.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_123.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_13.name", "CrossriderAppUtils");
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_138.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_14.name", "CrossriderUtils");
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_155.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBack
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQu
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){va
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.res
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_78.name", "CrossriderInfo");
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_87.code", "var CROSSRIDER_PLATFORM=true;var JQ=bbrsJQ=$jqu
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_9.code", "appAPI.hooks.addHook(\"searchEngine\",(function(
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_91.code", "(function(h){var p=(function(){var R=0;var Z=\"
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_92.code", "if(typeof appAPI.internal.monetization===\"unde
user_pref("extensions.crossrider.bic", "14159cc9929b6ef49793f76076583bcb");
user_pref("iminent.LayoutId", "1");
user_pref("iminent.ShowThankyouPixel", "0");
user_pref("iminent.version", "7.36.1.1");
user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.36.1.1\",\"InstallEventCTime\":1380158834287,\"InstallEvent\":\"True\"}");
user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q=");
user_pref("om.config", "{\"active\":true,\"name\":\"twde\",\"id\":25,\"dispId\":\"CH-25\",\"aboutLink\":\"\",\"trackingGeneral\":true,\"gaAccount\":\"UA-39484183-1\",\"gaDomai
Emptied folder: C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\lcrz3lot.default\minidumps [8 files]
~~~ Chrome
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\docfnddcclkgokdfpnmngpiliiachclb
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\fagpjgjmoaccgkkpjeoinehnoaimnbla
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\gnbcopcndefcccgdofjadnafjljgofam
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\ojcgaoafcmbadjkfdippkdddgkeaipbn
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\docfnddcclkgokdfpnmngpiliiachclb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\fagpjgjmoaccgkkpjeoinehnoaimnbla
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\gnbcopcndefcccgdofjadnafjljgofam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\mocblcnaofikinigmceddfghppkkjbog
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.10.2013 at 11:05:24,05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
25.10.2013, 10:17
| #7 |
| | Problem mit getwindowinfoCode:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows (TM) Vista Home Premium x64
Ran by User on 25.10.2013 at 10:59:53,35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Successfully stopped: [Service] addonshelper
Successfully deleted: [Service] addonshelper
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apnupdater
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440}
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.babylonesrvc
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.babylonesrvc.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sim-packages
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\vafplayer
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{8D5CFE57-B0FD-4396-97A2-DFD0B7DA935B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\babylonhelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\complitly.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\extension.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\genericasktoolbar.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\hometab.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\priam_bho.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\pricegongie.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\pricepeep.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\viprotocol.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\yontooieclient.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1631550F-191D-4826-B069-D9439253D926}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1E44819B-54E1-411B-9D9F-38D7B913BCF2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{398C01F1-E584-46AD-A649-4F78B435DCFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{553318DA-D010-469E-84B1-496563CAE1C0}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{886634B3-7045-443A-A52B-E83AD1A90391}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A1EC45B2-B5F7-4B87-955E-E97F778ACAE8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B71E4FEB-89F8-4ACB-A60F-A7DE399119AE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C46EFEA4-B0F3-428B-9E77-650E3634EC56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D2C54F93-A898-437F-AE89-7BDD918954A5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F816170D-C994-4B74-B9A4-234C3838C9EB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C17A0751-580B-466B-8271-5C73EFDC1295}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{58B41DCD-55B2-48EB-A55A-E330070FFC00}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9BA19DB8-5C5A-4C13-AEEB-A1336113333E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\complitly
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dealply
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\delta
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\distromatic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dsiteproducts
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\funmoods
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\hometab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\httogroup
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminent
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\mixidj
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\performersoft llc
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\piccshare
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\qtrax
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbarbackup
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbarlog
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\somoto
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\tuguu sl
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wajam
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wnlt
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\coollyrics
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\lyricsfinder
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\plus-hd-1.3
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\plus-hd-2.3
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricepeep
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\Qtrax
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\web-suche
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2622127104-3349807106-840860686-1000\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dealply
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\delta
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\desksvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\esafeseccontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\mixidj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\softonic
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\alxssb.alxtbssb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\alxssb.alxtbssb.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\b
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\babylon.dskbnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\babylon.dskbnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylnapp.appcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylnapp.appcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\conduit.engine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltaappcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltaappcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\escort.escrtbtn.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.holasearchesrvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.holasearchesrvc.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\holasearch.holasearchappcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\holasearch.holasearchappcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\holasearch.holasearchdskbnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\holasearch.holasearchdskbnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\holasearch.holasearchhlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\holasearch.holasearchhlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.bandobjectattribute
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.bho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.dockingpanel
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.iesmartbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.iesmartbarbandobject
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.smartbardisplaystate
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.smartbarmenuform
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mixidj.mixidjappcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mixidj.mixidjappcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\softonicapp.appcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\softonicapp.appcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\speedupmypc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\srv.softonicsrvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\srv.softonicsrvc.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.notificationsource
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.notificationsource.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.sourcesinkimpl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.sourcesinkimpl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.toolbarinfo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.toolbarinfo.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5882DB3D-175D-4CDC-A030-1B7EC2BC8EC6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\babylontoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\dealply
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\delta
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\delta chrome toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\domaiq uninstaller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\filesfrog update checker
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\foxydeal
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\hola chrome toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\holasearch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\mixidj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\openit open it!
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\plus-hd-2.3
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\pricegong
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\pricepeep
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchthewebarp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\softonic
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\softwareupdater
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\speed analysis 2
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15d2d75c-9cb2-4efd-bad7-b9b4cb4bc693}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4ffbb818-b13c-11e0-931d-b2664824019b}_is1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7683b745-6060-41fd-aa75-0bbb383fead4}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{83aa2913-c123-4146-85bd-ad8f93971d39}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86d4b82a-abed-442a-be86-96357b70f4fe}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{d85ffe92-bf14-4e9b-bccd-e5c16069e65f}_is1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ebe677c0-cbcb-4ebf-8098-e27e1b5271cf}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0031257.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0031257.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0031257.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0031554.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0031554.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0031554.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0032540.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0032540.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0032540.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0033426.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0033426.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0033426.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0039030.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0039030.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0039030.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311121157}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311151154}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311251140}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311341126}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311901130}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322122257}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322152254}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322252240}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322342226}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322902230}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355125557}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355155554}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355255540}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355345526}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355905530}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366126657}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366156654}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366256640}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366346626}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366906630}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311121157}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311151154}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311251140}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311341126}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311901130}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322122257}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322152254}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322252240}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322342226}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322902230}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550355125557}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550355155554}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550355255540}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550355345526}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550355905530}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366126657}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366156654}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366256640}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366346626}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366906630}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0031257.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0031257.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0031257.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0031554.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0031554.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0031554.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0032540.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0032540.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0032540.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0033426.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0033426.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0033426.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0039030.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0039030.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0039030.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2475029
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2801937
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355125557}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355155554}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355255540}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355345526}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355905530}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366126657}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366156654}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366256640}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366346626}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366906630}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311121157}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311151154}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311251140}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311341126}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311901130}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311121157}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311151154}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311251140}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311341126}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311901130}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311121157}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311151154}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311251140}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311341126}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311901130}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550355125557}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550355155554}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550355255540}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550355345526}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550355905530}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366126657}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366156654}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366256640}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366346626}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366906630}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311121157}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311151154}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311251140}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341126}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311901130}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{47695818-E252-44F9-81C8-40BCF7702D52}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7AD2AA02-5AC2-4ABA-9B31-F09558641CE6}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{398C01F1-E584-46AD-A649-4F78B435DCFE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{553318DA-D010-469E-84B1-496563CAE1C0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{627AF46B-2076-42AE-A2FD-8428734D3E74}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B106B661-3E1B-4015-AF5C-195E909F35C6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C4B8BAB4-1667-11DF-A242-BA9455D89593}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4E6BF2A-1667-11DF-A01F-1F9655D89593}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9fdfb66c-713b-4201-83a6-5b78ae227b41}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9fdfb66c-713b-4201-83a6-5b78ae227b41}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a25e7121-3dd8-41b3-855b-756c5bc45449}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{a25e7121-3dd8-41b3-855b-756c5bc45449}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b106b661-3e1b-4015-af5c-195e909f35c6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{b106b661-3e1b-4015-af5c-195e909f35c6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DEDAF650-12B8-48f5-A843-BBA100716106}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DEDAF650-12B8-48f5-A843-BBA100716106}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DFF9B2DA-EF99-4B26-83CB-7058299999D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DFF9B2DA-EF99-4B26-83CB-7058299999D8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_current_user\software\ask.com"
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\apn"
Successfully deleted: [Registry Key] "hkey_local_machine\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\appid\{9b0cb95c-933a-4b8c-b6d4-edcd19a43874}"
~~~ Files
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.3-chromeinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.3-codedownloader.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.3-enabler.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.3-firefoxinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.3-updater.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.8-chromeinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.8-codedownloader.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.8-enabler.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.8-firefoxinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-1.8-updater.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-2.3-enabler.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-2.3-firefoxinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-2.3-updater.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-3.8-chromeinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-3.8-codedownloader.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-3.8-enabler.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-3.8-firefoxinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-3.8-updater.job
Failed to delete: [File] "C:\Users\User\appdata\local\google\chrome\user data\default\ext_piccshare"
Successfully deleted: [File] "C:\Users\User\appdata\local\google\chrome\user data\default\local storage\http_start.iminent.com_0.localstorage"
Successfully deleted: [File] "C:\Users\User\appdata\local\google\chrome\user data\default\local storage\http_start.iminent.com_0.localstorage-journal"
Successfully deleted: [File] "C:\Users\User\appdata\local\google\chrome\user data\default\local storage\http_www1.delta-search.com_0.localstorage"
Successfully deleted: [File] "C:\Users\User\appdata\local\google\chrome\user data\default\local storage\http_www1.delta-search.com_0.localstorage-journal"
Successfully deleted: [File] "C:\Users\User\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com"
Successfully deleted: [File] "C:\Users\Public\Desktop\open it!.lnk"
Successfully deleted: [File] "C:\Users\User\AppData\Roaming\microsoft\windows\start menu\programs\qtrax player.lnk"
Successfully deleted: [File] "C:\Windows\syswow64\conduitengine.tmp"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\esafe"
Successfully deleted: [Folder] "C:\ProgramData\pc optimizer pro"
Successfully deleted: [Folder] "C:\ProgramData\sweetim"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\babsolution"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\complitly"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\datamgr"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\dealply"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\delta"
Failed to delete: [Folder] "C:\Users\User\AppData\Roaming\desk 365"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\digitalsite"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\dsite"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\file scout"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\funmoods"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\intermediate"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\mixidj"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\pccustubinstaller"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\pdfforge"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\performersoft"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\pluswinks"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\scheck"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\simplytech"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\softonic"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\ssync"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\yontoo"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\zulagames"
Successfully deleted: [Folder] "C:\Users\User\appdata\local\amazon browser bar"
Successfully deleted: [Folder] "C:\Users\User\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\User\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\User\appdata\local\downloadguide"
Successfully deleted: [Folder] "C:\Users\User\appdata\local\ext_piccshare"
Failed to delete: [Folder] "C:\Users\User\appdata\local\smartbar"
Successfully deleted: [Folder] "C:\Users\User\appdata\local\televisionfanatic"
Successfully deleted: [Folder] "C:\Users\User\appdata\local\wajam"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\delta"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\mixidj"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\myashampoo"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\simplytech"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\simppulltoolbar"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\smartbar"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\softonic"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\televisionfanaticei"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\toolbar4"
Failed to delete: [Folder] "C:\Program Files (x86)\amazon browser bar"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Failed to delete: [Folder] "C:\Program Files (x86)\delta"
Successfully deleted: [Folder] "C:\Program Files (x86)\filesfrog update checker"
Successfully deleted: [Folder] "C:\Program Files (x86)\free offers from freeze.com"
Successfully deleted: [Folder] "C:\Program Files (x86)\inbox toolbar"
Failed to delete: [Folder] "C:\Program Files (x86)\mixidj"
Successfully deleted: [Folder] "C:\Program Files (x86)\myashampoo"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"
Failed to delete: [Folder] "C:\Program Files (x86)\openit"
Successfully deleted: [Folder] "C:\Program Files (x86)\pc speed maximizer"
Failed to delete: [Folder] "C:\Program Files (x86)\simppulltoolbar"
Failed to delete: [Folder] "C:\Program Files (x86)\softonic"
Successfully deleted: [Folder] "C:\Program Files (x86)\sweetim"
Successfully deleted: [Folder] "C:\Program Files (x86)\tuguu sl"
Successfully deleted: [Folder] "C:\Program Files (x86)\w3i, llc"
Failed to delete: [Folder] "C:\Program Files (x86)\wajam"
Failed to delete: [Folder] "C:\Program Files (x86)\yontoo"
Failed to delete: [Folder] "C:\Program Files (x86)\zula games"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dealply"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\open it!"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\microsoft\windows\start menu\programs\dealply"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\microsoft\windows\start menu\programs\filesfrog update checker"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\microsoft\windows\start menu\programs\wajam"
Successfully deleted: [Folder] "C:\Windows\syswow64\arfc"
Successfully deleted: [Folder] "C:\Windows\syswow64\jmdp"
Successfully deleted: [Folder] "C:\Windows\syswow64\wnlt"
Successfully deleted: [Folder] "C:\Users\User\music\qtrax media library"
Successfully deleted: [Folder] "C:\Users\User\qtrax"
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{55E8C11A-29F3-4036-ABD4-CB97F2158E9A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{60E21CC1-DE5F-4E1C-B784-CAFC20EEB4ED}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6EEAA5A0-25F5-41F5-84E7-511B12215B09}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D5E7B1F8-BB83-4166-9AE5-07DB752732EA}
Successfully deleted: [Folder] "C:\ProgramData\ask"
Failed to delete: [Folder] "C:\Users\User\appdata\locallow\asktoolbar"
Failed to delete: [Folder] "C:\Program Files (x86)\ask.com"
Successfully deleted: [Folder] "C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}"
~~~ FireFox
Successfully deleted: [File] C:\user.js
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\web search.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\web search.xml"
Successfully deleted: [File] C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\lcrz3lot.default\user.js
Successfully deleted: [File] C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\lcrz3lot.default\bprotector_extensions.sqlite
Successfully deleted: [File] C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\lcrz3lot.default\bprotector_prefs.js
Successfully deleted: [File] C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\lcrz3lot.default\searchplugins\softonic.xml
Successfully deleted: [File] C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\lcrz3lot.default\searchplugins\web search.xml
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\lfind@nijadsoft.net
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\singalong@xenophesoft.com
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\zulagames@zulagames.com
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\zulagames@zulagames.com
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}
Successfully deleted the following from C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\lcrz3lot.default\prefs.js
user_pref("browser.search.defaultengine", "Web Search");
user_pref("browser.search.order.1", "Web Search");
user_pref("extensions.Softonic.admin", false);
user_pref("extensions.Softonic.aflt", "SD");
user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
user_pref("extensions.Softonic.autoRvrt", "false");
user_pref("extensions.Softonic.dfltLng", "de");
user_pref("extensions.Softonic.dfltSrch", true);
user_pref("extensions.Softonic.dnsErr", true);
user_pref("extensions.Softonic.excTlbr", false);
user_pref("extensions.Softonic.ffxUnstlRst", false);
user_pref("extensions.Softonic.hmpg", true);
user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=13&cc=&mi=9441a9b700000000000000ff231a40f6");
user_pref("extensions.Softonic.hpOld0", "about:home");
user_pref("extensions.Softonic.id", "9441a9b700000000000000ff231a40f6");
user_pref("extensions.Softonic.instlDay", "15974");
user_pref("extensions.Softonic.instlRef", "MOY00009");
user_pref("extensions.Softonic.kw_url", "hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=2&cc=&mi=9441a9b700000000000000ff231a40f6&q=");
user_pref("extensions.Softonic.newTab", true);
user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00009/tb_v1/?SearchSource=15&cc=&mi=9441a9b700000000000000ff231a40f6");
user_pref("extensions.Softonic.prdct", "Softonic");
user_pref("extensions.Softonic.prtnrId", "softonic");
user_pref("extensions.Softonic.rvrt", "false");
user_pref("extensions.Softonic.smplGrp", "none");
user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
user_pref("extensions.Softonic.tlbrId", "2013desingbrand");
user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=1&cc=&mi=9441a9b700000000000000ff231a40f6&q=");
user_pref("extensions.Softonic.vrsn", "1.8.19.3");
user_pref("extensions.Softonic.vrsnTs", "1.8.19.312:40:00");
user_pref("extensions.Softonic.vrsni", "1.8.19.3");
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.backgroundjs", "\n\n/****************************************************
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/530e52021dc20843b1aa62957edeb9f8.value", "%22var%20adsDe
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9.value", "%22function%20
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/833447eaff04548ccb80787286a7cad9_DE.value", "%22var%20ca
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/d5baae4ef839769f8eb7e9f9d82d8a40_DE.value", "%22var%20ca
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.js", "\n\n /************************************************************
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_102.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_104.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_119.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_120.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_123.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_13.name", "CrossriderAppUtils");
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_138.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_14.name", "CrossriderUtils");
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_155.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBack
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQu
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){va
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.res
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_78.name", "CrossriderInfo");
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_87.code", "var CROSSRIDER_PLATFORM=true;var JQ=bbrsJQ=$jqu
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_9.code", "appAPI.hooks.addHook(\"searchEngine\",(function(
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_91.code", "(function(h){var p=(function(){var R=0;var Z=\"
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_92.code", "if(typeof appAPI.internal.monetization===\"unde
user_pref("extensions.crossrider.bic", "14159cc9929b6ef49793f76076583bcb");
user_pref("iminent.LayoutId", "1");
user_pref("iminent.ShowThankyouPixel", "0");
user_pref("iminent.version", "7.36.1.1");
user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.36.1.1\",\"InstallEventCTime\":1380158834287,\"InstallEvent\":\"True\"}");
user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q=");
user_pref("om.config", "{\"active\":true,\"name\":\"twde\",\"id\":25,\"dispId\":\"CH-25\",\"aboutLink\":\"\",\"trackingGeneral\":true,\"gaAccount\":\"UA-39484183-1\",\"gaDomai
Emptied folder: C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\lcrz3lot.default\minidumps [8 files]
~~~ Chrome
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\docfnddcclkgokdfpnmngpiliiachclb
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\fagpjgjmoaccgkkpjeoinehnoaimnbla
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\gnbcopcndefcccgdofjadnafjljgofam
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\ojcgaoafcmbadjkfdippkdddgkeaipbn
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\docfnddcclkgokdfpnmngpiliiachclb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\fagpjgjmoaccgkkpjeoinehnoaimnbla
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\gnbcopcndefcccgdofjadnafjljgofam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\mocblcnaofikinigmceddfghppkkjbog
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.10.2013 at 11:05:24,05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
25.10.2013, 11:31
| #8 |
| /// the machine /// TB-Ausbilder | Problem mit getwindowinfo Bitte in der angegebenen Reihenfolge abarbeiten, als erstes das ZIP 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
26.10.2013, 09:46
| #9 |
| | Problem mit getwindowinfo das hat leider nicht funktioniert: (Lasse SFP die Dateien komprimieren/packen. Dies wird ein CAB Archiv auf Deinem Desktop erstellen. Nun sende das Archiv an folgende eMail-Adresse: schrauberATtrojaner-board.de (das AT durch @ ersetzen) Als Betreff bitte angeben: pricealarm) mit Malwarebytes konnten leider nicht alle objekte entfernt werden. Malwarebytes Anti-Malware (Test) 1.75.0.1300 Malwarebytes : Free Anti-Malware download Datenbank Version: v2013.10.26.04 Windows Vista Service Pack 2 x64 NTFS Internet Explorer 9.0.8112.16421 User :: MIKEPC [Administrator] Schutz: Aktiviert 26.10.2013 10:35:41 MBAM-log-2013-10-26 (10-40-14).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 291967 Laufzeit: 1 Minute(n), 35 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 12 C:\Users\User\AppData\Local\Smartbar (PUP.Optional.SmartBar.A) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Local\Smartbar\Application (PUP.Optional.SmartBar.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\mixidj\mixidj\1.8.18.8 (PUP.Optional.MixiDJToolbar.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\bh (PUP.Optional.MixiDJToolbar.A) -> Keine Aktion durchgeführt. C:\ProgramData\BitGuard\2.6.1673.238 (PUP.Optional.BitGuard.A) -> Keine Aktion durchgeführt. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} (PUP.Optional.BitGuard.A) -> Keine Aktion durchgeführt. C:\ProgramData\BitGuard\2.6.1673.238\{C16C1CCB-7046-4E5C-A2F3-533AD2FEC8E8}\FirefoxExtension (PUP.Optional.BitGuard.A) -> Keine Aktion durchgeführt. C:\ProgramData\BitGuard\2.6.1673.238\{C16C1CCB-7046-4E5C-A2F3-533AD2FEC8E8}\traking_settings (PUP.Optional.BitGuard.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\PLUS-HD-1.3 (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\PLUS-HD-1.8 (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\PLUS-HD-2.3 (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\PLUS-HD-3.8 (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
26.10.2013, 13:23
| #10 | |
| /// the machine /// TB-Ausbilder | Problem mit getwindowinfoZitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.10.2013, 09:53
| #11 |
| | Problem mit getwindowinfo Nein. Die restlichen Objekte werden leider bei dem Vorgang nicht gelöscht. Habe die Objekte in Gruppen und am Schluss einzeln gelöscht. Nur so hat es funktioniert. Leider öffnet sich das getwindowinfo Fenster immernoch  |
|
31.10.2013, 10:25
| #12 |
| /// the machine /// TB-Ausbilder | Problem mit getwindowinfo Poste bitte nochmal ein frisches FRST log.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.10.2013, 12:58
| #13 |
| | Problem mit getwindowinfoFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-10-2013
Ran by User (administrator) on MIKEPC on 31-10-2013 12:51:34
Running from C:\Users\User\Downloads
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Gainward Co.) C:\Program Files (x86)\EXPERTool\TBPANEL.exe
(ICQ) C:\Users\User\AppData\Roaming\ICQM\icq.exe
(Windows Net) C:\Users\User\AppData\Roaming\Windows Net Data\net.exe
() C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Razer\Diamondback 3G\razertra.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Diamondback 3G\razerofa.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\klwtblfs.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKCU\...\Run: [GAINWARD] - C:\Program Files (x86)\EXPERTool\TBPANEL.exe [2265416 2011-04-08] (Gainward Co.)
HKCU\...\Run: [icq] - C:\Users\User\AppData\Roaming\ICQM\icq.exe [27598184 2013-04-12] (ICQ)
HKCU\...\Run: [Snoozer] - C:\Users\User\AppData\Roaming\Snz\Snz.exe [1137764 2013-08-28] ()
HKLM-x32\...\Run: [P17RunE] - C:\Windows\\SysWOW64\P17RunE.dll [14848 2008-03-28] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Diamondback] - C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe [147456 2007-08-01] ()
HKLM-x32\...\Run: [VolPanel] - C:\Program Files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe [221300 2008-05-05] (Creative Technology Ltd)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-15] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-10-17] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG Secure Search\vprot.exe [2404376 2013-10-02] ()
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512 2013-09-24] (RealNetworks, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Gast\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Gast\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
HKU\Gast\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [138240 2008-01-21] (Microsoft Corporation)
HKU\Gast\...\Run: [soyys] - "c:\users\user\appdata\local\soyys.exe" soyys
HKU\Gast\...\Run: [Creative MediaSource Go] - C:\Program Files (x86)\Creative\MediaSource5\Go\CTCMSGoU.exe [204800 2006-11-09] (Creative Technology Ltd)
HKU\Gast\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\Gast\...\Run: [GAINWARD] - C:\Program Files (x86)\EXPERTool\TBPANEL.exe [2265416 2011-04-08] (Gainward Co.)
HKU\Gast\...\Run: [icq] - C:\Users\Gast\AppData\Roaming\ICQM\icq.exe -CU
HKU\Gast\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-15] (Samsung)
HKU\Gast\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-15] (Samsung)
HKU\Gast\...\Run: [SCheck] - "C:\Users\User\AppData\Roaming\SCheck\SCheck.exe" check nohp nods
HKU\Gast\...\Run: [SSync] - "C:\Users\User\AppData\Roaming\SSync\SSync.exe"
HKU\Gast\...\Run: [DataMgr] - "C:\Users\User\AppData\Roaming\DataMgr\DataMgr.exe"
HKU\Gast\...\Run: [Intermediate] - "C:\Users\User\AppData\Roaming\Intermediate\Intermediate.exe"
HKU\Gast\...\RunOnce: [StartMSu] - C:\Program Files (x86)\Creative\MediaSource5\startMSu.exe [81920 2008-10-30] (Creative Technology Ltd)
HKU\Gast\...\RunOnce: [InetReg] - "C:\Program Files (x86)\Creative\Produktregistrierung\German\InetReg.exe" /PreProcess=RegFlash.exe /Delay=6
HKU\Gast\...\RunOnce: [CTAutoUpdate] - C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe [430968 2009-01-15] (Creative Technology Ltd)
HKU\User_2\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\User_2\...\Run: [NTRedirect] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\User_2\AppData\Roaming\BabSolution\Shared\NTRedirect.dll",Run <===== ATTENTION
HKU\User_2\...\Run: [Optimizer Pro] - C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
HKU\User_2\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\User_2\...\Run: [GAINWARD] - C:\Program Files (x86)\EXPERTool\TBPANEL.exe [2265416 2011-04-08] (Gainward Co.)
HKU\User_2\...\Run: [icq] - C:\Users\User_2\AppData\Roaming\ICQM\icq.exe -CU
HKU\User_2\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-15] (Samsung)
HKU\User_2\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-15] (Samsung)
HKU\User_2\...\Run: [SCheck] - "C:\Users\User\AppData\Roaming\SCheck\SCheck.exe" check nohp nods
HKU\User_2\...\Run: [SSync] - "C:\Users\User\AppData\Roaming\SSync\SSync.exe"
HKU\User_2\...\Run: [DataMgr] - "C:\Users\User\AppData\Roaming\DataMgr\DataMgr.exe"
HKU\User_2\...\Run: [Intermediate] - "C:\Users\User\AppData\Roaming\Intermediate\Intermediate.exe"
HKU\User_2\...\RunOnce: [CTAutoUpdate] - C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe [430968 2009-01-15] (Creative Technology Ltd)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
ShortcutTarget: net.lnk -> C:\Users\User\AppData\Roaming\Windows Net Data\net.exe (Windows Net)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = Sign In
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = Sign In
URLSearchHook: HKLM-x32 - (No Name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No File
URLSearchHook: HKLM-x32 - (No Name) - {b106b661-3e1b-4015-af5c-195e909f35c6} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {721061fb-eb79-4568-a03c-3ce26d68dae9} URL =
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\User\AppData\Roaming\Complitly\64\Complitly64.dll No File
BHO: Expat Shield Class - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE_64.dll No File
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: IEiRobinHoodAddon Class - {54E67346-EE5A-45B6-82AA-4F0BB28C79C2} - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\iRobinHood.dll (iRobinHood)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Sing Along - {6492E171-2427-4932-B414-33574A089F5E} - C:\Program Files (x86)\SingAlong\singalng.dll No File
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: DNS Error Helper - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll ()
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - No Name - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No File
Toolbar: HKLM-x32 - Simppull Toolbar - {627af46b-2076-42ae-a2fd-8428734d3e74} - C:\Program Files (x86)\simppulltoolbar\simppulldx.dll ()
Toolbar: HKLM-x32 - No Name - {b106b661-3e1b-4015-af5c-195e909f35c6} - No File
Toolbar: HKLM-x32 - Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
Toolbar: HKLM-x32 - Holasearch Toolbar - {C510DFFB-0AFE-484C-BA40-CED5B74C4EEF} - C:\Program Files (x86)\holasearch\holasearch\1.8.16.16\holasearchTlbr.dll (holasearch.com)
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM-x32 - No Name - {9fdfb66c-713b-4201-83a6-5b78ae227b41} - No File
Toolbar: HKLM-x32 - No Name - {a25e7121-3dd8-41b3-855b-756c5bc45449} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - No File
Toolbar: HKCU - No Name - {B106B661-3E1B-4015-AF5C-195E909F35C6} - No File
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262E} Can You RUN It | Can I run that game | Game system requirements
DPF: HKLM-x32 {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.9.113.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15108/CTPID.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default
FF NewTab: about:home
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @gametap.com/npdd,version=1.0 - C:\Program Files (x86)\Downloader\npdd.dll (Metaboli)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: electronicarts.com/GameFacePlugin - C:\Users\User\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Battlefield Play4Free - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\battlefieldplay4free@ea.com
FF Extension: Default Manager - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\DefaultManager@Microsoft
FF Extension: pricealarm - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
FF Extension: FireJump - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\firejump@firejump.net
FF Extension: HomeTab - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\{ad7ef860-f366-4be1-8d12-4363b9356947}
FF Extension: FoxyDeal - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D}
FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\complitly_0.sqlite
FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\complitly_0.sqlite-journal
FF Extension: om - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\om@offermosquito.com.xpi
FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\WTB_GLOBAL.sqlite
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{DEDAF650-12B8-48f5-A843-BBA100716106}] - C:\Program Files\Updater By Sweetpacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] - C:\Users\User\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
FF Extension: Speed Analysis 2 - C:\Users\User\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
FF HKLM-x32\...\Firefox\Extensions: [pluswinks@PlusWinks] - C:\Users\User\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks
FF Extension: Cool Smiley Bar for Facebook - C:\Users\User\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.0.1.12
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\17.0.1.12
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: No Name - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKCU\...\Firefox\Extensions: [vinceturk@gmail.com] - C:\Program Files (x86)\KwiClick LLC\KwiClick\
FF Extension: KwiClick - C:\Program Files (x86)\KwiClick LLC\KwiClick\
FF HKCU\...\Firefox\Extensions: [coollrcs@coolzone.co] - C:\Program Files (x86)\CoolLyrics\FF\
FF HKCU\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] - C:\Users\User\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
FF Extension: Speed Analysis 2 - C:\Users\User\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
FF HKCU\...\Firefox\Extensions: [pluswinks@PlusWinks] - C:\Users\User\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks
FF Extension: Cool Smiley Bar for Facebook - C:\Users\User\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks
FF HKCU\...\Firefox\Extensions: [firejump@firejump.net] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\extensions\firejump@firejump.net
FF Extension: FireJump - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\extensions\firejump@firejump.net
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Sing Along) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\abepbblpkilpjohncjbccmdjhdhbnhdj\1.114_0
CHR Extension: (FoxyDeal) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiennapmieppnpfhhogglccgepbdajan\6.2.0_0
CHR Extension: (MixiDJ Toolbar) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\boipimhfjpakfgckhbljjengakjhkcbp\1.1_0
CHR Extension: (Cool Lyrics) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\clffglkbddffcdnehidjiimmoiphomid\1.114_0
CHR Extension: (Kaspersky URL Advisor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.2.558_1
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0
CHR Extension: () - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab\background.html
CHR Extension: (OfferMosquito) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk\0.6.1_0
CHR Extension: () - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gflandjopdloblmlcoiidmncpinmmacn\1.0.0.5
CHR Extension: (Safe Money) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.2.558_0
CHR Extension: (RealDownloader) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.1_0
CHR Extension: (Virtual Keyboard) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.2.558_1
CHR Extension: (Skype Click to Call) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0
CHR Extension: (Delta Toolbar) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkgfcicgjhneabbbfhddfcgifljdhhpl\1.4_0
CHR Extension: (SweetPacks Chrome Extension) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.3_0
CHR Extension: (NCH DE) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ommhmgednjnodcljhlljkaiidghdmikk\2.3.19.11_0
CHR Extension: (Amazon 1Button App for Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\3.2013.715.0_0
CHR Extension: (Anti-Banner) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.2.558_0
CHR HKLM-x32\...\Chrome\Extension: [abepbblpkilpjohncjbccmdjhdhbnhdj] - C:\Program Files (x86)\SingAlong\Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [bddpogknpjlgfpbboediomaiiaecfajn] - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx
CHR HKLM-x32\...\Chrome\Extension: [clffglkbddffcdnehidjiimmoiphomid] - C:\Program Files (x86)\CoolLyrics\Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files (x86)\Softonic\Softonic\1.8.19.3\Softonic.crx
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM-x32\...\Chrome\Extension: [iidmoehhpbghchkaogkhmcckhlhebekn] - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\iRobinHoodPartnersVExtension1_42.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [nkgfcicgjhneabbbfhddfcgifljdhhpl] - C:\Users\User\AppData\Roaming\BabSolution\CR\Delta.crx
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\jmdp\SweetNT.crx
CHR HKLM-x32\...\Chrome\Extension: [ommhmgednjnodcljhlljkaiidghdmikk] - C:\Users\User\AppData\Local\CRE\ommhmgednjnodcljhlljkaiidghdmikk.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx
==================== Services (Whitelisted) =================
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-10-17] (Kaspersky Lab ZAO)
S3 Creative HOAL Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTHOALLicensing.exe [79360 2009-03-12] (Creative Labs)
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [819040 2012-12-21] (Infowatch)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2013\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany)
S3 lxce_device; C:\Windows\system32\lxcecoms.exe [414720 2005-07-06] (Lexmark International, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4032992 2010-09-29] (INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-09-03] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S2 SystemStoreService; C:\Program Files (x86)\SelfUpdater\SystemStore.exe [1948160 2013-03-12] ()
R2 vToolbarUpdater17.0.12; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [1734680 2013-10-02] (AVG Secure Search)
==================== Drivers (Whitelisted) ====================
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-10-02] (AVG Technologies)
S1 Beep; No ImagePath
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20568 2010-05-25] (Devguru Co., Ltd)
S3 dgderdrv; C:\Windows\SysWow64\drivers\dgderdrv.sys [20032 2011-10-31] (Devguru Co., Ltd)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2013-10-17] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-17] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-07-15] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-07-15] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15680 2006-10-31] ()
S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4682 2004-12-30] (INCA Internet Co., Ltd.)
S3 nv; C:\Windows\System32\DRIVERS\nv4_mini.sys [10068352 2009-06-10] (NVIDIA Corporation)
S3 Ph3xIB64; C:\Windows\System32\DRIVERS\Ph3xIB64.sys [1368960 2006-09-30] (Philips Semiconductors GmbH)
R3 Razerlow; C:\Windows\System32\drivers\DB3G.sys [21120 2005-11-07] (Razer (Asia-Pacific) Pte Ltd)
S3 skfiltv; C:\Windows\System32\drivers\skfiltv.sys [24064 2008-08-14] (Creative Technology Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [203672 2013-06-21] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 TBPanel; No ImagePath
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 dump_wmimmc; \??\C:\Program Files (x86)\ShotOnline\GameGuard\dump_wmimmc.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-10-17] (Kaspersky Lab ZAO)
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-31 12:51 - 2013-10-31 12:51 - 01956614 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2013-10-31 12:49 - 2013-10-31 12:49 - 01089275 _____ (Farbar) C:\Users\User\Downloads\FRST.exe
2013-10-30 06:57 - 2013-10-23 11:30 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-30 06:57 - 2013-10-23 11:30 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-30 06:57 - 2013-10-23 11:30 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-30 06:57 - 2013-10-23 11:30 - 18286416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-10-30 06:57 - 2013-10-23 11:30 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-30 06:57 - 2013-10-23 11:30 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-30 06:57 - 2013-10-23 11:30 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-30 06:57 - 2013-10-23 11:30 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-30 06:57 - 2013-10-23 11:30 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-30 06:57 - 2013-10-23 11:30 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-30 06:57 - 2013-10-23 11:30 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-30 06:57 - 2013-10-23 11:30 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-30 06:57 - 2013-10-23 11:30 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-30 06:57 - 2013-10-23 11:30 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2013-10-30 06:57 - 2013-10-23 11:30 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2013-10-30 06:57 - 2013-01-29 09:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2013-10-25 12:00 - 2013-10-25 12:00 - 00041004 _____ C:\Users\User\Documents\ComboFix.zip
2013-10-25 10:05 - 2013-10-25 10:05 - 00076247 _____ C:\Users\User\Desktop\JRT.txt
2013-10-25 09:59 - 2013-10-25 09:59 - 01033335 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2013-10-25 09:59 - 2013-10-25 09:59 - 00000000 ____D C:\Windows\ERUNT
2013-10-25 09:57 - 2013-10-25 09:57 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-10-25 09:16 - 2013-10-25 09:16 - 00000948 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-25 09:16 - 2013-10-25 09:16 - 00000000 ____D C:\Users\User\AppData\Roaming\Malwarebytes
2013-10-25 09:16 - 2013-10-25 09:16 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-25 09:16 - 2013-10-25 09:16 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-25 09:16 - 2013-04-04 13:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-25 09:15 - 2013-10-25 09:15 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-25 09:10 - 2013-10-25 09:10 - 00000413 _____ C:\Users\User\Desktop\requested-files[2013-10-25_10_10].cab
2013-10-25 09:08 - 2005-07-20 10:32 - 00518656 _____ (Safer Networking Limited) C:\Users\User\Desktop\sfp.exe
2013-10-25 07:11 - 2013-10-25 11:58 - 00040848 _____ C:\Users\User\Documents\ComboFix.7z
2013-10-25 06:50 - 2013-10-25 06:50 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2013-10-25 06:46 - 2013-10-25 06:46 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1ce822718b863c0
2013-10-25 06:43 - 2013-10-25 06:43 - 00126787 _____ C:\Users\User\Desktop\ComboFix.txt
2013-10-25 06:19 - 2013-10-25 06:43 - 00000000 ____D C:\Qoobox
2013-10-25 06:19 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-10-25 06:19 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-10-25 06:19 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-10-25 06:19 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-10-25 06:19 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-10-25 06:19 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-10-25 06:19 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-10-25 06:19 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-10-25 06:18 - 2013-10-25 06:41 - 00000000 ____D C:\Windows\erdnt
2013-10-25 06:18 - 2013-10-25 06:18 - 05136677 ____R (Swearware) C:\Users\User\Downloads\ComboFix.exe
2013-10-24 07:58 - 2013-10-24 08:01 - 00015948 _____ C:\Users\User\Documents\Addition.7z
2013-10-24 07:57 - 2013-10-24 07:57 - 00007910 _____ C:\Users\User\Downloads\Addition.7z
2013-10-24 07:52 - 2013-10-24 07:52 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-10-24 07:51 - 2013-10-24 07:51 - 01110476 _____ C:\Users\User\Downloads\7z920.exe
2013-10-23 15:07 - 2013-10-23 15:07 - 00034855 _____ C:\Users\User\Downloads\Addition.txt
2013-10-23 15:04 - 2013-10-23 15:04 - 00000000 ____D C:\FRST
2013-10-22 16:20 - 2013-10-23 11:30 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-22 16:20 - 2013-10-16 01:48 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll
2013-10-22 16:20 - 2013-10-16 01:48 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll
2013-10-17 14:50 - 2013-10-17 14:50 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-10-17 14:49 - 2013-10-17 14:50 - 00000810 _____ C:\Windows\setupact.log
2013-10-17 14:49 - 2013-10-17 14:49 - 00000000 _____ C:\Windows\setuperr.log
2013-10-16 11:35 - 2013-10-16 11:35 - 00000000 ____D C:\ProgramData\Oracle
2013-10-16 11:35 - 2013-10-08 06:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-16 11:34 - 2013-10-08 06:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-16 11:34 - 2013-10-08 06:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-16 11:34 - 2013-10-08 06:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-16 11:33 - 2013-10-16 11:34 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-09 11:16 - 2013-09-22 16:43 - 17833984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-09 11:16 - 2013-09-22 16:01 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-09 11:16 - 2013-09-22 15:42 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-09 11:16 - 2013-09-22 15:36 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-09 11:16 - 2013-09-22 15:33 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-10-09 11:16 - 2013-09-22 15:33 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-09 11:16 - 2013-09-22 15:30 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-10-09 11:16 - 2013-09-22 15:27 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-09 11:16 - 2013-09-22 15:23 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-10-09 11:16 - 2013-09-22 15:22 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-09 11:16 - 2013-09-22 15:21 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-10-09 11:16 - 2013-09-22 15:19 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-09 11:16 - 2013-09-22 15:19 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-09 11:16 - 2013-09-22 15:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-10-09 11:16 - 2013-09-22 15:15 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-09 11:16 - 2013-09-22 15:07 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-09 11:16 - 2013-09-22 11:29 - 12336128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-09 11:16 - 2013-09-22 11:22 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-09 11:16 - 2013-09-22 11:22 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-09 11:16 - 2013-09-22 11:14 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-10-09 11:16 - 2013-09-22 11:13 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-09 11:16 - 2013-09-22 11:13 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-09 11:16 - 2013-09-22 11:12 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-10-09 11:16 - 2013-09-22 11:09 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-09 11:16 - 2013-09-22 11:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-10-09 11:16 - 2013-09-22 11:07 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-09 11:16 - 2013-09-22 11:06 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-10-09 11:16 - 2013-09-22 11:05 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-09 11:16 - 2013-09-22 11:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-09 11:16 - 2013-09-22 11:03 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-09 11:16 - 2013-09-22 11:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-10-09 11:16 - 2013-09-22 10:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-09 07:08 - 2013-08-29 08:48 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-09 07:08 - 2013-08-27 04:39 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-10-09 07:08 - 2013-08-27 04:39 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-10-09 07:08 - 2013-08-27 04:39 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-10-09 07:08 - 2013-08-27 04:39 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-10-09 07:08 - 2013-08-27 03:47 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-10-09 07:08 - 2013-08-27 03:47 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-10-09 07:08 - 2013-08-27 03:47 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-10-09 07:08 - 2013-08-27 03:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-10-09 07:08 - 2013-08-27 03:32 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-10-09 07:08 - 2013-08-27 03:30 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-10-09 07:08 - 2013-08-27 03:06 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-10-09 07:08 - 2013-08-27 03:00 - 01556480 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-10-09 07:08 - 2013-08-27 03:00 - 01149952 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-10-09 07:08 - 2013-08-27 02:52 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-10-09 07:08 - 2013-08-27 02:50 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-10-09 07:08 - 2013-08-27 02:32 - 00683008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-10-09 07:08 - 2013-08-27 02:28 - 01069056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-10-09 07:08 - 2013-08-01 05:10 - 00901568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-09 07:08 - 2013-08-01 04:37 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-10-09 07:08 - 2013-07-20 11:45 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 07:08 - 2013-07-20 11:44 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 07:08 - 2013-07-12 10:19 - 00099200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-09 07:08 - 2013-07-04 05:21 - 00532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-09 07:08 - 2013-07-04 05:13 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-09 07:08 - 2013-07-03 05:24 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\wiafbdrv.dll
2013-10-09 07:08 - 2013-07-03 03:55 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-09 07:08 - 2013-07-03 03:22 - 00031616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-09 07:08 - 2013-06-29 03:25 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-09 07:08 - 2013-06-29 03:25 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-09 07:08 - 2013-06-29 03:25 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-09 07:08 - 2013-06-29 03:25 - 00007552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-09 07:08 - 2013-06-27 00:00 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-09 07:08 - 2013-06-04 05:16 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-09 07:08 - 2013-06-04 05:16 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-09 07:08 - 2013-06-04 03:01 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-09 07:08 - 2013-06-04 02:49 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-09 07:08 - 2011-05-05 15:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-09 07:08 - 2011-05-05 15:17 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-05 14:07 - 2012-04-24 20:35 - 00693648 _____ (MindSpark) C:\Program Files (x86)\64Uninstall TelevisionFanatic.dll
2013-10-05 14:07 - 2012-04-24 20:35 - 00174024 _____ () C:\Program Files (x86)\64res.dll
2013-10-04 12:35 - 2013-10-04 12:35 - 00000000 ___SD C:\Users\User\Documents\Passwords Database
2013-10-02 06:23 - 2013-10-25 09:45 - 00014314 _____ C:\Windows\PFRO.log
==================== One Month Modified Files and Folders =======
2013-10-31 12:51 - 2013-10-31 12:51 - 01956614 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2013-10-31 12:49 - 2013-10-31 12:49 - 01089275 _____ (Farbar) C:\Users\User\Downloads\FRST.exe
2013-10-31 12:47 - 2012-09-16 08:59 - 00000000 ___RD C:\Users\User\Desktop\Programme
2013-10-31 12:23 - 2013-03-16 23:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-10-31 11:27 - 2006-11-02 16:22 - 00003840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-31 11:27 - 2006-11-02 16:22 - 00003840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-31 10:13 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\tracing
2013-10-31 09:35 - 2008-01-21 12:10 - 01683002 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-31 09:35 - 2008-01-21 12:09 - 00717264 _____ C:\Windows\system32\perfh007.dat
2013-10-31 09:35 - 2008-01-21 12:09 - 00164448 _____ C:\Windows\system32\perfc007.dat
2013-10-31 09:31 - 2008-01-21 02:53 - 01429610 _____ C:\Windows\WindowsUpdate.log
2013-10-31 09:28 - 2008-08-08 17:16 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-10-31 08:56 - 2013-09-14 10:45 - 00000000 ____D C:\ProgramData\BitGuard
2013-10-31 08:01 - 2013-03-12 13:48 - 00000552 _____ C:\Windows\Tasks\Software Updater.job
2013-10-30 18:54 - 2009-12-28 13:19 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-30 16:59 - 2013-09-26 08:37 - 00000000 ____D C:\Users\User\Documents\FIFA 14
2013-10-30 12:50 - 2011-09-30 14:51 - 00000000 ____D C:\Program Files (x86)\Origin
2013-10-30 07:06 - 2011-08-30 16:07 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-30 06:22 - 2011-08-30 16:06 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-10-30 06:16 - 2013-09-09 10:45 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-30 06:16 - 2012-04-24 18:33 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-30 06:16 - 2011-05-18 15:00 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-26 08:59 - 2013-09-26 11:02 - 00000000 ____D C:\Users\User\AppData\Roaming\HomeTab
2013-10-26 08:59 - 2013-08-12 09:08 - 00000000 ____D C:\Users\User_2\AppData\Roaming\HomeTab
2013-10-26 08:59 - 2013-08-12 09:08 - 00000000 ____D C:\Program Files (x86)\HomeTab
2013-10-26 08:59 - 2013-07-20 14:07 - 00000000 ____D C:\Users\User\AppData\Roaming\SpeedAnalysis2
2013-10-26 08:59 - 2013-07-20 14:07 - 00000000 ____D C:\Program Files (x86)\Speed Analysis 2
2013-10-26 08:59 - 2013-04-23 21:03 - 00000000 ____D C:\Users\User\AppData\Roaming\player
2013-10-25 12:00 - 2013-10-25 12:00 - 00041004 _____ C:\Users\User\Documents\ComboFix.zip
2013-10-25 11:58 - 2013-10-25 07:11 - 00040848 _____ C:\Users\User\Documents\ComboFix.7z
2013-10-25 10:09 - 2013-08-12 09:52 - 00000000 ____D C:\SoloApp
2013-10-25 10:05 - 2013-10-25 10:05 - 00076247 _____ C:\Users\User\Desktop\JRT.txt
2013-10-25 10:04 - 2012-07-06 05:33 - 00000000 ____D C:\Program Files (x86)\Ask.com
2013-10-25 10:01 - 2013-07-20 14:07 - 00000000 ____D C:\Program Files (x86)\Zula Games
2013-10-25 10:01 - 2013-06-05 17:05 - 00000000 ____D C:\Users\User\AppData\Roaming\Desk 365
2013-10-25 10:01 - 2013-03-12 14:12 - 00000000 ____D C:\Program Files (x86)\Yontoo
2013-10-25 10:01 - 2013-03-12 14:08 - 00000000 ____D C:\Program Files (x86)\Amazon Browser Bar
2013-10-25 10:01 - 2011-04-04 15:08 - 00000000 ____D C:\Program Files (x86)\simppulltoolbar
2013-10-25 09:59 - 2013-10-25 09:59 - 01033335 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2013-10-25 09:59 - 2013-10-25 09:59 - 00000000 ____D C:\Windows\ERUNT
2013-10-25 09:57 - 2013-10-25 09:57 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-10-25 09:45 - 2013-10-02 06:23 - 00014314 _____ C:\Windows\PFRO.log
2013-10-25 09:16 - 2013-10-25 09:16 - 00000948 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-25 09:16 - 2013-10-25 09:16 - 00000000 ____D C:\Users\User\AppData\Roaming\Malwarebytes
2013-10-25 09:16 - 2013-10-25 09:16 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-25 09:16 - 2013-10-25 09:16 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-25 09:15 - 2013-10-25 09:15 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-25 09:12 - 2013-07-20 14:38 - 00000000 ____D C:\Users\User\AppData\Roaming\PeaZip
2013-10-25 09:10 - 2013-10-25 09:10 - 00000413 _____ C:\Users\User\Desktop\requested-files[2013-10-25_10_10].cab
2013-10-25 07:20 - 2008-08-15 11:54 - 00000430 ____H C:\Windows\Tasks\User_Feed_Synchronization-{7D800EA4-AEB3-4E16-AA3B-A96CCE4DD79D}.job
2013-10-25 07:20 - 2006-11-02 16:42 - 00032584 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-25 07:20 - 2006-11-02 16:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-25 06:59 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\rescache
2013-10-25 06:53 - 2010-05-20 10:06 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-25 06:51 - 2013-07-16 14:19 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce822718b863c0.job
2013-10-25 06:50 - 2013-10-25 06:50 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2013-10-25 06:46 - 2013-10-25 06:46 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1ce822718b863c0
2013-10-25 06:46 - 2010-05-20 10:06 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-25 06:43 - 2013-10-25 06:43 - 00126787 _____ C:\Users\User\Desktop\ComboFix.txt
2013-10-25 06:43 - 2013-10-25 06:19 - 00000000 ____D C:\Qoobox
2013-10-25 06:43 - 2006-11-02 14:33 - 00000000 __RHD C:\Users\Default
2013-10-25 06:41 - 2013-10-25 06:18 - 00000000 ____D C:\Windows\erdnt
2013-10-25 06:34 - 2006-11-02 13:34 - 00000215 _____ C:\Windows\system.ini
2013-10-25 06:31 - 2013-08-12 09:49 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater
2013-10-25 06:18 - 2013-10-25 06:18 - 05136677 ____R (Swearware) C:\Users\User\Downloads\ComboFix.exe
2013-10-24 08:01 - 2013-10-24 07:58 - 00015948 _____ C:\Users\User\Documents\Addition.7z
2013-10-24 07:57 - 2013-10-24 07:57 - 00007910 _____ C:\Users\User\Downloads\Addition.7z
2013-10-24 07:52 - 2013-10-24 07:52 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-10-24 07:51 - 2013-10-24 07:51 - 01110476 _____ C:\Users\User\Downloads\7z920.exe
2013-10-23 15:07 - 2013-10-23 15:07 - 00034855 _____ C:\Users\User\Downloads\Addition.txt
2013-10-23 15:04 - 2013-10-23 15:04 - 00000000 ____D C:\FRST
2013-10-23 11:30 - 2013-10-30 06:57 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-23 11:30 - 2013-10-30 06:57 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-23 11:30 - 2013-10-30 06:57 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-23 11:30 - 2013-10-30 06:57 - 18286416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-10-23 11:30 - 2013-10-30 06:57 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-23 11:30 - 2013-10-30 06:57 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-23 11:30 - 2013-10-30 06:57 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-23 11:30 - 2013-10-30 06:57 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-23 11:30 - 2013-10-30 06:57 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-23 11:30 - 2013-10-30 06:57 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-23 11:30 - 2013-10-30 06:57 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-23 11:30 - 2013-10-30 06:57 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-23 11:30 - 2013-10-30 06:57 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-23 11:30 - 2013-10-30 06:57 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2013-10-23 11:30 - 2013-10-30 06:57 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2013-10-23 11:30 - 2013-10-22 16:20 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-23 11:30 - 2013-09-20 14:21 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-10-23 11:30 - 2013-09-20 14:21 - 00023287 _____ C:\Windows\system32\nvinfo.pb
2013-10-23 11:30 - 2013-09-06 19:02 - 15212336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-10-23 11:30 - 2013-02-25 23:32 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-10-23 11:30 - 2013-02-25 23:32 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-10-23 11:30 - 2013-02-25 23:32 - 02695200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-10-23 09:20 - 2011-04-07 22:19 - 06669600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-10-23 09:20 - 2011-04-07 22:19 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-10-23 09:20 - 2011-04-07 22:19 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-10-23 09:20 - 2011-04-07 22:19 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-10-23 09:20 - 2011-04-07 22:19 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-10-23 09:20 - 2011-04-07 22:18 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-10-22 09:30 - 2013-06-12 15:30 - 00000000 ____D C:\Program Files\Lx_cats
2013-10-22 08:48 - 2013-02-08 22:21 - 00000000 ____D C:\Users\User\Desktop\Bilder
2013-10-22 08:43 - 2011-07-08 15:12 - 00000000 ____D C:\Users\User\AppData\Local\Windows Live
2013-10-17 14:50 - 2013-10-17 14:50 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-10-17 14:50 - 2013-10-17 14:49 - 00000810 _____ C:\Windows\setupact.log
2013-10-17 14:49 - 2013-10-17 14:49 - 00000000 _____ C:\Windows\setuperr.log
2013-10-17 05:51 - 2013-03-16 23:08 - 00626272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2013-10-17 05:51 - 2013-03-16 23:08 - 00090208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2013-10-17 05:51 - 2012-09-03 18:23 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys
2013-10-17 05:51 - 2012-09-03 17:57 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2013-10-17 05:51 - 2012-06-19 17:28 - 07717984 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2013-10-16 11:35 - 2013-10-16 11:35 - 00000000 ____D C:\ProgramData\Oracle
2013-10-16 11:34 - 2013-10-16 11:33 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-16 11:34 - 2012-07-05 21:08 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-16 01:48 - 2013-10-22 16:20 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll
2013-10-16 01:48 - 2013-10-22 16:20 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll
2013-10-09 11:38 - 2006-11-02 16:21 - 00280936 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-09 11:32 - 2010-10-06 10:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-09 11:27 - 2009-04-22 15:54 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-09 11:23 - 2008-11-14 13:52 - 01662072 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-09 11:20 - 2013-07-31 12:25 - 00000000 ____D C:\Windows\system32\MRT
2013-10-09 11:17 - 2006-11-02 13:35 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-10-08 06:50 - 2013-10-16 11:34 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 06:46 - 2013-10-16 11:35 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 06:46 - 2013-10-16 11:34 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 06:46 - 2013-10-16 11:34 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-04 23:01 - 2010-06-18 16:57 - 00000000 ____D C:\Users\User\AppData\Roaming\TS3Client
2013-10-04 14:27 - 2011-09-14 16:19 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-10-04 12:35 - 2013-10-04 12:35 - 00000000 ___SD C:\Users\User\Documents\Passwords Database
2013-10-02 06:24 - 2013-09-28 13:59 - 00003728 _____ C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2013-10-02 06:24 - 2013-07-20 14:36 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2013-10-02 06:24 - 2013-07-20 14:36 - 00000000 ____D C:\Program Files (x86)\AVG Secure Search
2013-10-02 06:23 - 2009-11-30 20:05 - 00000000 ____D C:\Program Files\Google
2013-10-02 06:23 - 2008-08-06 21:02 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-01 11:53 - 2009-11-30 20:05 - 00000000 ____D C:\ProgramData\Google
2013-10-01 11:53 - 2008-08-06 21:03 - 00000000 ____D C:\Users\User\AppData\Local\Google
Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.4596.dll
C:\Users\User\AdbeRdr90_de_DE.exe
C:\Users\User\ashampoo_winoptimizer505_sm.exe
C:\Users\User\d3dx9_30.dll
C:\Users\User\dotnetfx.exe
C:\Users\User\dotnetfx2.exe
C:\Users\User\Firefox Setup 3.0.1.exe
C:\Users\User\GameSpyInstaller263002REG.EXE
C:\Users\User\googleearthwin.exe
C:\Users\User\IE8-WindowsVista-x86-DEU.exe
C:\Users\User\SkypeSetup.exe
C:\Users\User\Windows6.0-KB936330-X86-wave0.exe
C:\Windows\Tasks\{03BA6005-F911-4FEC-9178-9913456B6B8C}.job
C:\Windows\Tasks\{25949BD3-CB5B-4423-A287-FAD1A14D3031}.job
C:\Windows\Tasks\{7C356296-2E00-4D66-A725-228473CE8776}.job
C:\Windows\Tasks\{86CED08D-A7AA-4BAE-A649-FF86FF6AB7BD}.job
C:\Windows\Tasks\{A8B90A61-A301-4DEE-A4C4-14469632EB60}.job
C:\Windows\Tasks\{D8F637E3-D0D9-43B5-871F-FCAEE0775CAD}.job
C:\Windows\Tasks\{DD7517F0-DB25-475B-82EE-99F36813E40C}.job
Some content of TEMP:
====================
C:\Users\User\AppData\Local\temp\apptorun.exe
C:\Users\User\AppData\Local\temp\setup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-31 09:46
==================== End Of Log ============================
|
|
01.11.2013, 10:55
| #14 |
| /// the machine /// TB-Ausbilder | Problem mit getwindowinfo Das ist schon fast unmöglich. Bitte alle 3 Tools von oben nochmal laufen lassen, bei MBAM auch löschen lassen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.11.2013, 14:20
| #15 |
| | Problem mit getwindowinfo ok jetzt ist es weg vielen dank und eine spende ist unterwegs  |
|
Linear-Darstellung
