| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Oxtender von Hosteurope auf Win7 Laptop nicht mehr vorhanden, Defender nicht startbarWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
06.01.2014, 11:16
| #1 |
 |  Oxtender von Hosteurope auf Win7 Laptop nicht mehr vorhanden, Defender nicht startbar Combofix Logfile: Code:
ATTFilter ComboFix 14-01-04.03 - TBLap 06.01.2014 11:03:14.1.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.8091.5763 [GMT 1:00]
ausgeführt von:: c:\users\TBLap\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\autorun.inf
c:\program files (x86)\Setup.exe
c:\programdata\Roaming
c:\users\Public\AlexaNSISPlugin.2476.dll
c:\users\TBLap\AppData\Local\Microsoft\Windows\Temporary Internet Files\{18855B5B-8227-4033-9E20-42B3D9959201}.xps
c:\users\TBLap\AppData\Local\Microsoft\Windows\Temporary Internet Files\{5F81F087-BB8B-40EF-AE3C-7E7A62D2FBA3}.xps
c:\users\TBLap\AppData\Local\Microsoft\Windows\Temporary Internet Files\{7209041D-1FAC-4025-9D76-D976BC953D12}.xps
c:\users\TBLap\AppData\Local\Microsoft\Windows\Temporary Internet Files\{8619355E-BEDA-4607-A2E7-E14F80539FC7}.xps
c:\users\TBLap\AppData\Local\Microsoft\Windows\Temporary Internet Files\{9D5043E1-E414-490B-BD7D-9B85D3538E13}.xps
c:\users\TBLap\AppData\Local\Microsoft\Windows\Temporary Internet Files\{BA76C6CD-FF4D-4509-A393-2DA0CF9A51D8}.xps
c:\users\TBLap\AppData\Local\Microsoft\Windows\Temporary Internet Files\{C74131F7-0F0F-4AA2-A41A-4664CB619C81}.xps
c:\users\TBLap\AppData\Local\Microsoft\Windows\Temporary Internet Files\{CA70EF5D-1C9D-4A1E-A3B0-CDDA02235441}.xps
c:\users\TBLap\AppData\Local\Microsoft\Windows\Temporary Internet Files\{DC7C2D81-69AB-4BB5-AC12-DA0B04212BC2}.xps
c:\users\TBLap\AppData\Local\Microsoft\Windows\Temporary Internet Files\{EEDD0AC2-D939-4C80-935E-6FA2BF312568}.xps
c:\users\TBLap\AppData\Local\Microsoft\Windows\Temporary Internet Files\{F54AB03B-7FFD-430D-A09F-B05628B7AB2A}.xps
c:\users\TBLap\AppData\Local\Temp\_MEI47722\_ctypes.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\_elementtree.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\_hashlib.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\_multiprocessing.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\_socket.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\_ssl.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\pyexpat.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\pysqlite2._sqlite.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\python27.dll
c:\users\TBLap\AppData\Local\Temp\_MEI47722\pythoncom27.dll
c:\users\TBLap\AppData\Local\Temp\_MEI47722\PyWinTypes27.dll
c:\users\TBLap\AppData\Local\Temp\_MEI47722\select.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\unicodedata.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\win32api.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\win32com.shell.shell.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\win32crypt.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\win32event.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\win32file.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\win32inet.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\win32pdh.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\win32pipe.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\win32process.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\win32profile.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\win32security.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\win32ts.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\windows._lib_cacheinvalidation.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\wx._controls_.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\wx._core_.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\wx._gdi_.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\wx._html2.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\wx._misc_.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\wx._windows_.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\wx._wizard.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI47722\wxbase294u_net_vc90.dll
c:\users\TBLap\AppData\Local\Temp\_MEI47722\wxbase294u_vc90.dll
c:\users\TBLap\AppData\Local\Temp\_MEI47722\wxmsw294u_adv_vc90.dll
c:\users\TBLap\AppData\Local\Temp\_MEI47722\wxmsw294u_core_vc90.dll
c:\users\TBLap\AppData\Local\Temp\_MEI47722\wxmsw294u_html_vc90.dll
c:\users\TBLap\AppData\Local\Temp\_MEI47722\wxmsw294u_webview_vc90.dll
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome.manifest
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\api.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\api\asyncDB.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\api\background.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\api\browserAction.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\api\contextMenu.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\api\dbManager.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\api\dom_bg.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\api\fileManager.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\api\firefox.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\api\firefoxNotifications.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\api\firefoxOmnibox.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\api\message.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\api\pageAction.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\api\request.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\api\tabs.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\api\webRequest.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\background.html
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\baseObject.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\browser.xul
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\core\console.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\core\consts.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\core\delegate.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\core\extensionDataStore.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\core\folderIOWrapper.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\core\httpObserver.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\core\IDBWrapper.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\core\installer.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\core\logFile.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\core\prefs.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\core\progressListenerObserver.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\core\registry.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\core\reloadObserver.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\core\reports.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\core\requestObject.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\core\searchSettings.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\core\uninstallObserver.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\core\updateManager.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\core\utils.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\core\xhr.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\dialog.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\main.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\options.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\options.xul
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\chrome\content\search_dialog.xul
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\defaults\preferences\prefs.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\extensionData\manifest.xml
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\extensionData\plugins.json
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\extensionData\plugins\1_base.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\extensionData\plugins\14_CrossriderUtils.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\extensionData\plugins\17_jQuery.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\extensionData\plugins\177_crossriderDashboard.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\extensionData\plugins\182_openUrl.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\extensionData\plugins\183_tabsWrapper.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\extensionData\plugins\21_debug.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\extensionData\plugins\22_resources.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\extensionData\plugins\28_initializer.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\extensionData\plugins\4_jquery_1_7_1.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\extensionData\plugins\47_resources_background.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\extensionData\plugins\64_appApiMessage.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\extensionData\plugins\72_appApiValidation.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\extensionData\plugins\78_CrossriderInfo.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\extensionData\plugins\98_omniCommands.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\extensionData\userCode\background.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\extensionData\userCode\extension.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\install.rdf
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\locale\en-US\translations.dtd
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\skin\button1.png
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\skin\button2.png
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\skin\button3.png
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\skin\button4.png
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\skin\button5.png
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\skin\crossrider_statusbar.png
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\skin\icon128.png
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\skin\icon16.png
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\skin\icon24.png
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\skin\icon48.png
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\skin\panelarrow-up.png
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\skin\popup.html
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\skin\skin.css
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\126c9ec1-e913-410f-94df-6262dd70e044@94392a4b-d7bd-4563-8bcd-ba96cf8055b2.com\skin\update.css
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome.manifest
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\asyncDB.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\background.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\browserAction.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\contextMenu.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\dbManager.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\dom_bg.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\fileManager.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\firefox.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\firefoxNotifications.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\firefoxOmnibox.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\message.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\pageAction.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\request.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\tabs.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\webRequest.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\background.html
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\baseObject.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\browser.xul
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\console.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\consts.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\delegate.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\extensionDataStore.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\folderIOWrapper.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\httpObserver.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\IDBWrapper.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\installer.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\logFile.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\prefs.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\progressListenerObserver.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\registry.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\reloadObserver.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\reports.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\requestObject.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\searchSettings.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\uninstallObserver.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\updateManager.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\utils.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\xhr.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\dialog.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\main.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\options.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\options.xul
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\search_dialog.xul
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\defaults\preferences\prefs.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\manifest.xml
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins.json
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\1_base.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\102_dealply_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\103_intext_5_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\104_jollywallet_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\105_corticas_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\108_icm_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\117_coupons_intext_ads_5_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\119_similar_web_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\120_luck_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\123_intext_adv_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\125_arcadi2_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\126_revizer_ws_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\127_revizer_p_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\128_superfish_pricora_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\135_arcadi3_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\138_getdeal_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\14_CrossriderUtils.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\141_corticas_ru_m.js.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\142_intext_fa_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\155_ibario_pops_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\159_cortica_rollover_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\17_jQuery.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\171_arcadi2_sourceID_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\175_coolmirage_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\177_crossriderDashboard.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\178_revizer_ws_dynamic_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\179_revizer_p_dynamic_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\180_bpo_serp_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\182_openUrl.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\183_tabsWrapper.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\184_noproblemppc_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\189_active_sanity.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\190_pops_5_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\191_ciuvo_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\192_revizer_ws_dynamic_b2b_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\193_revizer_p_dynamic_b2b_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\194_retargeting_bi_m.js.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\195_icm_convertmedia_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\197_kreapixel_pops_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\198_superfish_no_search_no_coupons_plushd_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\199_superfish_no_coupons_plushd_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\200_foxydeal_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\204_pricedetect_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\21_debug.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\22_resources.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\28_initializer.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\4_jquery_1_7_1.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\47_resources_background.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\64_appApiMessage.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\7_hooks.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\72_appApiValidation.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\78_CrossriderInfo.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\87_ginyas_wrapper.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\9_search_engine_hook.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\91_monetizationLoader.js.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\98_omniCommands.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\userCode\background.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\userCode\extension.js
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\install.rdf
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\locale\en-US\translations.dtd
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\button1.png
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\button2.png
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\button3.png
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\button4.png
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\button5.png
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\crossrider_statusbar.png
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\icon128.png
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\icon16.png
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\icon24.png
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\icon48.png
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\panelarrow-up.png
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\popup.html
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\skin.css
c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\update.css
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-12-06 bis 2014-01-06 ))))))))))))))))))))))))))))))
.
.
2014-01-06 09:38 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{19F55EC1-5A4C-474D-918C-7BB9CA6BC1B0}\mpengine.dll
2014-01-04 10:35 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-03 14:21 . 2014-01-06 10:08 -------- d-----w- c:\program files (x86)\MyPC Backup
2014-01-03 14:21 . 2014-01-03 14:21 -------- d-----w- c:\program files (x86)\VLC Player GPU+
2014-01-03 14:21 . 2014-01-03 14:21 -------- d-----w- C:\FRST
2014-01-03 14:19 . 2014-01-03 14:19 -------- d-----w- c:\users\TBLap\AppData\Roaming\0C1I1L1R1J0M1P0I1G
2014-01-03 14:18 . 2014-01-03 14:18 -------- d-----w- c:\programdata\Systweak
2014-01-03 14:18 . 2014-01-03 14:18 -------- d-----w- c:\program files (x86)\Advanced System Protector
2014-01-03 14:18 . 2012-07-25 11:03 16896 ----a-w- c:\windows\system32\sasnative64.exe
2014-01-03 14:17 . 2014-01-03 14:18 -------- d-----w- c:\users\TBLap\AppData\Roaming\Systweak
2014-01-03 14:17 . 2014-01-03 14:17 -------- d-----w- c:\users\TBLap\.android
2014-01-03 14:17 . 2013-11-22 14:42 20312 ----a-w- c:\windows\system32\roboot64.exe
2014-01-03 14:17 . 2014-01-06 10:09 -------- d-----w- c:\users\TBLap\AppData\Roaming\newnext.me
2014-01-03 14:17 . 2014-01-06 09:42 -------- d-----w- c:\users\TBLap\AppData\Local\Mobogenie
2014-01-03 14:17 . 2014-01-03 15:48 -------- d-----w- c:\users\TBLap\AppData\Local\genienext
2014-01-03 14:17 . 2014-01-03 15:48 -------- d-----w- c:\users\TBLap\AppData\Local\cache
2014-01-03 14:16 . 2014-01-03 14:17 -------- d-----w- c:\program files (x86)\RegClean Pro
2014-01-03 14:16 . 2014-01-03 14:16 -------- d-----w- c:\program files (x86)\Plus-HD-5.0
2014-01-03 14:16 . 2014-01-03 16:03 -------- d-----w- c:\program files (x86)\Mobogenie
2014-01-03 14:14 . 2014-01-06 09:29 -------- d-----w- c:\program files (x86)\VuuPC
2014-01-03 14:14 . 2014-01-03 14:14 -------- d-----w- c:\users\TBLap\AppData\Roaming\FoxTab
2014-01-03 14:13 . 2014-01-03 14:13 -------- d-----w- c:\program files (x86)\Foxtab
2013-12-31 10:25 . 2013-12-31 10:47 -------- d-----w- c:\users\TBLap\.freemind
2013-12-31 10:24 . 2013-12-31 10:24 -------- d-----w- c:\programdata\Oracle
2013-12-31 10:24 . 2013-12-31 10:24 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-12-31 10:24 . 2013-12-31 10:24 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-12-31 10:24 . 2013-12-31 10:24 -------- d-----w- c:\program files (x86)\Java
2013-12-31 10:20 . 2013-12-31 10:20 -------- d-----w- c:\program files (x86)\FreeMind
2013-12-14 13:28 . 2013-12-14 13:28 -------- d-----w- c:\program files (x86)\Open-Xchange
2013-12-14 02:00 . 2013-11-26 11:54 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-12-13 08:33 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-12-13 08:33 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-13 08:33 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-13 08:33 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-13 08:33 . 2013-10-30 01:24 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-12-13 08:33 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-13 08:33 . 2013-10-19 01:36 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-12-13 08:33 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-13 08:33 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-12-13 08:33 . 2013-10-04 02:16 116736 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-13 08:33 . 2013-10-04 01:36 230400 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-13 08:32 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
2013-12-13 08:32 . 2013-10-12 02:31 202752 ----a-w- c:\windows\system32\scrrun.dll
2013-12-13 08:32 . 2013-10-12 02:04 121856 ----a-w- c:\windows\SysWow64\wshom.ocx
2013-12-13 08:32 . 2013-10-12 02:03 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
2013-12-13 08:32 . 2013-10-12 01:33 156160 ----a-w- c:\windows\system32\cscript.exe
2013-12-13 08:32 . 2013-10-12 01:33 168960 ----a-w- c:\windows\system32\wscript.exe
2013-12-13 08:32 . 2013-10-12 01:15 141824 ----a-w- c:\windows\SysWow64\wscript.exe
2013-12-13 08:32 . 2013-10-12 01:15 126976 ----a-w- c:\windows\SysWow64\cscript.exe
2013-12-09 11:09 . 2013-10-18 01:13 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4C04F8AD-84C4-4863-93AA-6976D0E68B71}\gapaengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-13 09:33 . 2012-11-13 14:28 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-13 09:33 . 2012-11-13 14:28 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-01 13:42 . 2012-11-06 19:46 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-11-27 02:00 . 2013-11-27 02:00 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-27 02:00 . 2013-11-27 02:00 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-27 02:00 . 2013-11-27 02:00 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-27 02:00 . 2013-11-27 02:00 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-27 02:00 . 2013-11-27 02:00 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-27 02:00 . 2013-11-27 02:00 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-27 02:00 . 2013-11-27 02:00 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-27 02:00 . 2013-11-27 02:00 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-27 02:00 . 2013-11-27 02:00 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-27 02:00 . 2013-11-27 02:00 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-27 02:00 . 2013-11-27 02:00 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-27 02:00 . 2013-11-27 02:00 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-27 02:00 . 2013-11-27 02:00 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-27 02:00 . 2013-11-27 02:00 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-27 02:00 . 2013-11-27 02:00 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-27 02:00 . 2013-11-27 02:00 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-27 02:00 . 2013-11-27 02:00 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-27 02:00 . 2013-11-27 02:00 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-27 02:00 . 2013-11-27 02:00 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-27 02:00 . 2013-11-27 02:00 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-27 02:00 . 2013-11-27 02:00 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-27 02:00 . 2013-11-27 02:00 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-27 02:00 . 2013-11-27 02:00 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-27 02:00 . 2013-11-27 02:00 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-27 02:00 . 2013-11-27 02:00 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-27 02:00 . 2013-11-27 02:00 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-27 02:00 . 2013-11-27 02:00 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-27 02:00 . 2013-11-27 02:00 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-27 02:00 . 2013-11-27 02:00 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-27 02:00 . 2013-11-27 02:00 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-27 02:00 . 2013-11-27 02:00 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-27 02:00 . 2013-11-27 02:00 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-27 02:00 . 2013-11-27 02:00 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-27 02:00 . 2013-11-27 02:00 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-27 02:00 . 2013-11-27 02:00 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-27 02:00 . 2013-11-27 02:00 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-27 02:00 . 2013-11-27 02:00 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-27 02:00 . 2013-11-27 02:00 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-27 02:00 . 2013-11-27 02:00 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-27 02:00 . 2013-11-27 02:00 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-27 02:00 . 2013-11-27 02:00 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-27 02:00 . 2013-11-27 02:00 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-27 02:00 . 2013-11-27 02:00 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-27 02:00 . 2013-11-27 02:00 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-27 02:00 . 2013-11-27 02:00 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-27 02:00 . 2013-11-27 02:00 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-27 02:00 . 2013-11-27 02:00 413696 ----a-w- c:\windows\system32\html.iec
2013-11-27 02:00 . 2013-11-27 02:00 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-27 02:00 . 2013-11-27 02:00 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-27 02:00 . 2013-11-27 02:00 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-27 02:00 . 2013-11-27 02:00 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-27 02:00 . 2013-11-27 02:00 235520 ----a-w- c:\windows\system32\url.dll
2013-11-27 02:00 . 2013-11-27 02:00 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-27 02:00 . 2013-11-27 02:00 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-27 02:00 . 2013-11-27 02:00 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-27 02:00 . 2013-11-27 02:00 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-27 02:00 . 2013-11-27 02:00 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-27 02:00 . 2013-11-27 02:00 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-27 02:00 . 2013-11-27 02:00 101376 ----a-w- c:\windows\system32\inseng.dll
2013-11-21 08:32 . 2013-11-21 08:32 4169784 ----a-w- c:\windows\SysWow64\oxstor32.dll
2013-11-19 10:21 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-18 01:13 . 2012-11-29 08:44 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-10-14 17:00 . 2013-11-27 02:03 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-10-12 02:30 . 2013-11-13 06:35 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-13 06:35 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-13 06:35 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-13 06:35 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-13 06:35 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110211941181}]
2013-09-11 08:33 600712 ----a-w- c:\program files (x86)\Mein Gutscheincode\Mein Gutscheincode-bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110411771118}]
2014-01-03 14:16 644968 ----a-w- c:\program files (x86)\Plus-HD-5.0\Plus-HD-5.0-bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-01-28 14:48 281760 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F443A627-5009-4323-9C1D-7FD598D0D712}]
2012-05-10 00:05 1607472 ----a-w- c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{EA582743-9076-4178-9AA6-7393FDF4D5CE}"= "c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll" [2012-05-10 1607472]
.
[HKEY_CLASSES_ROOT\clsid\{ea582743-9076-4178-9aa6-7393fdf4d5ce}]
[HKEY_CLASSES_ROOT\TypeLib\{33D0AD98-3347-4A54-8929-5163EBEB9F72}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\TBLap\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\TBLap\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\TBLap\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\TBLap\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OXUpdater"="c:\users\TBLap\AppData\Local\Open-Xchange\OXUpdater\OXUpdater.exe" [2013-11-04 2278920]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-12-06 20203904]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Akamai NetSession Interface"="c:\users\TBLap\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"NextLive"="c:\users\TBLap\AppData\Roaming\newnext.me\nengine.dll" [2013-11-14 1283584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-01 291608]
"TRUUpdater"="c:\program files (x86)\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe" [2011-11-03 329072]
"WatcherHelper"="c:\program files (x86)\Sierra Wireless Inc\3G Watcher\WaHelper.exe" [2011-08-04 140656]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-09-20 60552]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"NetDrive"="c:\program files\NetDrive\netdrive.exe" [2013-03-16 3587072]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2011-07-25 468112]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-12-02 1316248]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"mobilegeni daemon"="c:\program files (x86)\Mobogenie\DaemonProcess.exe" [2014-01-03 761536]
"GPULoader"="c:\program files (x86)\VLC Player GPU+\GPULog.exe" [2013-12-27 1328864]
.
c:\users\TBLap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\TBLap\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2013-7-23 1089888]
MyPC Backup.lnk - c:\program files (x86)\MyPC Backup\MyPC Backup.exe [2013-9-19 1953320]
OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protokoll;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 ndfs;ndfs;c:\program files\NetDrive\ndfs.sys;c:\program files\NetDrive\ndfs.sys [x]
R3 PcaSp60;Rawether NDIS 6.X SPR Protocol Driver;c:\windows\system32\DRIVERS\PcaSp60.sys;c:\windows\SYSNATIVE\DRIVERS\PcaSp60.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 RemoteEngineService;VuuPC RemoteEngine Service;c:\program files (x86)\VuuPC\remoteengine.exe;c:\program files (x86)\VuuPC\remoteengine.exe [x]
R4 VuuPCConnectivity;VuuPC Connectivity;c:\program files (x86)\VuuPC\Connectivity.exe;c:\program files (x86)\VuuPC\Connectivity.exe [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 BackupStack;Computer Backup (MyPC Backup);c:\program files (x86)\MyPC Backup\BackupStack.exe;c:\program files (x86)\MyPC Backup\BackupStack.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 FPLService;TrueSuiteService;c:\program files\AuthenTec TrueSuite\TrueSuiteService.exe;c:\program files\AuthenTec TrueSuite\TrueSuiteService.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 ndsvc;NetDrive Service;c:\program files\NetDrive\ndsvc.exe;c:\program files\NetDrive\ndsvc.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 SwiCardDetectSvc;Sierra Wireless Card Detection Service;c:\program files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe;c:\program files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe [x]
S2 SwiService;Sierra Wireless Service;c:\program files (x86)\Sierra Wireless Inc\QMIPackage\Utils\SWIService.exe;c:\program files (x86)\Sierra Wireless Inc\QMIPackage\Utils\SWIService.exe [x]
S2 Updater Service for AMZN;Updater Service for AMZN;c:\program files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe;c:\program files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe [x]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S2 WTGService;WTGService;c:\program files (x86)\OneClickInternet\WTGService.exe;c:\program files (x86)\OneClickInternet\WTGService.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed - Virtueller Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 ATSwpWDF;AuthenTec TruePrint WBF Driver;c:\windows\system32\DRIVERS\ATSwpWDF.sys;c:\windows\SYSNATIVE\DRIVERS\ATSwpWDF.sys [x]
S3 gobi3kfilter;Qualcomm Gobi 3000 USB Composite Device Filter Driver;c:\windows\system32\DRIVERS\gobi3kfilter.sys;c:\windows\SYSNATIVE\DRIVERS\gobi3kfilter.sys [x]
S3 gobi3kmbb;Qualcomm Gobi 3000 USB-NDIS 6.20 miniport;c:\windows\system32\DRIVERS\gobi3kmbb.sys;c:\windows\SYSNATIVE\DRIVERS\gobi3kmbb.sys [x]
S3 gobi3kserial;Qualcomm Gobi 3000 USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\gobi3kserial.sys;c:\windows\SYSNATIVE\DRIVERS\gobi3kserial.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys;c:\windows\SYSNATIVE\DRIVERS\SFEP.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-13 09:33]
.
2014-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-07 11:16]
.
2014-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-07 11:16]
.
2014-01-06 c:\windows\Tasks\Plus-HD-5.0-chromeinstaller.job
- c:\program files (x86)\Plus-HD-5.0\Plus-HD-5.0-chromeinstaller.exe [2014-01-03 14:16]
.
2014-01-06 c:\windows\Tasks\Plus-HD-5.0-codedownloader.job
- c:\program files (x86)\Plus-HD-5.0\Plus-HD-5.0-codedownloader.exe [2014-01-03 14:16]
.
2014-01-06 c:\windows\Tasks\Plus-HD-5.0-enabler.job
- c:\program files (x86)\Plus-HD-5.0\Plus-HD-5.0-enabler.exe [2014-01-03 14:16]
.
2014-01-06 c:\windows\Tasks\Plus-HD-5.0-firefoxinstaller.job
- c:\program files (x86)\Plus-HD-5.0\Plus-HD-5.0-firefoxinstaller.exe [2014-01-03 14:16]
.
2014-01-06 c:\windows\Tasks\Plus-HD-5.0-updater.job
- c:\program files (x86)\Plus-HD-5.0\Plus-HD-5.0-updater.exe [2014-01-03 14:16]
.
2014-01-06 c:\windows\Tasks\RegClean Pro_DEFAULT.job
- c:\program files (x86)\RegClean Pro\RegCleanPro.exe [2014-01-03 14:42]
.
2014-01-06 c:\windows\Tasks\RegClean Pro_UPDATES.job
- c:\program files (x86)\RegClean Pro\RegCleanPro.exe [2014-01-03 14:42]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-01-28 14:48 342176 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\TBLap\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\TBLap\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\TBLap\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\TBLap\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p18_serp_ie_de_display?ie=UTF8&tagbase=bds-p18&tbrId=v1_abb-channel-18_7c3e267f89814993a1d975c30ac0da75_18_38_20130131_DE_ie_sp_OC1
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: An OneNote s&enden - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Auswahl speichern - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
IE: Bild ausschneiden - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
IE: Diese Seite ausschneiden - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Neue Notiz - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
IE: URL notieren - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{A4AF28B0-FA45-43DD-A670-ED981819DF2A}: NameServer = 139.7.30.126 139.7.30.125
FF - ProfilePath - c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.handelsblatt.com/
FF - prefs.js: keyword.URL - hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p18_serp_ff_de_display?ie=UTF8&tag=bds-p18-serp-de-ff-21&tagbase=bds-p18&tbrId=v1_abb-channel-18_7c3e267f89814993a1d975c30ac0da75_18_38_20130131_DE_ff_ab_OC1&query=
FF - user.js: extensions.irspeeddial.aflt - fxtb103
FF - user.js: extensions.irspeeddial.instlRef -
FF - user.js: extensions.irspeeddial.cr - 193300825
FF - user.js: extensions.irspeeddial.cd - 2XzuyEtN2Y1L1Qzu0CyEzzyDtDzz0B0EtD0FyC0A0A0BtCyEtN0D0Tzu0CyBtAyEtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1Czu1G2Z1S
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKLM-Run-GPUTemp - c:\users\TBLap\AppData\Local\Temp\GPUTemp.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}"=hex:51,66,7a,6c,4c,1d,38,12,00,8b,83,
81,be,a2,af,06,dc,3a,a7,82,b5,e8,7d,4f
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:a9,a7,16,93,6f,bc,cd,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Sony\VAIO Control Center\VESMgr.exe
c:\program files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
c:\program files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
c:\windows\SysWOW64\DllHost.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
c:\windows\SysWOW64\rundll32.exe
c:\users\TBLap\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
c:\program files (x86)\VLC Player GPU+\GPUMonitor.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-01-06 11:13:46 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-01-06 10:13
.
Vor Suchlauf: 8 Verzeichnis(se), 138.860.199.936 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 143.660.580.864 Bytes frei
.
- - End Of File - - BF97103D238E13A5317DD0E50EE4895B
5FB38429D5D77768867C76DCBDB35194 |
|
06.01.2014, 12:29
| #2 |
| | Oxtender von Hosteurope auf Win7 Laptop nicht mehr vorhanden, Defender nicht startbar Ich weiß, jetzt gibt es vielleicht auf die Mütze, aber der erste Versuch war nicht erfolgreich. Ich habe ComboFix noch einmal durchlaufen lassen.
__________________Nachstehend die .txt des 2. Versuchs.... Ich kann MS Defender immernoch nicht starten. ---------------------------------------------------------- Combofix Logfile: Code:
ATTFilter ComboFix 14-01-04.03 - TBLap 06.01.2014 12:03:13.2.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.8091.6163 [GMT 1:00]
ausgeführt von:: c:\users\TBLap\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\TBLap\AppData\Local\Temp\_MEI49042\_ctypes.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\_elementtree.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\_hashlib.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\_multiprocessing.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\_socket.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\_ssl.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\pyexpat.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\pysqlite2._sqlite.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\python27.dll
c:\users\TBLap\AppData\Local\Temp\_MEI49042\pythoncom27.dll
c:\users\TBLap\AppData\Local\Temp\_MEI49042\PyWinTypes27.dll
c:\users\TBLap\AppData\Local\Temp\_MEI49042\select.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\unicodedata.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\win32api.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\win32com.shell.shell.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\win32crypt.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\win32event.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\win32file.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\win32inet.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\win32pdh.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\win32pipe.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\win32process.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\win32profile.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\win32security.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\win32ts.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\windows._lib_cacheinvalidation.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\wx._controls_.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\wx._core_.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\wx._gdi_.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\wx._html2.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\wx._misc_.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\wx._windows_.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\wx._wizard.pyd
c:\users\TBLap\AppData\Local\Temp\_MEI49042\wxbase294u_net_vc90.dll
c:\users\TBLap\AppData\Local\Temp\_MEI49042\wxbase294u_vc90.dll
c:\users\TBLap\AppData\Local\Temp\_MEI49042\wxmsw294u_adv_vc90.dll
c:\users\TBLap\AppData\Local\Temp\_MEI49042\wxmsw294u_core_vc90.dll
c:\users\TBLap\AppData\Local\Temp\_MEI49042\wxmsw294u_html_vc90.dll
c:\users\TBLap\AppData\Local\Temp\_MEI49042\wxmsw294u_webview_vc90.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-12-06 bis 2014-01-06 ))))))))))))))))))))))))))))))
.
.
2014-01-06 11:06 . 2014-01-06 11:06 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-01-06 11:06 . 2014-01-06 11:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-06 09:38 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{19F55EC1-5A4C-474D-918C-7BB9CA6BC1B0}\mpengine.dll
2014-01-04 10:35 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-03 14:21 . 2014-01-06 10:28 -------- d-----w- c:\program files (x86)\MyPC Backup
2014-01-03 14:21 . 2014-01-06 10:10 -------- d-----w- c:\program files (x86)\VLC Player GPU+
2014-01-03 14:21 . 2014-01-03 14:21 -------- d-----w- C:\FRST
2014-01-03 14:17 . 2014-01-06 10:28 -------- d-----w- c:\users\TBLap\AppData\Roaming\Systweak
2014-01-03 14:17 . 2014-01-03 14:17 -------- d-----w- c:\users\TBLap\.android
2014-01-03 14:17 . 2013-11-22 14:42 20312 ----a-w- c:\windows\system32\roboot64.exe
2014-01-03 14:17 . 2014-01-06 10:47 -------- d-----w- c:\users\TBLap\AppData\Roaming\newnext.me
2014-01-03 14:17 . 2014-01-06 10:29 -------- d-----w- c:\users\TBLap\AppData\Local\Mobogenie
2014-01-03 14:17 . 2014-01-03 15:48 -------- d-----w- c:\users\TBLap\AppData\Local\genienext
2014-01-03 14:17 . 2014-01-03 15:48 -------- d-----w- c:\users\TBLap\AppData\Local\cache
2013-12-31 10:25 . 2013-12-31 10:47 -------- d-----w- c:\users\TBLap\.freemind
2013-12-31 10:24 . 2013-12-31 10:24 -------- d-----w- c:\programdata\Oracle
2013-12-31 10:24 . 2013-12-31 10:24 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-12-31 10:24 . 2013-12-31 10:24 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-12-31 10:24 . 2013-12-31 10:24 -------- d-----w- c:\program files (x86)\Java
2013-12-31 10:20 . 2013-12-31 10:20 -------- d-----w- c:\program files (x86)\FreeMind
2013-12-14 13:28 . 2013-12-14 13:28 -------- d-----w- c:\program files (x86)\Open-Xchange
2013-12-14 02:00 . 2013-11-26 11:54 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-12-13 08:33 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-12-13 08:33 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-13 08:33 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-13 08:33 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-13 08:33 . 2013-10-30 01:24 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-12-13 08:33 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-13 08:33 . 2013-10-19 01:36 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-12-13 08:33 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-13 08:33 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-12-13 08:33 . 2013-10-04 02:16 116736 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-13 08:33 . 2013-10-04 01:36 230400 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-13 08:32 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
2013-12-13 08:32 . 2013-10-12 02:31 202752 ----a-w- c:\windows\system32\scrrun.dll
2013-12-13 08:32 . 2013-10-12 02:04 121856 ----a-w- c:\windows\SysWow64\wshom.ocx
2013-12-13 08:32 . 2013-10-12 02:03 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
2013-12-13 08:32 . 2013-10-12 01:33 156160 ----a-w- c:\windows\system32\cscript.exe
2013-12-13 08:32 . 2013-10-12 01:33 168960 ----a-w- c:\windows\system32\wscript.exe
2013-12-13 08:32 . 2013-10-12 01:15 141824 ----a-w- c:\windows\SysWow64\wscript.exe
2013-12-13 08:32 . 2013-10-12 01:15 126976 ----a-w- c:\windows\SysWow64\cscript.exe
2013-12-09 11:09 . 2013-10-18 01:13 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4C04F8AD-84C4-4863-93AA-6976D0E68B71}\gapaengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-13 09:33 . 2012-11-13 14:28 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-13 09:33 . 2012-11-13 14:28 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-01 13:42 . 2012-11-06 19:46 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-11-27 02:00 . 2013-11-27 02:00 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-27 02:00 . 2013-11-27 02:00 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-27 02:00 . 2013-11-27 02:00 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-27 02:00 . 2013-11-27 02:00 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-27 02:00 . 2013-11-27 02:00 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-27 02:00 . 2013-11-27 02:00 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-27 02:00 . 2013-11-27 02:00 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-27 02:00 . 2013-11-27 02:00 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-27 02:00 . 2013-11-27 02:00 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-27 02:00 . 2013-11-27 02:00 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-27 02:00 . 2013-11-27 02:00 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-27 02:00 . 2013-11-27 02:00 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-27 02:00 . 2013-11-27 02:00 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-27 02:00 . 2013-11-27 02:00 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-27 02:00 . 2013-11-27 02:00 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-27 02:00 . 2013-11-27 02:00 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-27 02:00 . 2013-11-27 02:00 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-27 02:00 . 2013-11-27 02:00 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-27 02:00 . 2013-11-27 02:00 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-27 02:00 . 2013-11-27 02:00 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-27 02:00 . 2013-11-27 02:00 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-27 02:00 . 2013-11-27 02:00 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-27 02:00 . 2013-11-27 02:00 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-27 02:00 . 2013-11-27 02:00 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-27 02:00 . 2013-11-27 02:00 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-27 02:00 . 2013-11-27 02:00 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-27 02:00 . 2013-11-27 02:00 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-27 02:00 . 2013-11-27 02:00 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-27 02:00 . 2013-11-27 02:00 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-27 02:00 . 2013-11-27 02:00 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-27 02:00 . 2013-11-27 02:00 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-27 02:00 . 2013-11-27 02:00 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-27 02:00 . 2013-11-27 02:00 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-27 02:00 . 2013-11-27 02:00 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-27 02:00 . 2013-11-27 02:00 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-27 02:00 . 2013-11-27 02:00 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-27 02:00 . 2013-11-27 02:00 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-27 02:00 . 2013-11-27 02:00 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-27 02:00 . 2013-11-27 02:00 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-27 02:00 . 2013-11-27 02:00 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-27 02:00 . 2013-11-27 02:00 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-27 02:00 . 2013-11-27 02:00 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-27 02:00 . 2013-11-27 02:00 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-27 02:00 . 2013-11-27 02:00 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-27 02:00 . 2013-11-27 02:00 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-27 02:00 . 2013-11-27 02:00 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-27 02:00 . 2013-11-27 02:00 413696 ----a-w- c:\windows\system32\html.iec
2013-11-27 02:00 . 2013-11-27 02:00 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-27 02:00 . 2013-11-27 02:00 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-27 02:00 . 2013-11-27 02:00 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-27 02:00 . 2013-11-27 02:00 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-27 02:00 . 2013-11-27 02:00 235520 ----a-w- c:\windows\system32\url.dll
2013-11-27 02:00 . 2013-11-27 02:00 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-27 02:00 . 2013-11-27 02:00 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-27 02:00 . 2013-11-27 02:00 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-27 02:00 . 2013-11-27 02:00 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-27 02:00 . 2013-11-27 02:00 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-27 02:00 . 2013-11-27 02:00 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-27 02:00 . 2013-11-27 02:00 101376 ----a-w- c:\windows\system32\inseng.dll
2013-11-21 08:32 . 2013-11-21 08:32 4169784 ----a-w- c:\windows\SysWow64\oxstor32.dll
2013-11-19 10:21 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-18 01:13 . 2012-11-29 08:44 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-10-14 17:00 . 2013-11-27 02:03 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-10-12 02:30 . 2013-11-13 06:35 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-13 06:35 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-13 06:35 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-13 06:35 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-13 06:35 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110211941181}]
2013-09-11 08:33 600712 ----a-w- c:\program files (x86)\Mein Gutscheincode\Mein Gutscheincode-bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-01-28 14:48 281760 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F443A627-5009-4323-9C1D-7FD598D0D712}]
2012-05-10 00:05 1607472 ----a-w- c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{EA582743-9076-4178-9AA6-7393FDF4D5CE}"= "c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll" [2012-05-10 1607472]
.
[HKEY_CLASSES_ROOT\clsid\{ea582743-9076-4178-9aa6-7393fdf4d5ce}]
[HKEY_CLASSES_ROOT\TypeLib\{33D0AD98-3347-4A54-8929-5163EBEB9F72}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\TBLap\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\TBLap\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\TBLap\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\TBLap\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OXUpdater"="c:\users\TBLap\AppData\Local\Open-Xchange\OXUpdater\OXUpdater.exe" [2013-11-04 2278920]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-12-06 20203904]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Akamai NetSession Interface"="c:\users\TBLap\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"NextLive"="c:\users\TBLap\AppData\Roaming\newnext.me\nengine.dll" [2013-11-14 1283584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-01 291608]
"TRUUpdater"="c:\program files (x86)\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe" [2011-11-03 329072]
"WatcherHelper"="c:\program files (x86)\Sierra Wireless Inc\3G Watcher\WaHelper.exe" [2011-08-04 140656]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-09-20 60552]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"NetDrive"="c:\program files\NetDrive\netdrive.exe" [2013-03-16 3587072]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2011-07-25 468112]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-12-02 1316248]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"GPULoader"="c:\program files (x86)\VLC Player GPU+\GPULog.exe" [2013-12-27 1328864]
.
c:\users\TBLap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\TBLap\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2013-7-23 1089888]
OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protokoll;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 ndfs;ndfs;c:\program files\NetDrive\ndfs.sys;c:\program files\NetDrive\ndfs.sys [x]
R3 PcaSp60;Rawether NDIS 6.X SPR Protocol Driver;c:\windows\system32\DRIVERS\PcaSp60.sys;c:\windows\SYSNATIVE\DRIVERS\PcaSp60.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 FPLService;TrueSuiteService;c:\program files\AuthenTec TrueSuite\TrueSuiteService.exe;c:\program files\AuthenTec TrueSuite\TrueSuiteService.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 ndsvc;NetDrive Service;c:\program files\NetDrive\ndsvc.exe;c:\program files\NetDrive\ndsvc.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 SwiCardDetectSvc;Sierra Wireless Card Detection Service;c:\program files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe;c:\program files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe [x]
S2 SwiService;Sierra Wireless Service;c:\program files (x86)\Sierra Wireless Inc\QMIPackage\Utils\SWIService.exe;c:\program files (x86)\Sierra Wireless Inc\QMIPackage\Utils\SWIService.exe [x]
S2 Updater Service for AMZN;Updater Service for AMZN;c:\program files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe;c:\program files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe [x]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S2 WTGService;WTGService;c:\program files (x86)\OneClickInternet\WTGService.exe;c:\program files (x86)\OneClickInternet\WTGService.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed - Virtueller Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 ATSwpWDF;AuthenTec TruePrint WBF Driver;c:\windows\system32\DRIVERS\ATSwpWDF.sys;c:\windows\SYSNATIVE\DRIVERS\ATSwpWDF.sys [x]
S3 gobi3kfilter;Qualcomm Gobi 3000 USB Composite Device Filter Driver;c:\windows\system32\DRIVERS\gobi3kfilter.sys;c:\windows\SYSNATIVE\DRIVERS\gobi3kfilter.sys [x]
S3 gobi3kmbb;Qualcomm Gobi 3000 USB-NDIS 6.20 miniport;c:\windows\system32\DRIVERS\gobi3kmbb.sys;c:\windows\SYSNATIVE\DRIVERS\gobi3kmbb.sys [x]
S3 gobi3kserial;Qualcomm Gobi 3000 USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\gobi3kserial.sys;c:\windows\SYSNATIVE\DRIVERS\gobi3kserial.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys;c:\windows\SYSNATIVE\DRIVERS\SFEP.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-13 09:33]
.
2014-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-07 11:16]
.
2014-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-07 11:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-01-28 14:48 342176 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\TBLap\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\TBLap\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\TBLap\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\TBLap\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p18_serp_ie_de_display?ie=UTF8&tagbase=bds-p18&tbrId=v1_abb-channel-18_7c3e267f89814993a1d975c30ac0da75_18_38_20130131_DE_ie_sp_OC1
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: An OneNote s&enden - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Auswahl speichern - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
IE: Bild ausschneiden - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
IE: Diese Seite ausschneiden - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Neue Notiz - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
IE: URL notieren - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{A4AF28B0-FA45-43DD-A670-ED981819DF2A}: NameServer = 139.7.30.126 139.7.30.125
FF - ProfilePath - c:\users\TBLap\AppData\Roaming\Mozilla\Firefox\Profiles\1a6n4efa.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.handelsblatt.com/
FF - prefs.js: keyword.URL - hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p18_serp_ff_de_display?ie=UTF8&tag=bds-p18-serp-de-ff-21&tagbase=bds-p18&tbrId=v1_abb-channel-18_7c3e267f89814993a1d975c30ac0da75_18_38_20130131_DE_ff_ab_OC1&query=
FF - user.js: extensions.irspeeddial.aflt - fxtb103
FF - user.js: extensions.irspeeddial.instlRef -
FF - user.js: extensions.irspeeddial.cr - 193300825
FF - user.js: extensions.irspeeddial.cd - 2XzuyEtN2Y1L1Qzu0CyEzzyDtDzz0B0EtD0FyC0A0A0BtCyEtN0D0Tzu0CyBtAyEtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1Czu1G2Z1S
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-mobilegeni daemon - c:\program files (x86)\Mobogenie\DaemonProcess.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}"=hex:51,66,7a,6c,4c,1d,38,12,00,8b,83,
81,be,a2,af,06,dc,3a,a7,82,b5,e8,7d,4f
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:a9,a7,16,93,6f,bc,cd,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Sony\VAIO Control Center\VESMgr.exe
c:\program files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
c:\program files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
c:\windows\SysWOW64\DllHost.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
c:\windows\SysWOW64\rundll32.exe
c:\users\TBLap\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
c:\program files (x86)\VLC Player GPU+\GPUMonitor.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-01-06 12:25:16 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-01-06 11:25
ComboFix2.txt 2014-01-06 10:13
.
Vor Suchlauf: 11 Verzeichnis(se), 143.800.860.672 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 143.684.620.288 Bytes frei
.
- - End Of File - - 6571510532A37010D26AEDE334B41FDB
5FB38429D5D77768867C76DCBDB35194 |
|
| Themen zu Oxtender von Hosteurope auf Win7 Laptop nicht mehr vorhanden, Defender nicht startbar |
| dateien, defender, gefunde, immernoch, meldungen, mobogenie, mobogenie entfernen, problems, pup.optional.alexatb.a, pup.optional.amazontb.a, pup.optional.crossrider.a, pup.optional.crossrider.m, pup.optional.installcore, pup.optional.installcore.a, pup.optional.nextlive.a, pup.optional.opencandy, pup.optional.searchprotect, versuch, versucht, vorhanden, win7, windows |
Hybrid-Darstellung
