| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: EXP/CVE-2013-2423.HV von AntiVir gefunden, was nun?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
09.11.2013, 00:59
| #1 |
 |  EXP/CVE-2013-2423.HV von AntiVir gefunden, was nun? Hallo, bei mir hat AntiVir das gefunden (EXP/CVE-2013-2423.HV) was kann ich dagegen tun? |
|
09.11.2013, 10:50
| #2 |
| /// the machine /// TB-Ausbilder    | EXP/CVE-2013-2423.HV von AntiVir gefunden, was nun? hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
09.11.2013, 18:04
| #3 |
| | EXP/CVE-2013-2423.HV von AntiVir gefunden, was nun? Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
__________________Ran by Didi (administrator) on DIETMAR on 09-11-2013 17:52:42 Running from C:\Users\Didi\Downloads Windows 8 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Microsoft Corporation) C:\Windows\system32\dashost.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (Dritek System INC.) C:\Windows\RfBtnSvc64.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (cake bake) C:\Program Files (x86)\Betcat\WBDesktop.Updater.1.0.0.17.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Intel Corporation) C:\Windows\system32\igfxext.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe (Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe (Qualcomm Atheros) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtTray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe () C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe () C:\Mouse driver\mouse_driver.exe () C:\Mouse driver\wh_exec.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe (CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Intel Corporation) C:\Windows\system32\igfxsrvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtPreLoad.exe [64640 2013-01-28] () HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor) HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Atheros Communications)) HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-08-21] (Nero AG) HKCU\...\Run: [Spotify Web Helper] - C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176 2012-09-27] () HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.) HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.) MountPoints2: {d583368b-3bee-11e2-be70-689423701dc5} - "E:\AutoRun.exe" MountPoints2: {d58336cc-3bee-11e2-be70-689423701dc5} - "E:\AutoRun.exe" MountPoints2: {f5c2b4c4-3c0e-11e2-be75-b888e3a5db27} - "G:\LaunchU3.exe" -a HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-03] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [NBKeyScan] - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1828136 2007-08-08] (Nero AG) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [uni mouse driver] - C:\Mouse driver\mouse_driver.exe [2972672 2011-11-09] () HKLM-x32\...\Run: [uni mouse driver tilt] - C:\Mouse driver\wh_exec.exe [147456 2010-10-05] () HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.) HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845832 2013-01-22] (Acer Incorporated) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com SearchScopes: HKLM - DefaultScope {1A36B4D0-DCFF-4AE1-A358-D288D012B9A5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS SearchScopes: HKLM - {1A36B4D0-DCFF-4AE1-A358-D288D012B9A5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS SearchScopes: HKLM-x32 - DefaultScope {1A36B4D0-DCFF-4AE1-A358-D288D012B9A5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS SearchScopes: HKLM-x32 - {1A36B4D0-DCFF-4AE1-A358-D288D012B9A5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS SearchScopes: HKCU - DefaultScope {1A36B4D0-DCFF-4AE1-A358-D288D012B9A5} URL = SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=2678689423701DC5&affID= Wo kann ich denn die ( Addition.txt ) Finden bitte? Geändert von Man19321 (09.11.2013 um 18:09 Uhr) |
|
10.11.2013, 07:20
| #4 | |
| /// the machine /// TB-Ausbilder | EXP/CVE-2013-2423.HV von AntiVir gefunden, was nun? Auf dem Dekstop, neben der FRST.txt. Zitat:
 So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.11.2013, 08:08
| #5 |
| | EXP/CVE-2013-2423.HV von AntiVir gefunden, was nun?FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by Didi (administrator) on DIETMAR on 09-11-2013 17:52:42
Running from C:\Users\Didi\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(cake bake) C:\Program Files (x86)\Betcat\WBDesktop.Updater.1.0.0.17.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Qualcomm Atheros) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtTray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Mouse driver\mouse_driver.exe
() C:\Mouse driver\wh_exec.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtPreLoad.exe [64640 2013-01-28] ()
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor)
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Atheros Communications))
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-08-21] (Nero AG)
HKCU\...\Run: [Spotify Web Helper] - C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176 2012-09-27] ()
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
MountPoints2: {d583368b-3bee-11e2-be70-689423701dc5} - "E:\AutoRun.exe"
MountPoints2: {d58336cc-3bee-11e2-be70-689423701dc5} - "E:\AutoRun.exe"
MountPoints2: {f5c2b4c4-3c0e-11e2-be75-b888e3a5db27} - "G:\LaunchU3.exe" -a
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [NBKeyScan] - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1828136 2007-08-08] (Nero AG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [uni mouse driver] - C:\Mouse driver\mouse_driver.exe [2972672 2011-11-09] ()
HKLM-x32\...\Run: [uni mouse driver tilt] - C:\Mouse driver\wh_exec.exe [147456 2010-10-05] ()
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845832 2013-01-22] (Acer Incorporated)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM - DefaultScope {1A36B4D0-DCFF-4AE1-A358-D288D012B9A5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {1A36B4D0-DCFF-4AE1-A358-D288D012B9A5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope {1A36B4D0-DCFF-4AE1-A358-D288D012B9A5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {1A36B4D0-DCFF-4AE1-A358-D288D012B9A5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {1A36B4D0-DCFF-4AE1-A358-D288D012B9A5} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=2678689423701DC5&affID=119649&tsp=4994
SearchScopes: HKCU - {1A36B4D0-DCFF-4AE1-A358-D288D012B9A5} URL =
SearchScopes: HKCU - {27034BDD-4A64-4EBD-BE39-D65EA29C8EF3} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=11a65610-e264-4899-ac2c-d69475ac96a6&apn_sauid=CBF1CC8F-441A-416B-BED8-1F4DC92B256F
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www2.mystart.com/results.php?pr=vmn&id=yolobartb&v=1_0&ent=ch&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Plus-HD-2.6 - {11111111-1111-1111-1111-110311341140} - C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-bho.dll (Plus HD)
BHO-x32: WebCake - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files (x86)\Betcat\WebCakeIEClient.dll (Bake-Cake)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default
FF user.js: detected! => C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\user.js
FF Homepage: https://www.google.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Didi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\searchplugins\BrowserProtect.xml
FF SearchPlugin: C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\searchplugins\findr-customized-web-search.xml
FF SearchPlugin: C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\searchplugins\google-default.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\mystarttb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Plus-HD-2.6 - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com
FF Extension: WebCake - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\plugin@getwebcake.com
FF Extension: DownloadHelper - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: Flash and Video Download - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
FF Extension: artur.dubovoy - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\artur.dubovoy@gmail.com.xpi
FF Extension: fvd_single_setup - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\{9051303c-7e41-4311-a783-d6fe5ef2832d}.xpi
FF Extension: prefs - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: Adblock Plus - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: bprivacyprefs - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-03] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-01-24] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [28560 2012-08-30] (ELAN Microelectronics Corp.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [836904 2007-08-08] (Nero AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-21] (Nero AG)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-02] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-27] (Dritek System INC.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)
R2 WebCakeUpdater; C:\Program Files (x86)\Betcat\WBDesktop.Updater.1.0.0.17.exe [51992 2013-11-08] (cake bake)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132088 2013-09-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-03-20] (Avira Operations GmbH & Co. KG)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 DFX11_1; C:\Windows\system32\drivers\dfx11_1x64.sys [28008 2012-08-29] (Windows (R) Win 7 DDK provider)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-27] (Dritek System Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
R3 whfltr2k; C:\Windows\System32\drivers\whfltr2k.sys [10368 2009-09-16] ()
R3 whfltr2k; C:\Windows\SysWow64\drivers\whfltr2k.sys [10368 2009-09-16] ()
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [246224 2009-12-07] (Huawei Technologies Co., Ltd.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-09 17:44 - 2013-11-09 17:45 - 00027605 _____ C:\Users\Didi\Downloads\Addition.txt
2013-11-09 17:44 - 2013-11-09 17:44 - 00000000 ____D C:\FRST
2013-11-09 17:43 - 2013-11-09 17:43 - 01957098 _____ (Farbar) C:\Users\Didi\Downloads\FRST64.exe
2013-11-09 00:39 - 2013-11-09 00:39 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-11-09 00:39 - 2013-11-09 00:39 - 00000000 ____D C:\Users\Didi\Desktop\mbar
2013-11-09 00:36 - 2013-11-09 00:36 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Didi\Downloads\mbar-1.07.0.1007.exe
2013-11-08 20:12 - 2013-11-08 20:12 - 00000000 ____D C:\Users\Didi\AppData\Roaming\Betcat
2013-11-08 19:58 - 2013-11-08 20:07 - 00000000 ____D C:\ProgramData\Norton
2013-11-08 19:53 - 2013-11-08 19:57 - 174694248 _____ (Symantec Corporation) C:\Users\Didi\Downloads\N360_20.1.0.24_SYMTB_PROMO_4_MRFTT_374_7492_DE1.exe
2013-11-08 07:10 - 2013-11-08 20:12 - 00000000 ____D C:\Program Files (x86)\Betcat
2013-11-08 05:12 - 2013-11-08 05:12 - 00000000 ____D C:\Users\Didi\AppData\Roaming\Malwarebytes
2013-11-08 05:11 - 2013-11-08 05:11 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Didi\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-08 05:11 - 2013-11-08 05:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-07 06:11 - 2013-11-07 06:11 - 00001787 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-07 06:10 - 2013-11-07 06:11 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-07 06:10 - 2013-11-07 06:11 - 00000000 ____D C:\Program Files\iTunes
2013-11-07 06:10 - 2013-11-07 06:11 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-07 06:10 - 2013-11-07 06:10 - 00000000 ____D C:\Program Files\iPod
2013-11-01 14:21 - 2013-11-01 14:21 - 00000000 ____D C:\Users\Didi\AppData\Roaming\Unity
2013-10-29 21:58 - 2013-10-29 21:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-29 05:31 - 2013-10-29 05:33 - 70555976 _____ (Apple Inc.) C:\Users\Didi\Downloads\iCloudSetup.exe
2013-10-27 03:40 - 2013-10-27 03:40 - 02429215 _____ C:\Users\Didi\Downloads\dbpbzfa767_db_PatrickRuppert_1280(3).zip
2013-10-27 03:39 - 2013-10-27 03:39 - 02429215 _____ C:\Users\Didi\Downloads\dbpbzfa767_db_PatrickRuppert_1280(2).zip
2013-10-27 02:46 - 2013-10-27 02:46 - 04399174 _____ C:\Users\Didi\Downloads\BR110_MFinken.zip
2013-10-27 02:45 - 2013-10-27 02:45 - 02429215 _____ C:\Users\Didi\Downloads\dbpbzfa767_db_PatrickRuppert_1280(1).zip
2013-10-27 02:44 - 2013-10-27 02:44 - 02429215 _____ C:\Users\Didi\Downloads\dbpbzfa767_db_PatrickRuppert_1280.zip
2013-10-27 02:43 - 2013-10-27 02:43 - 01951021 _____ C:\Users\Didi\Downloads\br440_db_1280_Pattrick.zip
2013-10-27 02:42 - 2013-10-27 02:43 - 02104807 _____ C:\Users\Didi\Downloads\BR111_MFinken.zip
2013-10-27 01:03 - 2013-10-27 01:03 - 00001462 _____ C:\Users\Didi\Desktop\iRinger.lnk
2013-10-27 01:02 - 2013-10-27 01:28 - 00000000 ____D C:\ProgramData\iRinger
2013-10-27 01:01 - 2013-10-27 01:01 - 04815840 _____ (Make The Cut, LLC.) C:\Users\Didi\Downloads\iRinger42.exe
2013-10-20 04:28 - 2013-10-20 04:28 - 11059256 _____ C:\Users\Didi\Downloads\Demostrecke_Update1_FCramer.zip
2013-10-20 03:23 - 2013-10-27 03:43 - 00000000 ____D C:\Users\Public\Documents\Loksim3D
2013-10-20 03:23 - 2013-10-27 03:43 - 00000000 ____D C:\Users\Didi\AppData\Local\Loksim3D
2013-10-20 03:23 - 2013-10-20 03:23 - 00001011 _____ C:\Users\Public\Desktop\Loksim3D.lnk
2013-10-20 03:23 - 2013-10-20 03:23 - 00000000 ____D C:\Users\Didi\AppData\Local\CrashRpt
2013-10-20 03:23 - 2013-10-20 03:23 - 00000000 ____D C:\Program Files (x86)\Loksim3D
2013-10-20 03:22 - 2013-10-20 03:22 - 00000000 ____D C:\Users\Didi\Downloads\Setup_Loksim3D-2_8_2a
2013-10-20 03:18 - 2013-10-20 03:20 - 80890735 _____ C:\Users\Didi\Downloads\Setup_Loksim3D-2_8_2a.zip
2013-10-20 01:52 - 2013-10-20 01:52 - 00000000 ___HD C:\$Windows.~BT
2013-10-18 13:32 - 2013-10-18 13:32 - 04105416 _____ (Gameforge 4D GmbH ) C:\Users\Didi\Downloads\Wizard101_Installer_DE.exe
2013-10-18 12:17 - 2013-10-18 12:17 - 00307760 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-18 05:18 - 2013-10-18 05:18 - 00000000 ____D C:\Users\Public\Documents\sun
2013-10-18 05:17 - 2013-10-18 05:17 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2013-10-18 05:08 - 2013-10-18 05:12 - 163606685 _____ C:\Users\Didi\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2013-10-18 04:26 - 2013-07-25 00:07 - 13661696 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2013-10-18 04:25 - 2013-09-14 02:15 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-10-18 04:25 - 2013-09-13 23:36 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-10-18 04:25 - 2013-09-13 23:36 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-10-18 04:25 - 2013-09-13 23:36 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-10-18 04:25 - 2013-09-13 23:36 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-10-18 04:25 - 2013-09-13 23:36 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-10-18 04:25 - 2013-09-13 23:34 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-10-18 04:25 - 2013-09-13 23:33 - 03279360 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-10-18 04:25 - 2013-09-13 23:33 - 01622016 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-10-18 04:25 - 2013-09-13 23:33 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-10-18 04:25 - 2013-09-13 23:33 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2013-10-18 04:25 - 2013-09-13 23:33 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-10-18 04:25 - 2013-09-13 23:33 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-10-18 04:25 - 2013-09-13 23:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-10-18 04:25 - 2013-09-13 23:33 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-10-18 04:25 - 2013-08-30 06:43 - 00061784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2013-10-18 04:25 - 2013-08-30 06:20 - 01173504 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2013-10-18 04:25 - 2013-08-30 00:48 - 00914432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2013-10-18 04:25 - 2013-08-21 07:39 - 00465240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-10-18 04:25 - 2013-08-10 07:30 - 00151896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2013-10-18 04:25 - 2013-08-10 06:21 - 00817152 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2013-10-18 04:25 - 2013-08-10 04:58 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-10-18 04:25 - 2013-07-25 00:10 - 10799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-10-18 04:25 - 2013-07-12 02:38 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2013-10-18 04:25 - 2013-07-12 02:30 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2013-10-17 04:26 - 2013-10-17 04:26 - 00001108 _____ C:\Users\Didi\Desktop\Calculator.lnk
2013-10-11 03:57 - 2013-10-11 03:57 - 100442783 _____ C:\Windows\SysWOW64\쪤亍瀴¶
==================== One Month Modified Files and Folders =======
2013-11-09 17:52 - 2012-12-01 21:24 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-09 17:45 - 2013-11-09 17:44 - 00027605 _____ C:\Users\Didi\Downloads\Addition.txt
2013-11-09 17:44 - 2013-11-09 17:44 - 00000000 ____D C:\FRST
2013-11-09 17:43 - 2013-11-09 17:43 - 01957098 _____ (Farbar) C:\Users\Didi\Downloads\FRST64.exe
2013-11-09 17:38 - 2013-03-07 05:13 - 00001122 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-09 17:18 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2013-11-09 17:00 - 2013-06-07 15:05 - 00001844 _____ C:\Windows\Tasks\Plus-HD-2.6-firefoxinstaller.job
2013-11-09 17:00 - 2013-06-07 15:05 - 00001212 _____ C:\Windows\Tasks\Plus-HD-2.6-codedownloader.job
2013-11-09 17:00 - 2013-06-07 15:05 - 00001208 _____ C:\Windows\Tasks\Plus-HD-2.6-updater.job
2013-11-09 17:00 - 2013-03-07 05:13 - 00001118 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-09 17:00 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-09 08:18 - 2012-07-26 06:26 - 00524288 ___SH C:\Windows\system32\config\BBI
2013-11-09 06:59 - 2012-12-01 20:48 - 02064791 _____ C:\Windows\WindowsUpdate.log
2013-11-09 00:39 - 2013-11-09 00:39 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-11-09 00:39 - 2013-11-09 00:39 - 00000000 ____D C:\Users\Didi\Desktop\mbar
2013-11-09 00:36 - 2013-11-09 00:36 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Didi\Downloads\mbar-1.07.0.1007.exe
2013-11-08 21:33 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-11-08 20:12 - 2013-11-08 20:12 - 00000000 ____D C:\Users\Didi\AppData\Roaming\Betcat
2013-11-08 20:12 - 2013-11-08 07:10 - 00000000 ____D C:\Program Files (x86)\Betcat
2013-11-08 20:09 - 2013-09-03 07:04 - 00000000 ____D C:\Users\Didi\AppData\Roaming\Tepfel
2013-11-08 20:07 - 2013-11-08 19:58 - 00000000 ____D C:\ProgramData\Norton
2013-11-08 20:07 - 2012-09-03 11:56 - 00673832 _____ C:\Windows\PFRO.log
2013-11-08 20:06 - 2012-07-26 09:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-11-08 20:06 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-11-08 19:57 - 2013-11-08 19:53 - 174694248 _____ (Symantec Corporation) C:\Users\Didi\Downloads\N360_20.1.0.24_SYMTB_PROMO_4_MRFTT_374_7492_DE1.exe
2013-11-08 05:21 - 2013-09-03 07:04 - 00000000 ____D C:\Program Files (x86)\Tepfel
2013-11-08 05:21 - 2012-12-02 03:53 - 00000000 ____D C:\Program Files (x86)\PricePeep
2013-11-08 05:12 - 2013-11-08 05:12 - 00000000 ____D C:\Users\Didi\AppData\Roaming\Malwarebytes
2013-11-08 05:11 - 2013-11-08 05:11 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Didi\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-08 05:11 - 2013-11-08 05:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-07 06:11 - 2013-11-07 06:11 - 00001787 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-07 06:11 - 2013-11-07 06:10 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-07 06:11 - 2013-11-07 06:10 - 00000000 ____D C:\Program Files\iTunes
2013-11-07 06:11 - 2013-11-07 06:10 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-07 06:10 - 2013-11-07 06:10 - 00000000 ____D C:\Program Files\iPod
2013-11-05 04:56 - 2012-12-02 01:02 - 00000000 ____D C:\Users\Didi\AppData\Roaming\Apple Computer
2013-11-05 04:55 - 2012-12-02 01:02 - 00000000 ____D C:\Users\Didi\AppData\Local\Apple Computer
2013-11-03 21:21 - 2012-12-08 06:18 - 00000000 ____D C:\Users\Didi\AppData\Local\CrashDumps
2013-11-03 20:26 - 2012-09-27 20:47 - 00763140 _____ C:\Windows\system32\perfh007.dat
2013-11-03 20:26 - 2012-09-27 20:47 - 00160234 _____ C:\Windows\system32\perfc007.dat
2013-11-03 20:26 - 2012-07-26 08:28 - 01772590 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-01 14:21 - 2013-11-01 14:21 - 00000000 ____D C:\Users\Didi\AppData\Roaming\Unity
2013-10-30 04:35 - 2012-12-01 21:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-29 21:58 - 2013-10-29 21:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-29 05:35 - 2012-12-02 01:01 - 00000000 ____D C:\ProgramData\Apple
2013-10-29 05:33 - 2013-10-29 05:31 - 70555976 _____ (Apple Inc.) C:\Users\Didi\Downloads\iCloudSetup.exe
2013-10-27 03:43 - 2013-10-20 03:23 - 00000000 ____D C:\Users\Public\Documents\Loksim3D
2013-10-27 03:43 - 2013-10-20 03:23 - 00000000 ____D C:\Users\Didi\AppData\Local\Loksim3D
2013-10-27 03:40 - 2013-10-27 03:40 - 02429215 _____ C:\Users\Didi\Downloads\dbpbzfa767_db_PatrickRuppert_1280(3).zip
2013-10-27 03:39 - 2013-10-27 03:39 - 02429215 _____ C:\Users\Didi\Downloads\dbpbzfa767_db_PatrickRuppert_1280(2).zip
2013-10-27 02:46 - 2013-10-27 02:46 - 04399174 _____ C:\Users\Didi\Downloads\BR110_MFinken.zip
2013-10-27 02:45 - 2013-10-27 02:45 - 02429215 _____ C:\Users\Didi\Downloads\dbpbzfa767_db_PatrickRuppert_1280(1).zip
2013-10-27 02:44 - 2013-10-27 02:44 - 02429215 _____ C:\Users\Didi\Downloads\dbpbzfa767_db_PatrickRuppert_1280.zip
2013-10-27 02:43 - 2013-10-27 02:43 - 01951021 _____ C:\Users\Didi\Downloads\br440_db_1280_Pattrick.zip
2013-10-27 02:43 - 2013-10-27 02:42 - 02104807 _____ C:\Users\Didi\Downloads\BR111_MFinken.zip
2013-10-27 01:28 - 2013-10-27 01:02 - 00000000 ____D C:\ProgramData\iRinger
2013-10-27 01:03 - 2013-10-27 01:03 - 00001462 _____ C:\Users\Didi\Desktop\iRinger.lnk
2013-10-27 01:01 - 2013-10-27 01:01 - 04815840 _____ (Make The Cut, LLC.) C:\Users\Didi\Downloads\iRinger42.exe
2013-10-23 18:50 - 2013-06-07 15:05 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.6
2013-10-22 19:26 - 2012-07-26 08:21 - 00039170 _____ C:\Windows\setupact.log
2013-10-20 04:28 - 2013-10-20 04:28 - 11059256 _____ C:\Users\Didi\Downloads\Demostrecke_Update1_FCramer.zip
2013-10-20 03:23 - 2013-10-20 03:23 - 00001011 _____ C:\Users\Public\Desktop\Loksim3D.lnk
2013-10-20 03:23 - 2013-10-20 03:23 - 00000000 ____D C:\Users\Didi\AppData\Local\CrashRpt
2013-10-20 03:23 - 2013-10-20 03:23 - 00000000 ____D C:\Program Files (x86)\Loksim3D
2013-10-20 03:22 - 2013-10-20 03:22 - 00000000 ____D C:\Users\Didi\Downloads\Setup_Loksim3D-2_8_2a
2013-10-20 03:20 - 2013-10-20 03:18 - 80890735 _____ C:\Users\Didi\Downloads\Setup_Loksim3D-2_8_2a.zip
2013-10-20 01:52 - 2013-10-20 01:52 - 00000000 ___HD C:\$Windows.~BT
2013-10-18 13:32 - 2013-10-18 13:32 - 04105416 _____ (Gameforge 4D GmbH ) C:\Users\Didi\Downloads\Wizard101_Installer_DE.exe
2013-10-18 12:17 - 2013-10-18 12:17 - 00307760 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-18 07:36 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2013-10-18 06:40 - 2012-12-01 20:54 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1429076904-2917619043-331896613-1002
2013-10-18 05:18 - 2013-10-18 05:18 - 00000000 ____D C:\Users\Public\Documents\sun
2013-10-18 05:17 - 2013-10-18 05:17 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2013-10-18 05:17 - 2013-09-03 06:06 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-10-18 05:12 - 2013-10-18 05:08 - 163606685 _____ C:\Users\Didi\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2013-10-18 04:30 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\WinStore
2013-10-17 04:26 - 2013-10-17 04:26 - 00001108 _____ C:\Users\Didi\Desktop\Calculator.lnk
2013-10-15 04:01 - 2013-06-07 15:05 - 00004212 _____ C:\Windows\System32\Tasks\Plus-HD-2.6-updater
2013-10-11 03:57 - 2013-10-11 03:57 - 100442783 _____ C:\Windows\SysWOW64\쪤亍瀴¶
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-09 06:52
==================== End Of Log ============================
|
|
10.11.2013, 15:59
| #6 | ||
| /// the machine /// TB-Ausbilder | EXP/CVE-2013-2423.HV von AntiVir gefunden, was nun?Zitat:
 Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ --> EXP/CVE-2013-2423.HV von AntiVir gefunden, was nun? |
|
10.11.2013, 16:32
| #7 |
| | EXP/CVE-2013-2423.HV von AntiVir gefunden, was nun?Code:
ATTFilter ComboFix 13-11-10.01 - Didi 10.11.2013 16:22:14.1.4 - x64
Microsoft Windows 8 6.2.9200.0.1252.49.1031.18.8007.4817 [GMT 1:00]
ausgeführt von:: c:\users\Didi\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\program files (x86)\PricePeep
c:\program files (x86)\PricePeep\installer.ico
c:\program files (x86)\PricePeep\pricepeep.crx
c:\program files (x86)\PricePeep\uninstall.exe
c:\users\Didi\AppData\Roaming\7go
c:\users\Didi\AppData\Roaming\7go\7go.crx
c:\users\Didi\AppData\Roaming\7go\icon.ico
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome.manifest
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\asyncDB.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\background.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\browserAction.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\contextMenu.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\dbManager.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\dom_bg.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\fileManager.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\firefox.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\firefoxNotifications.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\firefoxOmnibox.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\message.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\pageAction.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\request.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\tabs.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\webRequest.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\background.html
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\baseObject.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\browser.xul
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\console.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\consts.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\delegate.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\extensionDataStore.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\folderIOWrapper.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\httpObserver.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\IDBWrapper.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\installer.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\logFile.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\prefs.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\progressListenerObserver.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\registry.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\reloadObserver.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\reports.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\requestObject.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\searchSettings.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\uninstallObserver.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\updateManager.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\utils.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\xhr.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\dialog.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\main.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\options.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\options.xul
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\search_dialog.xul
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\defaults\preferences\prefs.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\manifest.xml
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins.json
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\1_base.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\101_cortica_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\102_dealply_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\103_intext_5_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\104_jollywallet_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\105_corticas_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\108_icm_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\116_ads_only_5_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\117_coupons_intext_ads_5_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\119_similar_web_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\120_luck_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\123_intext_adv_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\125_arcadi2_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\126_revizer_ws_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\127_revizer_p_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\128_superfish_pricora_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\129_widdit_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\135_arcadi3_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\138_getdeal_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\14_CrossriderUtils.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\141_corticas_ru_m.js.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\142_intext_fa_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\155_ibario_pops_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\159_cortica_rollover_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\17_jQuery.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\170_icm1_5_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\171_arcadi2_sourceID_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\175_coolmirage_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\178_revizer_ws_dynamic_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\179_revizer_p_dynamic_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\21_debug.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\22_resources.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\28_initializer.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\47_resources_background.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\64_appApiMessage.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\7_hooks.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\72_appApiValidation.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\78_CrossriderInfo.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\87_ginyas_wrapper.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\9_search_engine_hook.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\91_monetizationLoader.js.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\92_superfish_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\98_omniCommands.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\userCode\background.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\userCode\extension.js
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\install.rdf
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\locale\en-US\translations.dtd
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\button1.png
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\button2.png
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\button3.png
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\button4.png
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\button5.png
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\crossrider_statusbar.png
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\icon128.png
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\icon16.png
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\icon24.png
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\icon48.png
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\panelarrow-up.png
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\popup.html
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\skin.css
c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\update.css
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-10-10 bis 2013-11-10 ))))))))))))))))))))))))))))))
.
.
2013-11-09 16:44 . 2013-11-09 16:44 -------- d-----w- C:\FRST
2013-11-08 23:39 . 2013-11-08 23:39 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2013-11-08 19:12 . 2013-11-08 19:12 -------- d-----w- c:\users\Didi\AppData\Roaming\Betcat
2013-11-08 18:58 . 2013-11-08 19:07 -------- d-----w- c:\programdata\Norton
2013-11-08 06:10 . 2013-11-08 19:12 -------- d-----w- c:\program files (x86)\Betcat
2013-11-08 04:12 . 2013-11-08 04:12 -------- d-----w- c:\users\Didi\AppData\Roaming\Malwarebytes
2013-11-08 04:11 . 2013-11-08 04:11 -------- d-----w- c:\programdata\Malwarebytes
2013-11-07 05:10 . 2013-11-07 05:11 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-07 05:10 . 2013-11-07 05:11 -------- d-----w- c:\program files\iTunes
2013-11-07 05:10 . 2013-11-07 05:11 -------- d-----w- c:\program files (x86)\iTunes
2013-11-07 05:10 . 2013-11-07 05:10 -------- d-----w- c:\program files\iPod
2013-11-01 13:21 . 2013-11-01 13:21 -------- d-----w- c:\users\Didi\AppData\Roaming\Unity
2013-10-27 00:02 . 2013-10-27 00:28 -------- d-----w- c:\programdata\iRinger
2013-10-20 02:23 . 2013-10-27 02:43 -------- d-----w- c:\users\Didi\AppData\Local\Loksim3D
2013-10-20 02:23 . 2013-10-20 02:23 -------- d-----w- c:\users\Didi\AppData\Local\CrashRpt
2013-10-20 02:23 . 2013-10-20 02:23 -------- d-----w- c:\program files (x86)\Loksim3D
2013-10-20 00:52 . 2013-10-20 00:52 -------- d-----w- C:\$Windows.~BT
2013-10-18 03:26 . 2013-07-24 23:07 13661696 ----a-w- c:\windows\system32\Windows.UI.Xaml.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-09 05:06 . 2012-12-11 22:25 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-10-02 01:38 . 2012-12-11 22:35 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-02 01:38 . 2012-12-11 22:35 694232 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-22 23:28 . 2013-10-09 03:37 1767936 ----a-w- c:\windows\SysWow64\wininet.dll
2013-09-22 23:27 . 2013-10-09 03:37 2876928 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-09-22 22:55 . 2013-10-09 03:37 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2013-09-22 22:55 . 2013-10-09 03:37 2241024 ----a-w- c:\windows\system32\wininet.dll
2013-09-22 22:55 . 2013-10-09 03:37 1365504 ----a-w- c:\windows\system32\urlmon.dll
2013-09-22 22:54 . 2013-10-09 03:37 603136 ----a-w- c:\windows\system32\msfeeds.dll
2013-09-22 22:54 . 2013-10-09 03:37 19252224 ----a-w- c:\windows\system32\mshtml.dll
2013-09-22 22:54 . 2013-10-09 03:37 855552 ----a-w- c:\windows\system32\jscript.dll
2013-09-22 22:54 . 2013-10-09 03:37 3959296 ----a-w- c:\windows\system32\jscript9.dll
2013-09-22 22:54 . 2013-10-09 03:37 15404544 ----a-w- c:\windows\system32\ieframe.dll
2013-09-22 22:54 . 2013-10-09 03:37 2647552 ----a-w- c:\windows\system32\iertutil.dll
2013-09-03 09:59 . 2013-05-07 13:24 82136 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-09-03 09:59 . 2013-03-20 10:12 132088 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-09-03 09:59 . 2013-03-20 10:12 105344 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-08-23 05:11 . 2013-10-09 03:36 4040192 ----a-w- c:\windows\system32\win32k.sys
2013-08-21 02:20 . 2013-08-21 02:20 240304 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10214.bin
2013-08-16 05:41 . 2013-09-21 22:24 58200 ----a-w- c:\windows\system32\drivers\dam.sys
2013-08-16 05:39 . 2013-09-21 22:24 2371728 ----a-w- c:\windows\system32\WSService.dll
2013-08-16 05:32 . 2013-09-21 22:24 209200 ----a-w- c:\windows\system32\NotificationUI.exe
2013-08-16 05:22 . 2013-09-21 22:24 4917760 ----a-w- c:\windows\system32\sppsvc.exe
2013-08-16 05:21 . 2013-09-21 22:24 49664 ----a-w- c:\windows\system32\wups.dll
2013-08-16 05:21 . 2013-09-21 22:24 49152 ----a-w- c:\windows\system32\wups2.dll
2013-08-16 05:21 . 2013-09-21 22:24 688640 ----a-w- c:\windows\system32\WSShared.dll
2013-08-16 05:21 . 2013-09-21 22:24 183808 ----a-w- c:\windows\system32\WSSync.dll
2013-08-16 05:21 . 2013-09-21 22:24 204800 ----a-w- c:\windows\system32\WSClient.dll
2013-08-16 05:21 . 2013-09-21 22:24 198656 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.dll
2013-08-16 05:21 . 2013-09-21 22:24 163840 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-16 05:21 . 2013-09-21 22:24 1164288 ----a-w- c:\windows\system32\sppobjs.dll
2013-08-16 05:21 . 2013-09-21 22:24 368640 ----a-w- c:\windows\system32\sppwinob.dll
2013-08-16 05:21 . 2013-09-21 22:24 81408 ----a-w- c:\windows\system32\setupcln.dll
2013-08-16 05:21 . 2013-09-21 22:24 120320 ----a-w- c:\windows\system32\sppc.dll
2013-08-16 05:20 . 2013-09-21 22:24 105984 ----a-w- c:\windows\system32\WinSetupUI.dll
2013-08-15 22:43 . 2013-09-21 22:24 20992 ----a-w- c:\windows\SysWow64\wups.dll
2013-08-15 22:43 . 2013-09-21 22:24 562688 ----a-w- c:\windows\SysWow64\WSShared.dll
2013-08-15 22:43 . 2013-09-21 22:24 159232 ----a-w- c:\windows\SysWow64\WSSync.dll
2013-08-15 22:43 . 2013-09-21 22:24 143872 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.dll
2013-08-15 22:43 . 2013-09-21 22:24 83968 ----a-w- c:\windows\SysWow64\OEMLicense.dll
2013-08-15 22:43 . 2013-09-21 22:24 167424 ----a-w- c:\windows\SysWow64\WSClient.dll
2013-08-15 22:43 . 2013-09-21 22:24 124928 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-15 22:42 . 2013-09-21 22:24 76800 ----a-w- c:\windows\SysWow64\setupcln.dll
2013-08-15 22:42 . 2013-09-21 22:24 91648 ----a-w- c:\windows\SysWow64\sppc.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110311341140}]
2013-06-07 14:07 750952 ----a-w- c:\program files (x86)\Plus-HD-2.6\Plus-HD-2.6-bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}]
2013-11-08 06:10 202008 ----a-w- c:\program files (x86)\Betcat\WebCakeIEClient.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-08-15 15:39 277560 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-08-21 202024]
"Spotify Web Helper"="c:\program files (x86)\Spotify\Data\SpotifyWebHelper.exe" [2012-09-27 1193176]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-09-14 59720]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-09-15 59720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Home Theater v4"="c:\dolby pcee4\pcee4.exe" [2012-04-23 508256]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-09-03 347192]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"NBKeyScan"="c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"uni mouse driver"="c:\mouse driver\mouse_driver.exe" [2011-11-09 2972672]
"uni mouse driver tilt"="c:\mouse driver\wh_exec.exe" [2010-10-04 147456]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2012-07-26 62976]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Acer Backup Manager Tray.lnk - c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k [2012-11-2 624192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 BthLEEnum;Treiber für energiearme Bluetooth-Geräte;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
R3 DeviceFastLaneService;Device Fast-lane Service;c:\program files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe;c:\program files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [x]
R3 DFX11_1;DFX Audio Enhancer 11.1;c:\windows\system32\drivers\dfx11_1x64.sys;c:\windows\SYSNATIVE\drivers\dfx11_1x64.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [x]
S2 BrcmCardReader;Broadcom Card Reader Service;c:\program files\Broadcom\MemoryCard\BrcmCardReader.exe;c:\program files\Broadcom\MemoryCard\BrcmCardReader.exe [x]
S2 CCDMonitorService;CCDMonitorService;c:\program files (x86)\Acer\Acer Cloud\CCDMonitorService.exe;c:\program files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ETDService;Elan Service;c:\program files\Elantech\ETDService.exe;c:\program files\Elantech\ETDService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
S2 RfButtonDriverService;Dritek RF Button Command Service;c:\windows\RfBtnSvc64.exe;c:\windows\RfBtnSvc64.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WebCakeUpdater;WebCakeUpdater;c:\program files (x86)\Betcat\WBDesktop.Updater.1.0.0.17.exe;c:\program files (x86)\Betcat\WBDesktop.Updater.1.0.0.17.exe [x]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\System32\drivers\b57xdbd.sys;c:\windows\SYSNATIVE\drivers\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\System32\drivers\b57xdmp.sys;c:\windows\SYSNATIVE\drivers\b57xdmp.sys [x]
S3 bScsiMSa;bScsiMSa;c:\windows\System32\drivers\bScsiMSa.sys;c:\windows\SYSNATIVE\drivers\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\System32\drivers\bScsiSDa.sys;c:\windows\SYSNATIVE\drivers\bScsiSDa.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 ePowerSvc;ePower Service;c:\program files\Acer\Acer Power Management\ePowerSvc.exe;c:\program files\Acer\Acer Power Management\ePowerSvc.exe [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM)-Gigabit-Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 Ps2Kb2Hid;PS/2 Keyboard to HID Driver;c:\windows\System32\drivers\aPs2Kb2Hid.sys;c:\windows\SYSNATIVE\drivers\aPs2Kb2Hid.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]
S3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\System32\drivers\whfltr2k.sys;c:\windows\SYSNATIVE\drivers\whfltr2k.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2013-09-05 14:04 215416 ----a-w- c:\program files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll
.
Inhalt des "geplante Tasks" Ordners
.
2013-11-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-01 17:52]
.
2013-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-07 04:13]
.
2013-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-07 04:13]
.
2013-11-10 c:\windows\Tasks\Plus-HD-2.6-codedownloader.job
- c:\program files (x86)\Plus-HD-2.6\Plus-HD-2.6-codedownloader.exe [2013-06-07 14:07]
.
2013-11-10 c:\windows\Tasks\Plus-HD-2.6-firefoxinstaller.job
- c:\program files (x86)\Plus-HD-2.6\Plus-HD-2.6-firefoxinstaller.exe [2013-06-07 14:07]
.
2013-11-10 c:\windows\Tasks\Plus-HD-2.6-updater.job
- c:\program files (x86)\Plus-HD-2.6\Plus-HD-2.6-updater.exe [2013-06-07 14:07]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-08-15 15:39 336952 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BtPreLoad"="c:\program files (x86)\Qualcomm Atheros\Bluetooth Suite\BtPreLoad.exe" [2013-01-28 64640]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 3933496]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-01 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-01 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-01 441888]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-06-13 1212560]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3240727&SearchSource=3&q={searchTerms}&CUI=UN11167260372461042
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - ExtSQL: 2013-10-04 05:38; {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}; c:\users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 267847bd000000000000689423701dc5
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15951
FF - user.js: extensions.delta.vrsn - 1.8.24.6
FF - user.js: extensions.delta.vrsni - 1.8.24.6
FF - user.js: extensions.delta.vrsnTs - 1.8.24.68:03
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - de
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119649&tsp=4994
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
FF - user.js: extentions.webcake.installId - 0dd68b6c-8e8c-48d9-a070-b04d58036eb5
FF - user.js: extentions.webcake.defaultEnableAppsList - layers/inline,layers/shopping,layers/banner,layers/search,newOffers/wc
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
AddRemove-PricePeep - c:\program files (x86)\PricePeep\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1429076904-2917619043-331896613-1002CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:a3,c0,eb,62,19,13,ec,cc,82,a6,02,c7,7d,28,56,1f,06,c5,6c,8c,79,57,72,
07,bc,c8,4a,77,01,40,dd,e1,bc,34,cb,2d,16,52,96,d1,7a,e8,04,c0,4e,1c,4f,a8,\
"??"=hex:69,3e,43,58,9f,64,ba,75,fe,6b,77,07,2a,78,dd,74
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2013-11-10 16:28:22
ComboFix-quarantined-files.txt 2013-11-10 15:28
.
Vor Suchlauf: 11 Verzeichnis(se), 659.663.429.632 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 659.649.716.224 Bytes frei
.
- - End Of File - - F6750B751D35467566E789601E3C69C0
|
|
10.11.2013, 19:48
| #8 |
| /// the machine /// TB-Ausbilder | EXP/CVE-2013-2423.HV von AntiVir gefunden, was nun? Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.11.2013, 21:00
| #9 |
| | EXP/CVE-2013-2423.HV von AntiVir gefunden, was nun?Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.11.10.04 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16721 Didi :: DIETMAR [Administrator] Schutz: Deaktiviert 10.11.2013 20:22:17 mbam-log-2013-11-10 (20-22-17).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 272960 Laufzeit: 5 Minute(n), 2 Sekunde(n) Infizierte Speicherprozesse: 1 C:\Program Files (x86)\Betcat\WBDesktop.Updater.1.0.0.17.exe (PUP.Optional.WebCake.A) -> 2260 -> Löschen bei Neustart. Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 30 HKLM\SYSTEM\CurrentControlSet\Services\WebCakeUpdater (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{11111111-1111-1111-1111-110311341140} (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341140} (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} (Adware.WebCake) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} (Adware.WebCake) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892} (PUP.Optional.PricePeep.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12} (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} (PUP.WebCake) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} (PUP.WebCake) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA} (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\WebCakeIEClient.Api.1 (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\WebCakeIEClient.Api (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA} (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA} (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3} (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899} (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899} (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0033440.BHO (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0033440.Sandbox (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0033440.Sandbox.1 (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\AppID\PricePeep.DLL (PUP.Optional.PricePeep.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\AppID\WebCakeIEClient.DLL (PUP.WebCake) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\delta LTD (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\InstalledBrowserExtensions\Plus HD (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\babylontoolbar (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Plus-HD-2.6 (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh (PUP.WebCake) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-2.6 (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 19 C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38} (PUP.WebCake) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Cache (PUP.WebCake) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Tepfel (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\SpeedAnalysis3 (PUP.Optional.SpeedAnalysis3.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\Dealply (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\Dealply\UpdateProc (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\OpenCandy\12262D5E923D4C6C908B3FCDC2949043 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\OpenCandy\1F379D8BC1C046F59D5001958F067708 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\OpenCandy\383B513417A849E8A34FCF7025793022 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\OpenCandy\637241408A7C4E08801B6DF4E672B0CB (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\OpenCandy\B6AD4BE911BC406DB4382F2EE3928A6C (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\OpenCandy\D5D2CCF0AC3B45BD9804371D8562E24A (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\Tepfel (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\Tepfel\dat (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\Tepfel\dat\update (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\File Scout (PUP.Optional.FileScout.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-2.6 (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 58 C:\Program Files (x86)\Betcat\WBDesktop.Updater.1.0.0.17.exe (PUP.Optional.WebCake.A) -> Löschen bei Neustart. C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-bho.dll (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Betcat\WebCakeIEClient.dll (Adware.WebCake) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Betcat\WebCakeIEClient.dll (PUP.WebCake) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\OpenCandy\12262D5E923D4C6C908B3FCDC2949043\DeltaTB.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\OpenCandy\1F379D8BC1C046F59D5001958F067708\Findr_ALL_p1v2.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\Tepfel\WebCakeDesktop.exe (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\Downloads\FreeYouTubeDownload.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\Downloads\Setup-SopCast-3.8.3-2013-6-26.exe (PUP.Optional.Spigot.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\Plus-HD-2.6-codedownloader.job (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\Plus-HD-2.6-firefoxinstaller.job (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\Plus-HD-2.6-updater.job (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.ico (PUP.WebCake) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.dat (PUP.WebCake) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.exe (PUP.WebCake) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setup.dll (PUP.WebCake) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setupx.dll (PUP.WebCake) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Tepfel\WebCakeDesktop.Updater.InstallState (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Tepfel\sqlite3.exe (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Tepfel\WebCakeDesktop.Updater.exe (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\speedanalysis.ico (PUP.Optional.SpeedAnalysis2.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\SpeedAnalysis3\speedanalysis.crx (PUP.Optional.SpeedAnalysis3.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Mozilla Firefox\searchplugins\mystarttb.xml (PUP.Optional.VMNToolBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\Dealply\UpdateProc\config.dat (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\Dealply\UpdateProc\src.dat (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\Dealply\UpdateProc\TTL.DAT (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\OpenCandy\1F379D8BC1C046F59D5001958F067708\4674.ico (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\OpenCandy\1F379D8BC1C046F59D5001958F067708\conduitinstaller.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\OpenCandy\1F379D8BC1C046F59D5001958F067708\EBB77268-338F-4C6A-8590-AD88FED26F4A (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\OpenCandy\1F379D8BC1C046F59D5001958F067708\OCBrowserHelper_1.0.4.106.dll (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\OpenCandy\383B513417A849E8A34FCF7025793022\LatestDLMgr.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\OpenCandy\637241408A7C4E08801B6DF4E672B0CB\TuneUpUtilities2013-2200217-p3v0.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\OpenCandy\B6AD4BE911BC406DB4382F2EE3928A6C\TuneUpUtilities2013-2200218-p3v0.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\OpenCandy\D5D2CCF0AC3B45BD9804371D8562E24A\TuneUpUtilities2013-2200218_de-DE.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\Tepfel\PlugIns.cache (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\Tepfel\dat\Desktop.OS.dll (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\Tepfel\dat\Dora.dat (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\Tepfel\dat\Maintain.dat (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\Tepfel\dat\Paladin.dat (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\Tepfel\dat\Phoenix.dat (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\Tepfel\dat\sqlite3.dll (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Didi\AppData\Roaming\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-2.6\33440.xpi (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-2.6\background.html (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-2.6\Installer.log (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-bg.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-buttonutil.dll (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-buttonutil.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-buttonutil64.dll (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-buttonutil64.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-codedownloader.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-firefoxinstaller.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-helper.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-updater.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6.ico (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-2.6\Uninstall.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter # AdwCleaner v3.011 - Bericht erstellt am 10/11/2013 um 20:37:02
# Updated 03/11/2013 von Xplode
# Betriebssystem : Windows 8 (64 bits)
# Benutzername : Didi - DIETMAR
# Gestartet von : C:\Users\Didi\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : WebCakeUpdater
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Program Files (x86)\AskTBar
Ordner Gelöscht : C:\Program Files (x86)\Betcat
Ordner Gelöscht : C:\Program Files (x86)\Video Performer
Ordner Gelöscht : C:\Program Files (x86)\yolobartb
Ordner Gelöscht : C:\Users\Didi\AppData\Roaming\Betcat
Ordner Gelöscht : C:\Users\Didi\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Didi\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\Didi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Performer
Ordner Gelöscht : C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Smartbar
Ordner Gelöscht : C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\plugin@getwebcake.com
Datei Gelöscht : C:\Users\Public\Desktop\eBay.lnk
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\invalidprefs.js
Datei Gelöscht : C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\searchplugins\Askcom.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\searchplugins\BrowserProtect.xml
Datei Gelöscht : C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\user.js
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\gjajpkikblccgefaibcafkfbanllpefi
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gelöscht : HKCU\Software\590d9d1b03bbe15
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322342240}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355345540}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366346640}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355345540}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366346640}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\filescout
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\performersoft llc
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Plus-HD-2.6
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\smartbar
Schlüssel Gelöscht : HKLM\Software\AskTBar
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16537
-\\ Mozilla Firefox v25.0 (de)
[ Datei : C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\prefs.js ]
Zeile gelöscht : user_pref("CT2843456_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1359545144418,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Zeile gelöscht : user_pref("CT3240727_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1362973721843,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Zeile gelöscht : user_pref("Smartbar.ConduitHomepagesList", "");
Zeile gelöscht : user_pref("Smartbar.ConduitSearchEngineList", "");
Zeile gelöscht : user_pref("Smartbar.ConduitSearchUrlList", "");
Zeile gelöscht : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://www2.mystart.com/results.php?pr=vmn&id=yolobartb&v=1_0&ent=tb&q=");
Zeile gelöscht : user_pref("Smartbar.keywordURLSelectedCTID", "CT3240727");
Zeile gelöscht : user_pref("browser.search.defaultthis.engineName", "findr Customized Web Search");
Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3240727&SearchSource=3&q={searchTerms}&CUI=UN11167260372461042");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.newTab", true);
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.delta-search.com/?affID=119828&babsrc=NT_ss&mntrId=267847bd0000000000001a9423701dc5");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.InstallationThankYouPage", false);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.InstallationTime", 1370613997);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.active", true);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.addressbar", "NA");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.addressbarenhanced", "");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.asyncdb_dbWasSet", true);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.asyncdb_dbWasSet_FF25_FIX", true);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.asyncinternaldb_dbWasSet", true);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.asyncinternaldb_dbWasSet_FF25_FIX", true);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.backgroundjs", "\n\n/*****************************************************************************[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.backgroundver", 32);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.can_run_bg_code", true);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.certdomaininstaller", "");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.changeprevious", false);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.cookie.Affiliate_settings.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.cookie.Affiliate_settings.value", "%22%7B%5C%22initUrl%5C%22%3A%5C%22hxxp%3A//api.jollywallet.com/[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.cookie.InstallationTime.value", "1370613997");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.cookie._GPL_aoi.value", "%221374157119%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.cookie._GPL_parent_zoneid.value", "%22295634%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.cookie._GPL_zoneid.value", "%22295635%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.cookie.jw_token.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.cookie.jw_token.value", "%226673dc32-1d80-2cb3-8c3b-a44b2e65790c%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.cookie.key_list_id.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.cookie.key_list_id.value", "%2220120802-000%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.cookie.previous_page.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.cookie.previous_page.value", "%22hxxps%3A//www.google.com/%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.cookie.user_id.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.cookie.user_id.value", "%2213f1ef5dede1e43de6898d32fa6240a6%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.description", "Turn YouTube videos to High Definition by default");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.domain", "");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.enablesearch", false);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.homepage", "");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.iframe", false);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22ED0E003BBA5C4B54AB2749C3941A0[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_appVer.value", "146");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_lastVersion.value", "39");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_meta.value", "%7B%22tmp/lightbox.css%22%3A%7B%22id%22%3A354659%2C%22ver%22%3A[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_nextCheck.expiration", "Sun Nov 10 2013 22:44:45 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_nextCheck.value", "true");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_queue.value", "%7B%7D");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354659.expiration", "Mon Feb 03 2014 19:46:59 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354659.value", "%22.backdrop%5Cr%5Cn%5Ct%5Ct%7B%5Cr%5Cn%5Ct%5Ct%5Ctp[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354660.expiration", "Mon Feb 03 2014 19:46:59 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354660.value", "%22%3Cdiv%20id%3D%5C%22%3C%25%3DdialogId%25%3E_dialo[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354661.expiration", "Mon Feb 03 2014 19:46:59 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354661.value", "%22/*%21%20jQuery%20UI%20-%20v1.10.3%20-%202013-05-0[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354662.expiration", "Mon Feb 03 2014 19:46:59 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354662.value", "%22%5Cr%5Cn//%5Ctfunction%20close_box%28%29%5Cr%5Cn/[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354663.expiration", "Mon Feb 03 2014 19:46:59 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354663.value", "%22%3F%20Optional%20-%20add%20localization%20support[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354664.expiration", "Mon Feb 03 2014 19:46:59 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354664.value", "%22%5Ct%5Ct//UA-43911980-1%5Cr%5Cn%5Ct%5Ct//appAPI.a[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354666.expiration", "Mon Feb 03 2014 19:46:59 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354666.value", "%22%7B%5Cr%5Cn%5C%22mobile%5C%22%3A%5B%5C%22com.ea.g[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354667.expiration", "Mon Feb 03 2014 19:46:59 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354667.value", "%22%7B%5Cr%5Cn%5C%22youtube.com%5C%22%3A%5B%5C%22com[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354668.expiration", "Mon Feb 03 2014 19:46:59 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354668.value", "%22%5B%5Cr%5Cn%5Ct%5Ct%7B%5Cr%5Cn%5Ct%5Ct%5Ct%5C%22i[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354671.expiration", "Mon Feb 03 2014 19:46:59 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354671.value", "%22%3Cdiv%20class%3D%5C%22w2m_slider_hash2313523ff4w[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354672.expiration", "Mon Feb 03 2014 19:46:59 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354672.value", "%22%3Cdiv%20class%3D%5C%22w2m_slider_hash2313523ff4w[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354674.expiration", "Mon Feb 03 2014 19:46:59 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354674.value", "%22a%20img%2C%20%3Alink%20img%2C%20%3Avisited%20img%[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354676.expiration", "Mon Feb 03 2014 19:46:59 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354676.value", "%22jQuery.easing.jswing%3DjQuery.easing.swing%3B%5Cr[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354678.expiration", "Mon Feb 03 2014 19:46:59 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354678.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEU[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354679.expiration", "Mon Feb 03 2014 19:46:59 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354679.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEU[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354680.expiration", "Mon Feb 03 2014 19:46:59 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354680.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEU[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354681.expiration", "Mon Feb 03 2014 19:46:59 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354681.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEU[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb._country_code_.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb._country_code_.value", "%22DE%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/098f1094523324ac59b427a0c2532d9d_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/098f1094523324ac59b427a0c2532d9d_DE.value", "%22var%20cat_098f1094523324ac59b427a[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/1bb25568f8455e74906142466f792c87_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/1bb25568f8455e74906142466f792c87_DE.value", "%22var%20cat_1bb25568f8455e749061424[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/24c75ee12874b5775f0bdc6920d078a8_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/24c75ee12874b5775f0bdc6920d078a8_DE.value", "%22var%20cat_24c75ee12874b5775f0bdc6[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/253712f62fa354f36c490a3f42ba9bfc_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/253712f62fa354f36c490a3f42ba9bfc_DE.value", "%22var%20cat_253712f62fa354f36c490a3[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/286965653b415f505622ea74d2bd3bbe_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/286965653b415f505622ea74d2bd3bbe_DE.value", "%22var%20cat_286965653b415f505622ea7[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/2a71b3b28494cf1854d333288ccc18ba_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/2a71b3b28494cf1854d333288ccc18ba_DE.value", "%22var%20cat_2a71b3b28494cf1854d3332[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/2d468ab97ca7b06a3c21e9e97b353a62_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/2d468ab97ca7b06a3c21e9e97b353a62_DE.value", "%22var%20cat_2d468ab97ca7b06a3c21e9e[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/3518e1eac042730aa1274618984462b3_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/3518e1eac042730aa1274618984462b3_DE.value", "%22var%20cat_3518e1eac042730aa127461[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/3fb584595510ffd42fa9866ce0f84f32_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/3fb584595510ffd42fa9866ce0f84f32_DE.value", "%22var%20cat_3fb584595510ffd42fa9866[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/4c3f63645c68db469df209c2dc3a46aa_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/4c3f63645c68db469df209c2dc3a46aa_DE.value", "%22var%20cat_4c3f63645c68db469df209c[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/530e52021dc20843b1aa62957edeb9f8.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/530e52021dc20843b1aa62957edeb9f8_expire.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/530e52021dc20843b1aa62957edeb9f8_expire.value", "%221377425378905%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/530e52021dc20843b1aa62957edeb9f8_version.expiration", "Fri Feb 01 2030 00:00:00 G[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/530e52021dc20843b1aa62957edeb9f8_version.value", "%2287a49318c9967e16f5fedce97a18[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/56df29dfef36d0a64d0b754d8b7aa1df_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/56df29dfef36d0a64d0b754d8b7aa1df_DE.value", "%22var%20cat_56df29dfef36d0a64d0b754[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9.value", "%22function%20tcmMarkWindow%28a%29%7Bva[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9_expire.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9_expire.value", "%221377413429529%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9_version.expiration", "Fri Feb 01 2030 00:00:00 G[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9_version.value", "%22a64db70efdf0ace7131e2fcedb58[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/62cce7d26ab5636bceb113b988d56c59_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/62cce7d26ab5636bceb113b988d56c59_DE.value", "%22var%20cat_62cce7d26ab5636bceb113b[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/658987e48ed8b4a20fa71afdd0c84454_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/658987e48ed8b4a20fa71afdd0c84454_DE.value", "%22var%20cat_658987e48ed8b4a20fa71af[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/6d4100dc97e9abad47303e5e0d38b2b6_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/6d4100dc97e9abad47303e5e0d38b2b6_DE.value", "%22var%20cat_6d4100dc97e9abad47303e5[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/7b5c48ef44d1cfcc48ffa2be5044fe7c_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/7b5c48ef44d1cfcc48ffa2be5044fe7c_DE.value", "%22var%20cat_7b5c48ef44d1cfcc48ffa2b[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/833447eaff04548ccb80787286a7cad9_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/833447eaff04548ccb80787286a7cad9_DE.value", "%22var%20cat_833447eaff04548ccb80787[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/9c3a4c3f7d10f85147fa09d19f610015_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/9c3a4c3f7d10f85147fa09d19f610015_DE.value", "%22var%20cat_9c3a4c3f7d10f85147fa09d[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/9fde1e4ac93162562a3cb3a2ca4a207d_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/9fde1e4ac93162562a3cb3a2ca4a207d_DE.value", "%22var%20cat_9fde1e4ac93162562a3cb3a[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/aa36bceec49c832079e270icmc219ats.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/aa36bceec49c832079e270icmc219ats.value", "%22tcmPredefineRulesDict%3D%5B%5B%27351[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/b3688636ecfdc491aea728939c15f43e_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/b3688636ecfdc491aea728939c15f43e_DE.value", "%22var%20cat_b3688636ecfdc491aea7289[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/bdd26d3b7ab2292048466bbb3ec4a74d_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/bdd26d3b7ab2292048466bbb3ec4a74d_DE.value", "%22var%20cat_bdd26d3b7ab2292048466bb[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/d5baae4ef839769f8eb7e9f9d82d8a40_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/d5baae4ef839769f8eb7e9f9d82d8a40_DE.value", "%22var%20cat_d5baae4ef839769f8eb7e9f[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/d965aead622233a60676ef2349956f38_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/d965aead622233a60676ef2349956f38_DE.value", "%22var%20cat_d965aead622233a60676ef2[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/d9fe5d2850f1ed167451b193e8bd0e0c_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/d9fe5d2850f1ed167451b193e8bd0e0c_DE.value", "%22var%20cat_d9fe5d2850f1ed167451b19[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/ddedfe6ede02f148caf19a2dec7f877d_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/ddedfe6ede02f148caf19a2dec7f877d_DE.value", "%22var%20cat_ddedfe6ede02f148caf19a2[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/e3cd5b2c64ca319aadec7c28c6c6feba_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/e3cd5b2c64ca319aadec7c28c6c6feba_DE.value", "%22var%20cat_e3cd5b2c64ca319aadec7c2[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/e7395ccc0c22b2cca7bf3e0c7db4d8a6_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/e7395ccc0c22b2cca7bf3e0c7db4d8a6_DE.value", "%22var%20cat_e7395ccc0c22b2cca7bf3e0[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%22ED0E003B[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.aliveNotificationMarker.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.aliveNotificationMarker.value", "%221%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.aliveNotificationMarker_Expiration.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.aliveNotificationMarker_Expiration.value", "%221377468000000%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.06af67eb36bbcc3ab13880d10afae860.expiration", "Fri Feb 01 2030 00:0[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.06af67eb36bbcc3ab13880d10afae860.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.06af67eb36bbcc3ab13880d10afae860_Expiration.expiration", "Fri Feb 0[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.06af67eb36bbcc3ab13880d10afae860_Expiration.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.0b3f96c3626116c3f9b93f7102c5d829.expiration", "Fri Feb 01 2030 00:0[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.0b3f96c3626116c3f9b93f7102c5d829.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.0b3f96c3626116c3f9b93f7102c5d829_Expiration.expiration", "Fri Feb 0[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.0b3f96c3626116c3f9b93f7102c5d829_Expiration.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.1c8d27171c45e3ddc2fddf97fc9b78b0.expiration", "Fri Feb 01 2030 00:0[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.1c8d27171c45e3ddc2fddf97fc9b78b0.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.1c8d27171c45e3ddc2fddf97fc9b78b0_Expiration.expiration", "Fri Feb 0[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.1c8d27171c45e3ddc2fddf97fc9b78b0_Expiration.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.492e4fc1f0a604914e906c39c9a810da.expiration", "Fri Feb 01 2030 00:0[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.492e4fc1f0a604914e906c39c9a810da.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.492e4fc1f0a604914e906c39c9a810da_Expiration.expiration", "Fri Feb 0[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.492e4fc1f0a604914e906c39c9a810da_Expiration.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.52bd9f0a029db2e2278080a4d775ed4b.expiration", "Fri Feb 01 2030 00:0[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.52bd9f0a029db2e2278080a4d775ed4b.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.52bd9f0a029db2e2278080a4d775ed4b_Expiration.expiration", "Fri Feb 0[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.52bd9f0a029db2e2278080a4d775ed4b_Expiration.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.826f06347b57e1867fb163d007eb1772.expiration", "Fri Feb 01 2030 00:0[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.826f06347b57e1867fb163d007eb1772.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.826f06347b57e1867fb163d007eb1772_Expiration.expiration", "Fri Feb 0[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.826f06347b57e1867fb163d007eb1772_Expiration.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.d070391379c7e6a2af568865dc45e1a2.expiration", "Fri Feb 01 2030 00:0[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.d070391379c7e6a2af568865dc45e1a2.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.d070391379c7e6a2af568865dc45e1a2_Expiration.expiration", "Fri Feb 0[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.d070391379c7e6a2af568865dc45e1a2_Expiration.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.dc62f3989351314caa53db6521b92601.expiration", "Fri Feb 01 2030 00:0[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.dc62f3989351314caa53db6521b92601.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.dc62f3989351314caa53db6521b92601_Expiration.expiration", "Fri Feb 0[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.dc62f3989351314caa53db6521b92601_Expiration.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.dcc76586856480a58ea86b6e4f232051.expiration", "Fri Feb 01 2030 00:0[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.dcc76586856480a58ea86b6e4f232051.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.dcc76586856480a58ea86b6e4f232051_Expiration.expiration", "Fri Feb 0[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.dcc76586856480a58ea86b6e4f232051_Expiration.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.f4bc944da28847c8146c8c3443870335.expiration", "Fri Feb 01 2030 00:0[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.f4bc944da28847c8146c8c3443870335.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.f4bc944da28847c8146c8c3443870335_Expiration.expiration", "Fri Feb 0[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.f4bc944da28847c8146c8c3443870335_Expiration.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.ffcad1f96e003d6d1a1980609a65ff1e.expiration", "Fri Feb 01 2030 00:0[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.ffcad1f96e003d6d1a1980609a65ff1e.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.ffcad1f96e003d6d1a1980609a65ff1e_Expiration.expiration", "Fri Feb 0[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.categoryMarked.ffcad1f96e003d6d1a1980609a65ff1e_Expiration.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.clickProtectMarker.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.clickProtectMarker.value", "%221%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.clickProtectMarker_Expiration.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.clickProtectMarker_Expiration.value", "%221377231464149%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.clickProtectTransitionMarker.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.clickProtectTransitionMarker.value", "%221%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.clickProtectTransitionMarker_Expiration.expiration", "Fri Feb 01 2030 00:00:00 GMT[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.clickProtectTransitionMarker_Expiration.value", "%221377336379962%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.globalDoubleImpressionProtection.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100")[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.globalDoubleImpressionProtection.value", "%221%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.globalDoubleImpressionProtection_Expiration.expiration", "Fri Feb 01 2030 00:00:00[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.globalDoubleImpressionProtection_Expiration.value", "%221377425386065%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.impressions.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.impressions.value", "%22d070391379c7e6a2af568865dc45e1a2%2C1377413431762%2C4%3B4e6[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.impressions_Expiration.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.impressions_Expiration.value", "%221377468000000%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.initialDayDelayMarker.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.initialDayDelayMarker.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.initialDayDelayMarker_Expiration.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100")[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.initialDayDelayMarker_Expiration.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.openFirstTimeBrowserToday.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.openFirstTimeBrowserToday.value", "%221%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.openFirstTimeBrowserToday_Expiration.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.openFirstTimeBrowserToday_Expiration.value", "%221377468000000%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.preDefRuleImpressions.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.preDefRuleImpressions.value", "%22d5baae4ef839769f8eb7e9f9d82d8a40%2C1377413431762[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.preDefRuleImpressions_Expiration.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100")[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.preDefRuleImpressions_Expiration.value", "%221377468000000%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.quirksCount.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.quirksCount.value", "%220%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.quirksCount_Expiration.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.quirksCount_Expiration.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.version.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.version.value", "%220.3%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.version_Expiration.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.tcm2.version_Expiration.value", "%221377468000000%22");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.js", "\n\n /************************************************************************************\[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.lastDailyReport", "1384049725540");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.lastUpdate", "1384049725055");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.manifesturl", "");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.name", "Plus-HD-2.6");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.newtab", "");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.opensearch", "");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return app[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_1.name", "base");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_1.ver", 7);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_101.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_101.name", "cortica_m");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_101.ver", 3);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_102.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_102.name", "dealply_m");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_102.ver", 4);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_103.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_103.name", "intext_5_m");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_103.ver", 4);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_104.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_104.name", "jollywallet_m");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_104.ver", 4);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_105.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_105.name", "corticas_m");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_105.ver", 2);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_107.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_107.name", "coupish_m");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_107.ver", 3);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_108.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_108.name", "icm_m");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_108.ver", 6);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_116.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_116.name", "ads_only_5_m");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_116.ver", 4);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_117.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_117.name", "coupons_intext_ads_5_m");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_117.ver", 4);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_119.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_119.name", "similar_web_m");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_119.ver", 2);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_120.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_120.name", "luck_m");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_120.ver", 2);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_123.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_123.name", "intext_adv_m");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_123.ver", 3);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_124.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_124.name", "superfish_no_search_no_coupons_m");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_124.ver", 2);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_125.code", "// for stats use - banners\n\nif (typeof appAPI.internal.monetization =[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_125.name", "arcadi2_m");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_125.ver", 4);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_126.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_126.name", "revizer_ws_m");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_126.ver", 7);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_127.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_127.name", "revizer_p_m");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_127.ver", 7);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_128.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_128.name", "superfish_pricora_m");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_128.ver", 2);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_129.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_129.name", "widdit_m");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_129.ver", 1);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_13.code", "(function(a){a.selectedText=function(e,c){function d(){if(window.getSele[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_13.name", "CrossriderAppUtils");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_13.ver", 3);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_135.code", "// for stats use - banners\n\nif (typeof appAPI.internal.monetization =[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_135.name", "arcadi3_m");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_135.ver", 2);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_138.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_138.name", "getdeal_m");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_138.ver", 2);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined\"){appAPI={};}var CR__bIsIEWindow=false;[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_14.name", "CrossriderUtils");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_14.ver", 9);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_141.code", "if(typeof appAPI.internal.monetization===\"undefined\"){appAPI.internal[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_141.name", "corticas_ru_m.js");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_141.ver", 1);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_142.code", "if(typeof appAPI.internal.monetization===\"undefined\"){appAPI.internal[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_142.name", "intext_fa_m");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_142.ver", 1);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_155.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_155.name", "ibario_pops_m");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_155.ver", 1);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_16.name", "FFAppAPIWrapper");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_16.ver", 10);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_17.name", "jQuery");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_17.ver", 4);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.a[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_21.name", "debug");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_21.ver", 4);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(b){this.que[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_22.name", "resources");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_22.ver", 5);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_con[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_28.name", "initializer");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_28.ver", 3);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_4.code", "");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_4.name", "jquery_1_7_1");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_4.ver", 4);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_47.name", "resources_background");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_47.ver", 3);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_64.code", "(function(){var j=\"__CR_EMPTY_CHANNEL__\";var d=function(e){return(type[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_64.name", "appApiMessage");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_64.ver", 3);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_72.code", "if(appAPI.__should_activate_validation__===true){(function(){var d={WRON[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_72.name", "appApiValidation");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_72.ver", 3);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_78.code", "if(typeof jQuery!==\"undefined\"&&(jQuery)&&typeof navigator!==\"undefin[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_78.name", "CrossriderInfo");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_78.ver", 4);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_87.code", "var CROSSRIDER_PLATFORM=true;var JQ=bbrsJQ=$jquery;if(appAPI.platform==\[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_87.name", "ginyas_wrapper");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_87.ver", 4);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_91.code", "(function(h){var p=(function(){var R=0;var Z=\"\";function Q(ac){return [...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_91.name", "monetizationLoader.js");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_91.ver", 14);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_92.code", "if(typeof appAPI.internal.monetization===\"undefined\"){appAPI.internal.[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_92.name", "superfish_m");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_92.ver", 3);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_93.code", "if(typeof appAPI.internal.monetization===\"undefined\"){appAPI.internal.[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_93.name", "superfish_no_coupons_m");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_93.ver", 5);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_98.code", "(function(){var b=\"cr_\"+appAPI.appID+\"internalMessage\";var a=functio[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_98.name", "omniCommands");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_98.ver", 2);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins_lists.plugins_0", "4,14,78,16,64,47,72,98,91");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,22,72,98,155,142,141,138,135,129,128,127,126,1[...]
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins_lists.plugins_5", "4,14,78,13,16,64,47,72");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/33440/plugins/093/ff/plugins.json");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.pluginsversion", 107);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.publisher", "Plus HD");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.searchstatus", 0);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.setnewtab", false);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.thankyou", "");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.updateinterval", 360);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.ver", 146);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.apps", "33440");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.bic", "13f1ef5dede1e43de6898d32fa6240a6");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.cid", 33440);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.firstrun", false);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.hadappinstalled", true);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.installationdate", 1370613997);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.lastcheck", 23068305);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.lastcheckitem", 23068536);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.modetype", "production");
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.reportInstall", true);
Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.statsDailyCounter", 502);
Zeile gelöscht : user_pref("extensions.crossrider.bic", "13f1ef5dede1e43de6898d32fa6240a6");
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.bbDpng", "3");
Zeile gelöscht : user_pref("extensions.delta.cntry", "DE");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.hdrMd5", "6AE321D8BEAD96B0AA06BC8668B611B6");
Zeile gelöscht : user_pref("extensions.delta.id", "267847bd000000000000689423701dc5");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15951");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.lastVrsnTs", "1.8.24.68:03:57");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.sg", "azb");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.24.6");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.24.68:03:57");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.24.6");
Zeile gelöscht : user_pref("extensions.delta_i.babExt", "");
Zeile gelöscht : user_pref("extensions.delta_i.babTrack", "affID=119649&tsp=4994");
Zeile gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
Zeile gelöscht : user_pref("extensions.enabledAddons", "%7B9051303c-7e41-4311-a783-d6fe5ef2832d%7D:20.0.1,%7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.3.3.15,%7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21,plugin%40[...]
Zeile gelöscht : user_pref("extensions.ffxtlbr@delta.com.install-event-fired", true);
Zeile gelöscht : user_pref("extensions.plugin@getwebcake.com.install-event-fired", true);
Zeile gelöscht : user_pref("extentions.webcake.defaultEnableAppsList", "layers/inline,layers/shopping,layers/banner,layers/search,newOffers/wc");
Zeile gelöscht : user_pref("extentions.webcake.installId", "0dd68b6c-8e8c-48d9-a070-b04d58036eb5");
Zeile gelöscht : user_pref("smartBar.searchInNewTabOwner", "CT3240727");
Zeile gelöscht : user_pref("smartbar.machineId", "IFT8DDIKSKIGOKVYCHTMZWUE11UZF43ZRAM16YRWO/AHTU4R9J+2QZN0+YIBVDGNL/PHXC1DOKN1QEA/IQEXUA");
*************************
AdwCleaner[R0].txt - [86588 octets] - [10/11/2013 20:36:19]
AdwCleaner[S0].txt - [85976 octets] - [10/11/2013 20:37:02]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [86037 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 8 x64
Ran by Didi on 10.11.2013 at 20:49:14,14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1429076904-2917619043-331896613-1002\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\webcakeupdater
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{27034BDD-4A64-4EBD-BE39-D65EA29C8EF3}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\apn"
~~~ FireFox
Successfully deleted: [Folder] C:\Users\Didi\AppData\Roaming\mozilla\firefox\profiles\iywk4e9y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com
Successfully deleted the following from C:\Users\Didi\AppData\Roaming\mozilla\firefox\profiles\iywk4e9y.default\prefs.js
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.backgroundjs", "\n\n/****************************************************
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_meta.value", "%7B%22tmp/lightbox.css%22%3A%7B%22id%2
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354667.value", "%22%7B%5Cr%5Cn%5C%22youtube
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354668.value", "%22%5B%5Cr%5Cn%5Ct%5Ct%7B%5
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354678.value", "%22data%3Aimage/png%3Bbase6
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354680.value", "%22data%3Aimage/png%3Bbase6
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_354681.value", "%22data%3Aimage/png%3Bbase6
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/530e52021dc20843b1aa62957edeb9f8.value", "%22var%20adsDe
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.js", "\n\n/**************************************************************
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_102.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_119.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_120.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_123.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_13.name", "CrossriderAppUtils");
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_138.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_14.name", "CrossriderUtils");
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBack
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQu
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_175.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],regi
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){va
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.res
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_78.name", "CrossriderInfo");
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_87.code", "var CROSSRIDER_PLATFORM=true;var JQ=bbrsJQ=$jqu
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_9.code", "appAPI.hooks.addHook(\"searchEngine\",(function(
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_91.code", "(function(h){var p=(function(){var R=0;var Z=\"
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_92.code", "if(typeof appAPI.internal.monetization===\"unde
user_pref("extensions.crossrider.bic", "1424387451fe57660542bb88842ad938");
Emptied folder: C:\Users\Didi\AppData\Roaming\mozilla\firefox\profiles\iywk4e9y.default\minidumps [480 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.11.2013 at 20:53:48,75
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Gruss und Danke. |
|
11.11.2013, 05:12
| #10 |
| | EXP/CVE-2013-2423.HV von AntiVir gefunden, was nun?FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2013 01
Ran by Didi (administrator) on DIETMAR on 11-11-2013 05:10:00
Running from C:\Users\Didi\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Qualcomm Atheros) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Mouse driver\mouse_driver.exe
() C:\Mouse driver\wh_exec.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Farbar) C:\Users\Didi\Downloads\FRST64(1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtPreLoad.exe [64640 2013-01-28] ()
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor)
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-08-21] (Nero AG)
HKCU\...\Run: [Spotify Web Helper] - C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176 2012-09-27] ()
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [NBKeyScan] - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1828136 2007-08-08] (Nero AG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [uni mouse driver] - C:\Mouse driver\mouse_driver.exe [2972672 2011-11-09] ()
HKLM-x32\...\Run: [uni mouse driver tilt] - C:\Mouse driver\wh_exec.exe [147456 2010-10-05] ()
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845832 2013-01-22] (Acer Incorporated)
HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845832 2013-01-22] (Acer Incorporated)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {1A36B4D0-DCFF-4AE1-A358-D288D012B9A5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {1A36B4D0-DCFF-4AE1-A358-D288D012B9A5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {1A36B4D0-DCFF-4AE1-A358-D288D012B9A5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - {1A36B4D0-DCFF-4AE1-A358-D288D012B9A5} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default
FF Homepage: https://www.google.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Didi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\searchplugins\findr-customized-web-search.xml
FF SearchPlugin: C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\searchplugins\google-default.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: Flash and Video Download - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
FF Extension: artur.dubovoy - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\artur.dubovoy@gmail.com.xpi
FF Extension: fvd_single_setup - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\{9051303c-7e41-4311-a783-d6fe5ef2832d}.xpi
FF Extension: prefs - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: Adblock Plus - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: bprivacyprefs - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-03] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-01-24] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [28560 2012-08-30] (ELAN Microelectronics Corp.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [836904 2007-08-08] (Nero AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-21] (Nero AG)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-02] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-27] (Dritek System INC.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132088 2013-09-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-03-20] (Avira Operations GmbH & Co. KG)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 DFX11_1; C:\Windows\system32\drivers\dfx11_1x64.sys [28008 2012-08-29] (Windows (R) Win 7 DDK provider)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-27] (Dritek System Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
R3 whfltr2k; C:\Windows\System32\drivers\whfltr2k.sys [10368 2009-09-16] ()
R3 whfltr2k; C:\Windows\SysWow64\drivers\whfltr2k.sys [10368 2009-09-16] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [246224 2009-12-07] (Huawei Technologies Co., Ltd.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-11 05:09 - 2013-11-11 05:09 - 01957590 _____ (Farbar) C:\Users\Didi\Downloads\FRST64(1).exe
2013-11-10 20:53 - 2013-11-10 20:53 - 00006802 _____ C:\Users\Didi\Desktop\JRT.txt
2013-11-10 20:49 - 2013-11-10 20:49 - 00000000 ____D C:\Windows\ERUNT
2013-11-10 20:46 - 2013-11-10 20:46 - 01034531 _____ (Thisisu) C:\Users\Didi\Downloads\JRT.exe
2013-11-10 20:36 - 2013-11-10 20:37 - 00000000 ____D C:\AdwCleaner
2013-11-10 20:34 - 2013-11-10 20:34 - 01073262 _____ C:\Users\Didi\Downloads\adwcleaner.exe
2013-11-10 20:21 - 2013-11-10 20:21 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-10 20:21 - 2013-11-10 20:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-10 20:21 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-10 20:20 - 2013-11-10 20:20 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Didi\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-11-10 16:28 - 2013-11-10 16:28 - 00046851 _____ C:\ComboFix.txt
2013-11-10 16:20 - 2013-11-10 16:28 - 00000000 ____D C:\Qoobox
2013-11-10 16:20 - 2013-11-10 16:27 - 00000000 ____D C:\Windows\erdnt
2013-11-10 16:20 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-10 16:20 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-10 16:20 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-10 16:20 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-10 16:20 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-10 16:20 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2013-11-10 16:20 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-10 16:20 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-10 16:20 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-10 16:16 - 2013-11-10 16:16 - 05144429 ____R (Swearware) C:\Users\Didi\Downloads\ComboFix.exe
2013-11-10 07:27 - 2013-11-10 07:27 - 00032328 _____ C:\Users\Didi\Desktop\AVSCAN-20131110-050002-A8EAAB22.LOG
2013-11-09 17:53 - 2013-11-09 17:53 - 00036510 _____ C:\Users\Didi\Desktop\FRST.txt
2013-11-09 17:44 - 2013-11-09 17:45 - 00027605 _____ C:\Users\Didi\Downloads\Addition.txt
2013-11-09 17:44 - 2013-11-09 17:44 - 00000000 ____D C:\FRST
2013-11-09 17:43 - 2013-11-09 17:43 - 01957098 _____ (Farbar) C:\Users\Didi\Downloads\FRST64.exe
2013-11-09 00:39 - 2013-11-09 00:39 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-11-09 00:36 - 2013-11-09 00:36 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Didi\Downloads\mbar-1.07.0.1007.exe
2013-11-08 19:58 - 2013-11-08 20:07 - 00000000 ____D C:\ProgramData\Norton
2013-11-08 19:53 - 2013-11-08 19:57 - 174694248 _____ (Symantec Corporation) C:\Users\Didi\Downloads\N360_20.1.0.24_SYMTB_PROMO_4_MRFTT_374_7492_DE1.exe
2013-11-08 05:12 - 2013-11-08 05:12 - 00000000 ____D C:\Users\Didi\AppData\Roaming\Malwarebytes
2013-11-08 05:11 - 2013-11-08 05:11 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Didi\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-08 05:11 - 2013-11-08 05:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-07 06:11 - 2013-11-07 06:11 - 00001787 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-07 06:10 - 2013-11-07 06:11 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-07 06:10 - 2013-11-07 06:11 - 00000000 ____D C:\Program Files\iTunes
2013-11-07 06:10 - 2013-11-07 06:11 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-07 06:10 - 2013-11-07 06:10 - 00000000 ____D C:\Program Files\iPod
2013-11-01 14:21 - 2013-11-01 14:21 - 00000000 ____D C:\Users\Didi\AppData\Roaming\Unity
2013-10-29 21:58 - 2013-10-29 21:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-29 05:31 - 2013-10-29 05:33 - 70555976 _____ (Apple Inc.) C:\Users\Didi\Downloads\iCloudSetup.exe
2013-10-27 03:40 - 2013-10-27 03:40 - 02429215 _____ C:\Users\Didi\Downloads\dbpbzfa767_db_PatrickRuppert_1280(3).zip
2013-10-27 03:39 - 2013-10-27 03:39 - 02429215 _____ C:\Users\Didi\Downloads\dbpbzfa767_db_PatrickRuppert_1280(2).zip
2013-10-27 02:46 - 2013-10-27 02:46 - 04399174 _____ C:\Users\Didi\Downloads\BR110_MFinken.zip
2013-10-27 02:45 - 2013-10-27 02:45 - 02429215 _____ C:\Users\Didi\Downloads\dbpbzfa767_db_PatrickRuppert_1280(1).zip
2013-10-27 02:44 - 2013-10-27 02:44 - 02429215 _____ C:\Users\Didi\Downloads\dbpbzfa767_db_PatrickRuppert_1280.zip
2013-10-27 02:43 - 2013-10-27 02:43 - 01951021 _____ C:\Users\Didi\Downloads\br440_db_1280_Pattrick.zip
2013-10-27 02:42 - 2013-10-27 02:43 - 02104807 _____ C:\Users\Didi\Downloads\BR111_MFinken.zip
2013-10-27 01:03 - 2013-10-27 01:03 - 00001462 _____ C:\Users\Didi\Desktop\iRinger.lnk
2013-10-27 01:02 - 2013-10-27 01:28 - 00000000 ____D C:\ProgramData\iRinger
2013-10-27 01:01 - 2013-10-27 01:01 - 04815840 _____ (Make The Cut, LLC.) C:\Users\Didi\Downloads\iRinger42.exe
2013-10-20 04:28 - 2013-10-20 04:28 - 11059256 _____ C:\Users\Didi\Downloads\Demostrecke_Update1_FCramer.zip
2013-10-20 03:23 - 2013-10-27 03:43 - 00000000 ____D C:\Users\Public\Documents\Loksim3D
2013-10-20 03:23 - 2013-10-27 03:43 - 00000000 ____D C:\Users\Didi\AppData\Local\Loksim3D
2013-10-20 03:23 - 2013-10-20 03:23 - 00001011 _____ C:\Users\Public\Desktop\Loksim3D.lnk
2013-10-20 03:23 - 2013-10-20 03:23 - 00000000 ____D C:\Users\Didi\AppData\Local\CrashRpt
2013-10-20 03:23 - 2013-10-20 03:23 - 00000000 ____D C:\Program Files (x86)\Loksim3D
2013-10-20 03:22 - 2013-10-20 03:22 - 00000000 ____D C:\Users\Didi\Downloads\Setup_Loksim3D-2_8_2a
2013-10-20 03:18 - 2013-10-20 03:20 - 80890735 _____ C:\Users\Didi\Downloads\Setup_Loksim3D-2_8_2a.zip
2013-10-20 01:52 - 2013-10-20 01:52 - 00000000 ____D C:\$Windows.~BT
2013-10-18 13:32 - 2013-10-18 13:32 - 04105416 _____ (Gameforge 4D GmbH ) C:\Users\Didi\Downloads\Wizard101_Installer_DE.exe
2013-10-18 12:17 - 2013-10-18 12:17 - 00307760 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-18 05:18 - 2013-10-18 05:18 - 00000000 ____D C:\Users\Public\Documents\sun
2013-10-18 05:17 - 2013-10-18 05:17 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2013-10-18 05:08 - 2013-10-18 05:12 - 163606685 _____ C:\Users\Didi\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2013-10-18 04:26 - 2013-07-25 00:07 - 13661696 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2013-10-18 04:25 - 2013-09-14 02:15 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-10-18 04:25 - 2013-09-13 23:36 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-10-18 04:25 - 2013-09-13 23:36 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-10-18 04:25 - 2013-09-13 23:36 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-10-18 04:25 - 2013-09-13 23:36 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-10-18 04:25 - 2013-09-13 23:36 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-10-18 04:25 - 2013-09-13 23:34 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-10-18 04:25 - 2013-09-13 23:33 - 03279360 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-10-18 04:25 - 2013-09-13 23:33 - 01622016 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-10-18 04:25 - 2013-09-13 23:33 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-10-18 04:25 - 2013-09-13 23:33 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2013-10-18 04:25 - 2013-09-13 23:33 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-10-18 04:25 - 2013-09-13 23:33 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-10-18 04:25 - 2013-09-13 23:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-10-18 04:25 - 2013-09-13 23:33 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-10-18 04:25 - 2013-08-30 06:43 - 00061784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2013-10-18 04:25 - 2013-08-30 06:20 - 01173504 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2013-10-18 04:25 - 2013-08-30 00:48 - 00914432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2013-10-18 04:25 - 2013-08-21 07:39 - 00465240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-10-18 04:25 - 2013-08-10 07:30 - 00151896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2013-10-18 04:25 - 2013-08-10 06:21 - 00817152 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2013-10-18 04:25 - 2013-08-10 04:58 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-10-18 04:25 - 2013-07-25 00:10 - 10799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-10-18 04:25 - 2013-07-12 02:38 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2013-10-18 04:25 - 2013-07-12 02:30 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2013-10-17 04:26 - 2013-10-17 04:26 - 00001108 _____ C:\Users\Didi\Desktop\Calculator.lnk
==================== One Month Modified Files and Folders =======
2013-11-11 05:09 - 2013-11-11 05:09 - 01957590 _____ (Farbar) C:\Users\Didi\Downloads\FRST64(1).exe
2013-11-11 05:01 - 2012-12-01 20:48 - 01601505 _____ C:\Windows\WindowsUpdate.log
2013-11-11 05:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2013-11-11 04:52 - 2012-12-01 21:24 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-11 04:49 - 2013-03-07 05:13 - 00001118 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-11 04:48 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-11 04:46 - 2012-07-26 06:26 - 00524288 ___SH C:\Windows\system32\config\BBI
2013-11-11 04:38 - 2013-03-07 05:13 - 00001122 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-10 20:53 - 2013-11-10 20:53 - 00006802 _____ C:\Users\Didi\Desktop\JRT.txt
2013-11-10 20:49 - 2013-11-10 20:49 - 00000000 ____D C:\Windows\ERUNT
2013-11-10 20:46 - 2013-11-10 20:46 - 01034531 _____ (Thisisu) C:\Users\Didi\Downloads\JRT.exe
2013-11-10 20:37 - 2013-11-10 20:36 - 00000000 ____D C:\AdwCleaner
2013-11-10 20:37 - 2012-09-03 11:56 - 00694990 _____ C:\Windows\PFRO.log
2013-11-10 20:34 - 2013-11-10 20:34 - 01073262 _____ C:\Users\Didi\Downloads\adwcleaner.exe
2013-11-10 20:21 - 2013-11-10 20:21 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-10 20:21 - 2013-11-10 20:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-10 20:20 - 2013-11-10 20:20 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Didi\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-11-10 16:28 - 2013-11-10 16:28 - 00046851 _____ C:\ComboFix.txt
2013-11-10 16:28 - 2013-11-10 16:20 - 00000000 ____D C:\Qoobox
2013-11-10 16:27 - 2013-11-10 16:20 - 00000000 ____D C:\Windows\erdnt
2013-11-10 16:27 - 2012-07-26 06:26 - 00000215 _____ C:\Windows\system.ini
2013-11-10 16:16 - 2013-11-10 16:16 - 05144429 ____R (Swearware) C:\Users\Didi\Downloads\ComboFix.exe
2013-11-10 07:27 - 2013-11-10 07:27 - 00032328 _____ C:\Users\Didi\Desktop\AVSCAN-20131110-050002-A8EAAB22.LOG
2013-11-09 17:53 - 2013-11-09 17:53 - 00036510 _____ C:\Users\Didi\Desktop\FRST.txt
2013-11-09 17:45 - 2013-11-09 17:44 - 00027605 _____ C:\Users\Didi\Downloads\Addition.txt
2013-11-09 17:44 - 2013-11-09 17:44 - 00000000 ____D C:\FRST
2013-11-09 17:43 - 2013-11-09 17:43 - 01957098 _____ (Farbar) C:\Users\Didi\Downloads\FRST64.exe
2013-11-09 00:39 - 2013-11-09 00:39 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-11-09 00:36 - 2013-11-09 00:36 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Didi\Downloads\mbar-1.07.0.1007.exe
2013-11-08 21:33 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-11-08 20:07 - 2013-11-08 19:58 - 00000000 ____D C:\ProgramData\Norton
2013-11-08 20:06 - 2012-07-26 09:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-11-08 20:06 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-11-08 19:57 - 2013-11-08 19:53 - 174694248 _____ (Symantec Corporation) C:\Users\Didi\Downloads\N360_20.1.0.24_SYMTB_PROMO_4_MRFTT_374_7492_DE1.exe
2013-11-08 05:12 - 2013-11-08 05:12 - 00000000 ____D C:\Users\Didi\AppData\Roaming\Malwarebytes
2013-11-08 05:11 - 2013-11-08 05:11 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Didi\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-08 05:11 - 2013-11-08 05:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-07 06:11 - 2013-11-07 06:11 - 00001787 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-07 06:11 - 2013-11-07 06:10 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-07 06:11 - 2013-11-07 06:10 - 00000000 ____D C:\Program Files\iTunes
2013-11-07 06:11 - 2013-11-07 06:10 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-07 06:10 - 2013-11-07 06:10 - 00000000 ____D C:\Program Files\iPod
2013-11-05 04:56 - 2012-12-02 01:02 - 00000000 ____D C:\Users\Didi\AppData\Roaming\Apple Computer
2013-11-05 04:55 - 2012-12-02 01:02 - 00000000 ____D C:\Users\Didi\AppData\Local\Apple Computer
2013-11-03 21:21 - 2012-12-08 06:18 - 00000000 ____D C:\Users\Didi\AppData\Local\CrashDumps
2013-11-03 20:26 - 2012-09-27 20:47 - 00763140 _____ C:\Windows\system32\perfh007.dat
2013-11-03 20:26 - 2012-09-27 20:47 - 00160234 _____ C:\Windows\system32\perfc007.dat
2013-11-03 20:26 - 2012-07-26 08:28 - 01772590 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-01 14:21 - 2013-11-01 14:21 - 00000000 ____D C:\Users\Didi\AppData\Roaming\Unity
2013-10-30 04:35 - 2012-12-01 21:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-29 21:58 - 2013-10-29 21:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-29 05:35 - 2012-12-02 01:01 - 00000000 ____D C:\ProgramData\Apple
2013-10-29 05:33 - 2013-10-29 05:31 - 70555976 _____ (Apple Inc.) C:\Users\Didi\Downloads\iCloudSetup.exe
2013-10-27 03:43 - 2013-10-20 03:23 - 00000000 ____D C:\Users\Public\Documents\Loksim3D
2013-10-27 03:43 - 2013-10-20 03:23 - 00000000 ____D C:\Users\Didi\AppData\Local\Loksim3D
2013-10-27 03:40 - 2013-10-27 03:40 - 02429215 _____ C:\Users\Didi\Downloads\dbpbzfa767_db_PatrickRuppert_1280(3).zip
2013-10-27 03:39 - 2013-10-27 03:39 - 02429215 _____ C:\Users\Didi\Downloads\dbpbzfa767_db_PatrickRuppert_1280(2).zip
2013-10-27 02:46 - 2013-10-27 02:46 - 04399174 _____ C:\Users\Didi\Downloads\BR110_MFinken.zip
2013-10-27 02:45 - 2013-10-27 02:45 - 02429215 _____ C:\Users\Didi\Downloads\dbpbzfa767_db_PatrickRuppert_1280(1).zip
2013-10-27 02:44 - 2013-10-27 02:44 - 02429215 _____ C:\Users\Didi\Downloads\dbpbzfa767_db_PatrickRuppert_1280.zip
2013-10-27 02:43 - 2013-10-27 02:43 - 01951021 _____ C:\Users\Didi\Downloads\br440_db_1280_Pattrick.zip
2013-10-27 02:43 - 2013-10-27 02:42 - 02104807 _____ C:\Users\Didi\Downloads\BR111_MFinken.zip
2013-10-27 01:28 - 2013-10-27 01:02 - 00000000 ____D C:\ProgramData\iRinger
2013-10-27 01:03 - 2013-10-27 01:03 - 00001462 _____ C:\Users\Didi\Desktop\iRinger.lnk
2013-10-27 01:01 - 2013-10-27 01:01 - 04815840 _____ (Make The Cut, LLC.) C:\Users\Didi\Downloads\iRinger42.exe
2013-10-22 19:26 - 2012-07-26 08:21 - 00039170 _____ C:\Windows\setupact.log
2013-10-20 04:28 - 2013-10-20 04:28 - 11059256 _____ C:\Users\Didi\Downloads\Demostrecke_Update1_FCramer.zip
2013-10-20 03:23 - 2013-10-20 03:23 - 00001011 _____ C:\Users\Public\Desktop\Loksim3D.lnk
2013-10-20 03:23 - 2013-10-20 03:23 - 00000000 ____D C:\Users\Didi\AppData\Local\CrashRpt
2013-10-20 03:23 - 2013-10-20 03:23 - 00000000 ____D C:\Program Files (x86)\Loksim3D
2013-10-20 03:22 - 2013-10-20 03:22 - 00000000 ____D C:\Users\Didi\Downloads\Setup_Loksim3D-2_8_2a
2013-10-20 03:20 - 2013-10-20 03:18 - 80890735 _____ C:\Users\Didi\Downloads\Setup_Loksim3D-2_8_2a.zip
2013-10-20 01:52 - 2013-10-20 01:52 - 00000000 ____D C:\$Windows.~BT
2013-10-18 13:32 - 2013-10-18 13:32 - 04105416 _____ (Gameforge 4D GmbH ) C:\Users\Didi\Downloads\Wizard101_Installer_DE.exe
2013-10-18 12:17 - 2013-10-18 12:17 - 00307760 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-18 07:36 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2013-10-18 06:40 - 2012-12-01 20:54 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1429076904-2917619043-331896613-1002
2013-10-18 05:18 - 2013-10-18 05:18 - 00000000 ____D C:\Users\Public\Documents\sun
2013-10-18 05:17 - 2013-10-18 05:17 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2013-10-18 05:17 - 2013-09-03 06:06 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-10-18 05:12 - 2013-10-18 05:08 - 163606685 _____ C:\Users\Didi\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2013-10-18 04:30 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\WinStore
2013-10-17 04:26 - 2013-10-17 04:26 - 00001108 _____ C:\Users\Didi\Desktop\Calculator.lnk
Some content of TEMP:
====================
C:\Users\Didi\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-09 06:52
==================== End Of Log ============================
|
|
11.11.2013, 12:53
| #11 |
| /// the machine /// TB-Ausbilder | EXP/CVE-2013-2423.HV von AntiVir gefunden, was nun?ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.11.2013, 23:53
| #12 |
| | EXP/CVE-2013-2423.HV von AntiVir gefunden, was nun?Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=4893d328e935e44ca6ac58b32a23b56a
# engine=15841
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-11-11 10:32:21
# local_time=2013-11-11 11:32:21 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=1799 16775165 100 96 17505 249632431 10290 0
# compatibility_mode=5893 16776574 100 94 7267006 31817271 0 0
# scanned=296694
# found=3
# cleaned=0
# scan_time=6267
sh=9B7AFC05F48AE3F56DBE1A2114F8FDF50067A187 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.C application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\plugin@getwebcake.com\content\overlay.js.vir"
sh=9FDCD08572602FB0970FE1747EEF53FBFEB4D6E7 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Didi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\4504dc13-42e42da4"
sh=B52B4594608F4341021EB9B41E64EC801A2C5185 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Didi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\4d7e0bbd-56cc7b6e"
Code:
ATTFilter Results of screen317's Security Check version 0.99.76 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Defender Avira Desktop Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 TuneUp Utilities 2013 TuneUp Utilities Language Pack (de-DE) Java 7 Update 25 Java version out of Date! Adobe Flash Player 11.9.900.117 Adobe Reader XI Mozilla Firefox (25.0) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2013 01
Ran by Didi (administrator) on DIETMAR on 11-11-2013 23:50:54
Running from C:\Users\Didi\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Qualcomm Atheros) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
() C:\Mouse driver\mouse_driver.exe
() C:\Mouse driver\wh_exec.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Farbar) C:\Users\Didi\Downloads\FRST64(2).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtPreLoad.exe [64640 2013-01-28] ()
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor)
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-08-21] (Nero AG)
HKCU\...\Run: [Spotify Web Helper] - C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176 2012-09-27] ()
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [NBKeyScan] - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1828136 2007-08-08] (Nero AG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [uni mouse driver] - C:\Mouse driver\mouse_driver.exe [2972672 2011-11-09] ()
HKLM-x32\...\Run: [uni mouse driver tilt] - C:\Mouse driver\wh_exec.exe [147456 2010-10-05] ()
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845832 2013-01-22] (Acer Incorporated)
HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845832 2013-01-22] (Acer Incorporated)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {1A36B4D0-DCFF-4AE1-A358-D288D012B9A5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {1A36B4D0-DCFF-4AE1-A358-D288D012B9A5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {1A36B4D0-DCFF-4AE1-A358-D288D012B9A5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - {1A36B4D0-DCFF-4AE1-A358-D288D012B9A5} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default
FF Homepage: https://www.google.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Didi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\searchplugins\findr-customized-web-search.xml
FF SearchPlugin: C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\searchplugins\google-default.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: Flash and Video Download - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
FF Extension: artur.dubovoy - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\artur.dubovoy@gmail.com.xpi
FF Extension: fvd_single_setup - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\{9051303c-7e41-4311-a783-d6fe5ef2832d}.xpi
FF Extension: prefs - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: Adblock Plus - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: bprivacyprefs - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-03] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-01-24] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [28560 2012-08-30] (ELAN Microelectronics Corp.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [836904 2007-08-08] (Nero AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-21] (Nero AG)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-02] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-27] (Dritek System INC.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132088 2013-09-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-03-20] (Avira Operations GmbH & Co. KG)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 DFX11_1; C:\Windows\system32\drivers\dfx11_1x64.sys [28008 2012-08-29] (Windows (R) Win 7 DDK provider)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-27] (Dritek System Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
R3 whfltr2k; C:\Windows\System32\drivers\whfltr2k.sys [10368 2009-09-16] ()
R3 whfltr2k; C:\Windows\SysWow64\drivers\whfltr2k.sys [10368 2009-09-16] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [246224 2009-12-07] (Huawei Technologies Co., Ltd.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-11 23:50 - 2013-11-11 23:50 - 01957590 _____ (Farbar) C:\Users\Didi\Downloads\FRST64(2).exe
2013-11-11 23:45 - 2013-11-11 23:45 - 00891184 _____ C:\Users\Didi\Downloads\SecurityCheck.exe
2013-11-11 21:42 - 2013-11-11 21:42 - 02347384 _____ (ESET) C:\Users\Didi\Downloads\esetsmartinstaller_enu.exe
2013-11-11 13:41 - 2013-11-11 19:40 - 103792856 _____ C:\Windows\SysWOW64\뀙쩓Lƃ
2013-11-11 05:09 - 2013-11-11 05:09 - 01957590 _____ (Farbar) C:\Users\Didi\Downloads\FRST64(1).exe
2013-11-10 20:53 - 2013-11-10 20:53 - 00006802 _____ C:\Users\Didi\Desktop\JRT.txt
2013-11-10 20:49 - 2013-11-10 20:49 - 00000000 ____D C:\Windows\ERUNT
2013-11-10 20:46 - 2013-11-10 20:46 - 01034531 _____ (Thisisu) C:\Users\Didi\Downloads\JRT.exe
2013-11-10 20:36 - 2013-11-10 20:37 - 00000000 ____D C:\AdwCleaner
2013-11-10 20:34 - 2013-11-10 20:34 - 01073262 _____ C:\Users\Didi\Downloads\adwcleaner.exe
2013-11-10 20:21 - 2013-11-10 20:21 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-10 20:21 - 2013-11-10 20:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-10 20:21 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-10 20:20 - 2013-11-10 20:20 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Didi\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-11-10 16:28 - 2013-11-10 16:28 - 00046851 _____ C:\ComboFix.txt
2013-11-10 16:20 - 2013-11-10 16:28 - 00000000 ____D C:\Qoobox
2013-11-10 16:20 - 2013-11-10 16:27 - 00000000 ____D C:\Windows\erdnt
2013-11-10 16:20 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-10 16:20 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-10 16:20 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-10 16:20 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-10 16:20 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-10 16:20 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2013-11-10 16:20 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-10 16:20 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-10 16:20 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-10 16:16 - 2013-11-10 16:16 - 05144429 ____R (Swearware) C:\Users\Didi\Downloads\ComboFix.exe
2013-11-10 07:27 - 2013-11-10 07:27 - 00032328 _____ C:\Users\Didi\Desktop\AVSCAN-20131110-050002-A8EAAB22.LOG
2013-11-09 17:53 - 2013-11-09 17:53 - 00036510 _____ C:\Users\Didi\Desktop\FRST.txt
2013-11-09 17:44 - 2013-11-09 17:45 - 00027605 _____ C:\Users\Didi\Downloads\Addition.txt
2013-11-09 17:44 - 2013-11-09 17:44 - 00000000 ____D C:\FRST
2013-11-09 17:43 - 2013-11-09 17:43 - 01957098 _____ (Farbar) C:\Users\Didi\Downloads\FRST64.exe
2013-11-09 00:39 - 2013-11-09 00:39 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-11-09 00:36 - 2013-11-09 00:36 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Didi\Downloads\mbar-1.07.0.1007.exe
2013-11-08 19:58 - 2013-11-08 20:07 - 00000000 ____D C:\ProgramData\Norton
2013-11-08 19:53 - 2013-11-08 19:57 - 174694248 _____ (Symantec Corporation) C:\Users\Didi\Downloads\N360_20.1.0.24_SYMTB_PROMO_4_MRFTT_374_7492_DE1.exe
2013-11-08 05:12 - 2013-11-08 05:12 - 00000000 ____D C:\Users\Didi\AppData\Roaming\Malwarebytes
2013-11-08 05:11 - 2013-11-08 05:11 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Didi\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-08 05:11 - 2013-11-08 05:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-07 06:11 - 2013-11-07 06:11 - 00001787 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-07 06:10 - 2013-11-07 06:11 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-07 06:10 - 2013-11-07 06:11 - 00000000 ____D C:\Program Files\iTunes
2013-11-07 06:10 - 2013-11-07 06:11 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-07 06:10 - 2013-11-07 06:10 - 00000000 ____D C:\Program Files\iPod
2013-11-01 14:21 - 2013-11-01 14:21 - 00000000 ____D C:\Users\Didi\AppData\Roaming\Unity
2013-10-29 21:58 - 2013-10-29 21:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-29 05:31 - 2013-10-29 05:33 - 70555976 _____ (Apple Inc.) C:\Users\Didi\Downloads\iCloudSetup.exe
2013-10-27 03:40 - 2013-10-27 03:40 - 02429215 _____ C:\Users\Didi\Downloads\dbpbzfa767_db_PatrickRuppert_1280(3).zip
2013-10-27 03:39 - 2013-10-27 03:39 - 02429215 _____ C:\Users\Didi\Downloads\dbpbzfa767_db_PatrickRuppert_1280(2).zip
2013-10-27 02:46 - 2013-10-27 02:46 - 04399174 _____ C:\Users\Didi\Downloads\BR110_MFinken.zip
2013-10-27 02:45 - 2013-10-27 02:45 - 02429215 _____ C:\Users\Didi\Downloads\dbpbzfa767_db_PatrickRuppert_1280(1).zip
2013-10-27 02:44 - 2013-10-27 02:44 - 02429215 _____ C:\Users\Didi\Downloads\dbpbzfa767_db_PatrickRuppert_1280.zip
2013-10-27 02:43 - 2013-10-27 02:43 - 01951021 _____ C:\Users\Didi\Downloads\br440_db_1280_Pattrick.zip
2013-10-27 02:42 - 2013-10-27 02:43 - 02104807 _____ C:\Users\Didi\Downloads\BR111_MFinken.zip
2013-10-27 01:03 - 2013-10-27 01:03 - 00001462 _____ C:\Users\Didi\Desktop\iRinger.lnk
2013-10-27 01:02 - 2013-10-27 01:28 - 00000000 ____D C:\ProgramData\iRinger
2013-10-27 01:01 - 2013-10-27 01:01 - 04815840 _____ (Make The Cut, LLC.) C:\Users\Didi\Downloads\iRinger42.exe
2013-10-20 04:28 - 2013-10-20 04:28 - 11059256 _____ C:\Users\Didi\Downloads\Demostrecke_Update1_FCramer.zip
2013-10-20 03:23 - 2013-10-27 03:43 - 00000000 ____D C:\Users\Public\Documents\Loksim3D
2013-10-20 03:23 - 2013-10-27 03:43 - 00000000 ____D C:\Users\Didi\AppData\Local\Loksim3D
2013-10-20 03:23 - 2013-10-20 03:23 - 00001011 _____ C:\Users\Public\Desktop\Loksim3D.lnk
2013-10-20 03:23 - 2013-10-20 03:23 - 00000000 ____D C:\Users\Didi\AppData\Local\CrashRpt
2013-10-20 03:23 - 2013-10-20 03:23 - 00000000 ____D C:\Program Files (x86)\Loksim3D
2013-10-20 03:22 - 2013-10-20 03:22 - 00000000 ____D C:\Users\Didi\Downloads\Setup_Loksim3D-2_8_2a
2013-10-20 03:18 - 2013-10-20 03:20 - 80890735 _____ C:\Users\Didi\Downloads\Setup_Loksim3D-2_8_2a.zip
2013-10-20 01:52 - 2013-10-20 01:52 - 00000000 ____D C:\$Windows.~BT
2013-10-18 13:32 - 2013-10-18 13:32 - 04105416 _____ (Gameforge 4D GmbH ) C:\Users\Didi\Downloads\Wizard101_Installer_DE.exe
2013-10-18 12:17 - 2013-10-18 12:17 - 00307760 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-18 05:18 - 2013-10-18 05:18 - 00000000 ____D C:\Users\Public\Documents\sun
2013-10-18 05:17 - 2013-10-18 05:17 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2013-10-18 05:08 - 2013-10-18 05:12 - 163606685 _____ C:\Users\Didi\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2013-10-18 04:26 - 2013-07-25 00:07 - 13661696 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2013-10-18 04:25 - 2013-09-14 02:15 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-10-18 04:25 - 2013-09-13 23:36 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-10-18 04:25 - 2013-09-13 23:36 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-10-18 04:25 - 2013-09-13 23:36 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-10-18 04:25 - 2013-09-13 23:36 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-10-18 04:25 - 2013-09-13 23:36 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-10-18 04:25 - 2013-09-13 23:34 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-10-18 04:25 - 2013-09-13 23:33 - 03279360 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-10-18 04:25 - 2013-09-13 23:33 - 01622016 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-10-18 04:25 - 2013-09-13 23:33 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-10-18 04:25 - 2013-09-13 23:33 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2013-10-18 04:25 - 2013-09-13 23:33 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-10-18 04:25 - 2013-09-13 23:33 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-10-18 04:25 - 2013-09-13 23:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-10-18 04:25 - 2013-09-13 23:33 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-10-18 04:25 - 2013-08-30 06:43 - 00061784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2013-10-18 04:25 - 2013-08-30 06:20 - 01173504 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2013-10-18 04:25 - 2013-08-30 00:48 - 00914432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2013-10-18 04:25 - 2013-08-21 07:39 - 00465240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-10-18 04:25 - 2013-08-10 07:30 - 00151896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2013-10-18 04:25 - 2013-08-10 06:21 - 00817152 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2013-10-18 04:25 - 2013-08-10 04:58 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-10-18 04:25 - 2013-07-25 00:10 - 10799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-10-18 04:25 - 2013-07-12 02:38 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2013-10-18 04:25 - 2013-07-12 02:30 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2013-10-17 04:26 - 2013-10-17 04:26 - 00001108 _____ C:\Users\Didi\Desktop\Calculator.lnk
==================== One Month Modified Files and Folders =======
2013-11-11 23:50 - 2013-11-11 23:50 - 01957590 _____ (Farbar) C:\Users\Didi\Downloads\FRST64(2).exe
2013-11-11 23:45 - 2013-11-11 23:45 - 00891184 _____ C:\Users\Didi\Downloads\SecurityCheck.exe
2013-11-11 23:38 - 2013-03-07 05:13 - 00001122 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-11 23:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2013-11-11 22:57 - 2012-12-01 20:48 - 01694180 _____ C:\Windows\WindowsUpdate.log
2013-11-11 22:52 - 2012-12-01 21:24 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-11 21:42 - 2013-11-11 21:42 - 02347384 _____ (ESET) C:\Users\Didi\Downloads\esetsmartinstaller_enu.exe
2013-11-11 19:40 - 2013-11-11 13:41 - 103792856 _____ C:\Windows\SysWOW64\뀙쩓Lƃ
2013-11-11 13:40 - 2013-03-07 05:13 - 00001118 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-11 13:39 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-11 06:51 - 2012-07-26 06:26 - 00524288 ___SH C:\Windows\system32\config\BBI
2013-11-11 05:09 - 2013-11-11 05:09 - 01957590 _____ (Farbar) C:\Users\Didi\Downloads\FRST64(1).exe
2013-11-10 20:53 - 2013-11-10 20:53 - 00006802 _____ C:\Users\Didi\Desktop\JRT.txt
2013-11-10 20:49 - 2013-11-10 20:49 - 00000000 ____D C:\Windows\ERUNT
2013-11-10 20:46 - 2013-11-10 20:46 - 01034531 _____ (Thisisu) C:\Users\Didi\Downloads\JRT.exe
2013-11-10 20:37 - 2013-11-10 20:36 - 00000000 ____D C:\AdwCleaner
2013-11-10 20:37 - 2012-09-03 11:56 - 00694990 _____ C:\Windows\PFRO.log
2013-11-10 20:34 - 2013-11-10 20:34 - 01073262 _____ C:\Users\Didi\Downloads\adwcleaner.exe
2013-11-10 20:21 - 2013-11-10 20:21 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-10 20:21 - 2013-11-10 20:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-10 20:20 - 2013-11-10 20:20 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Didi\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-11-10 16:28 - 2013-11-10 16:28 - 00046851 _____ C:\ComboFix.txt
2013-11-10 16:28 - 2013-11-10 16:20 - 00000000 ____D C:\Qoobox
2013-11-10 16:27 - 2013-11-10 16:20 - 00000000 ____D C:\Windows\erdnt
2013-11-10 16:27 - 2012-07-26 06:26 - 00000215 _____ C:\Windows\system.ini
2013-11-10 16:16 - 2013-11-10 16:16 - 05144429 ____R (Swearware) C:\Users\Didi\Downloads\ComboFix.exe
2013-11-10 07:27 - 2013-11-10 07:27 - 00032328 _____ C:\Users\Didi\Desktop\AVSCAN-20131110-050002-A8EAAB22.LOG
2013-11-09 17:53 - 2013-11-09 17:53 - 00036510 _____ C:\Users\Didi\Desktop\FRST.txt
2013-11-09 17:45 - 2013-11-09 17:44 - 00027605 _____ C:\Users\Didi\Downloads\Addition.txt
2013-11-09 17:44 - 2013-11-09 17:44 - 00000000 ____D C:\FRST
2013-11-09 17:43 - 2013-11-09 17:43 - 01957098 _____ (Farbar) C:\Users\Didi\Downloads\FRST64.exe
2013-11-09 00:39 - 2013-11-09 00:39 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-11-09 00:36 - 2013-11-09 00:36 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Didi\Downloads\mbar-1.07.0.1007.exe
2013-11-08 21:33 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-11-08 20:07 - 2013-11-08 19:58 - 00000000 ____D C:\ProgramData\Norton
2013-11-08 20:06 - 2012-07-26 09:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-11-08 20:06 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-11-08 19:57 - 2013-11-08 19:53 - 174694248 _____ (Symantec Corporation) C:\Users\Didi\Downloads\N360_20.1.0.24_SYMTB_PROMO_4_MRFTT_374_7492_DE1.exe
2013-11-08 05:12 - 2013-11-08 05:12 - 00000000 ____D C:\Users\Didi\AppData\Roaming\Malwarebytes
2013-11-08 05:11 - 2013-11-08 05:11 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Didi\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-08 05:11 - 2013-11-08 05:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-07 06:11 - 2013-11-07 06:11 - 00001787 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-07 06:11 - 2013-11-07 06:10 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-07 06:11 - 2013-11-07 06:10 - 00000000 ____D C:\Program Files\iTunes
2013-11-07 06:11 - 2013-11-07 06:10 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-07 06:10 - 2013-11-07 06:10 - 00000000 ____D C:\Program Files\iPod
2013-11-05 04:56 - 2012-12-02 01:02 - 00000000 ____D C:\Users\Didi\AppData\Roaming\Apple Computer
2013-11-05 04:55 - 2012-12-02 01:02 - 00000000 ____D C:\Users\Didi\AppData\Local\Apple Computer
2013-11-03 21:21 - 2012-12-08 06:18 - 00000000 ____D C:\Users\Didi\AppData\Local\CrashDumps
2013-11-03 20:26 - 2012-09-27 20:47 - 00763140 _____ C:\Windows\system32\perfh007.dat
2013-11-03 20:26 - 2012-09-27 20:47 - 00160234 _____ C:\Windows\system32\perfc007.dat
2013-11-03 20:26 - 2012-07-26 08:28 - 01772590 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-01 14:21 - 2013-11-01 14:21 - 00000000 ____D C:\Users\Didi\AppData\Roaming\Unity
2013-10-30 04:35 - 2012-12-01 21:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-29 21:58 - 2013-10-29 21:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-29 05:35 - 2012-12-02 01:01 - 00000000 ____D C:\ProgramData\Apple
2013-10-29 05:33 - 2013-10-29 05:31 - 70555976 _____ (Apple Inc.) C:\Users\Didi\Downloads\iCloudSetup.exe
2013-10-27 03:43 - 2013-10-20 03:23 - 00000000 ____D C:\Users\Public\Documents\Loksim3D
2013-10-27 03:43 - 2013-10-20 03:23 - 00000000 ____D C:\Users\Didi\AppData\Local\Loksim3D
2013-10-27 03:40 - 2013-10-27 03:40 - 02429215 _____ C:\Users\Didi\Downloads\dbpbzfa767_db_PatrickRuppert_1280(3).zip
2013-10-27 03:39 - 2013-10-27 03:39 - 02429215 _____ C:\Users\Didi\Downloads\dbpbzfa767_db_PatrickRuppert_1280(2).zip
2013-10-27 02:46 - 2013-10-27 02:46 - 04399174 _____ C:\Users\Didi\Downloads\BR110_MFinken.zip
2013-10-27 02:45 - 2013-10-27 02:45 - 02429215 _____ C:\Users\Didi\Downloads\dbpbzfa767_db_PatrickRuppert_1280(1).zip
2013-10-27 02:44 - 2013-10-27 02:44 - 02429215 _____ C:\Users\Didi\Downloads\dbpbzfa767_db_PatrickRuppert_1280.zip
2013-10-27 02:43 - 2013-10-27 02:43 - 01951021 _____ C:\Users\Didi\Downloads\br440_db_1280_Pattrick.zip
2013-10-27 02:43 - 2013-10-27 02:42 - 02104807 _____ C:\Users\Didi\Downloads\BR111_MFinken.zip
2013-10-27 01:28 - 2013-10-27 01:02 - 00000000 ____D C:\ProgramData\iRinger
2013-10-27 01:03 - 2013-10-27 01:03 - 00001462 _____ C:\Users\Didi\Desktop\iRinger.lnk
2013-10-27 01:01 - 2013-10-27 01:01 - 04815840 _____ (Make The Cut, LLC.) C:\Users\Didi\Downloads\iRinger42.exe
2013-10-22 19:26 - 2012-07-26 08:21 - 00039170 _____ C:\Windows\setupact.log
2013-10-20 04:28 - 2013-10-20 04:28 - 11059256 _____ C:\Users\Didi\Downloads\Demostrecke_Update1_FCramer.zip
2013-10-20 03:23 - 2013-10-20 03:23 - 00001011 _____ C:\Users\Public\Desktop\Loksim3D.lnk
2013-10-20 03:23 - 2013-10-20 03:23 - 00000000 ____D C:\Users\Didi\AppData\Local\CrashRpt
2013-10-20 03:23 - 2013-10-20 03:23 - 00000000 ____D C:\Program Files (x86)\Loksim3D
2013-10-20 03:22 - 2013-10-20 03:22 - 00000000 ____D C:\Users\Didi\Downloads\Setup_Loksim3D-2_8_2a
2013-10-20 03:20 - 2013-10-20 03:18 - 80890735 _____ C:\Users\Didi\Downloads\Setup_Loksim3D-2_8_2a.zip
2013-10-20 01:52 - 2013-10-20 01:52 - 00000000 ____D C:\$Windows.~BT
2013-10-18 13:32 - 2013-10-18 13:32 - 04105416 _____ (Gameforge 4D GmbH ) C:\Users\Didi\Downloads\Wizard101_Installer_DE.exe
2013-10-18 12:17 - 2013-10-18 12:17 - 00307760 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-18 07:36 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2013-10-18 06:40 - 2012-12-01 20:54 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1429076904-2917619043-331896613-1002
2013-10-18 05:18 - 2013-10-18 05:18 - 00000000 ____D C:\Users\Public\Documents\sun
2013-10-18 05:17 - 2013-10-18 05:17 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2013-10-18 05:17 - 2013-09-03 06:06 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-10-18 05:12 - 2013-10-18 05:08 - 163606685 _____ C:\Users\Didi\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2013-10-18 04:30 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\WinStore
2013-10-17 04:26 - 2013-10-17 04:26 - 00001108 _____ C:\Users\Didi\Desktop\Calculator.lnk
Some content of TEMP:
====================
C:\Users\Didi\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-09 06:52
==================== End Of Log ============================
--- --- ---
__________________ Gruss, Man19321  |
|
12.11.2013, 12:28
| #13 |
| /// the machine /// TB-Ausbilder | EXP/CVE-2013-2423.HV von AntiVir gefunden, was nun? Java updaten. Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop. Schließe nun alle offenen Programme und trenne Dich von dem Internet. Doppelklick auf die TFC.exe und drücke auf Start. Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen. Fertig Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.11.2013, 21:33
| #14 |
| | EXP/CVE-2013-2423.HV von AntiVir gefunden, was nun? Hallo Schrauber, ging alles soweit gut von statten, aber der Grund warum ich mich mit dem Fund hierher gewendet habe ist, das bei mir wärend dem Surfen irgendwann die "Bundespolizeiseite" aufgegangen ist mit der 100 Euro Zahlung und den ganzen Drohungen. Darauf habe ich AntiVir den vollständigen Scan durchlaufen lassen und der hat das dann gefunden. (s. Mein Thema). Mein PC wurde nie gesperrt wie es auf der dubiosen Seite geschrieben stand. Was würdest Du mir den jetzt noch empfehlen zu tun? Eine weitere Analyse meines Rechner`s? Ich würde mich über eine Rückmeldung von Dir sehr freuen.
__________________ Gruss, Man19321 |
|
13.11.2013, 10:05
| #15 |
| /// the machine /// TB-Ausbilder | EXP/CVE-2013-2423.HV von AntiVir gefunden, was nun? Ich versteh die Frage nicht Diese Sperr-meldung im Browser war doch bei diesem Rechner den wir gerade behandelt haben oder? Der ist jetzt sauber. Es gibt 2 Varianten dieser Malware. Es wird der Rehcner gesperrt oder wie bei dir, nur ein Browser-Tab.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
Linear-Darstellung
