| |
| |||||||
Log-Analyse und Auswertung: Windows Vista 32bit: static.icmwebserv entfernenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
22.03.2014, 16:57
| #3 |
 |  Windows Vista 32bit: static.icmwebserv entfernen hier der combofix log:
__________________Combofix Logfile: Code:
ATTFilter ComboFix 14-03-19.01 - Eleen 22.03.2014 16:42:03.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3070.1733 [GMT 1:00]
ausgeführt von:: c:\users\Eleen\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Vaudiix
c:\programdata\Vaudiix\51e5a9791099c.dll
c:\programdata\Vaudiix\51e5a9791099c.tlb
c:\programdata\Vaudiix\settings.ini
c:\users\Eleen\AppData\Local\edjig.dat
c:\users\Eleen\AppData\Local\edjig_nav.dat
c:\users\Eleen\AppData\Local\edjig_navps.dat
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\background.html
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\chromeCoreFilesIndex.txt
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\crossriderManifest.json
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\manifest.xml
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins.json
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\1_base.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\102_dealply_m.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\103_intext_5_m.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\104_jollywallet_m.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\108_icm_m.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\119_similar_web_m.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\123_intext_adv_m.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\14_CrossriderUtils.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\155_ibario_pops_m.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\17_jQuery.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\177_crossriderDashboard.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\178_revizer_ws_dynamic_m.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\179_revizer_p_dynamic_m.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\180_bpo_serp_m.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\182_openUrl.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\183_tabsWrapper.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\184_noproblemppc_m.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\19_CHAppAPIWrapper.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\190_pops_5_m.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\191_ciuvo_m.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\195_icm_convertmedia_m.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\207_dbWrapper.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\21_debug.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\22_resources.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\220_icm_base_m.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\221_icm_downloads_m.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\223_imonomy_m.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\28_initializer.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\47_resources_background.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\64_appApiMessage.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\7_hooks.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\72_appApiValidation.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\78_CrossriderInfo.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\80_CHPopupAppAPI.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\87_ginyas_wrapper.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\9_search_engine_hook.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\91_monetizationLoader.js.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\plugins\97_resourceApiWrapper.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\userCode\background.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\extensionData\userCode\extension.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\icons\actions\1.png
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\icons\icon128.png
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\icons\icon16.png
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\icons\icon48.png
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\api\chrome.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\api\cookie.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\api\message.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\api\monitor.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\api\pageAction.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\api\pageActionBG.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\background.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\lib\app_api.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\lib\bg_app_api.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\lib\consts.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\lib\cookie_store.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\lib\crossriderAPI.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\lib\delegate.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\lib\events.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\lib\extensionDataStore.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\lib\installer.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\lib\logFile.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\lib\logging.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\lib\onBGDocumentLoad.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\lib\popupResource\newPopup.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\lib\popupResource\popup.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\lib\reports.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\lib\storageWrapper.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\lib\updateManager.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\lib\util.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\lib\xhr.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\main.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\js\platformVersion.js
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\manifest.json
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\16454.3009.8763_0\popup.html
c:\users\Eleen\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome.manifest
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\asyncDB.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\background.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\browserAction.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\contextMenu.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\dbManager.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\dom_bg.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\fileManager.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\firefox.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\firefoxNotifications.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\firefoxOmnibox.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\message.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\pageAction.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\request.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\tabs.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\webRequest.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\windowsMessagingHandler.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\background.html
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\baseObject.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\browser.xul
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\addressBarChangeObserver.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\console.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\consts.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\delegate.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\extensionDataStore.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\folderIOWrapper.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\httpObserver.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\IDBWrapper.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\installer.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\logFile.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\prefs.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\progressListenerObserver.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\registry.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\reloadObserver.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\reports.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\requestObject.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\searchSettings.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\uninstallObserver.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\updateManager.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\utils.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\xhr.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\dialog.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\ffCoreFilesIndex.txt
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\main.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\options.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\options.xul
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\platformVersion.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\search_dialog.xul
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\defaults\preferences\prefs.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\manifest.xml
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins.json
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\1_base.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\102_dealply_m.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\103_intext_5_m.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\104_jollywallet_m.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\108_icm_m.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\119_similar_web_m.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\123_intext_adv_m.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\14_CrossriderUtils.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\155_ibario_pops_m.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\17_jQuery.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\177_crossriderDashboard.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\178_revizer_ws_dynamic_m.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\179_revizer_p_dynamic_m.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\180_bpo_serp_m.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\182_openUrl.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\183_tabsWrapper.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\184_noproblemppc_m.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\190_pops_5_m.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\191_ciuvo_m.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\195_icm_convertmedia_m.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\207_dbWrapper.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\21_debug.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\22_resources.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\220_icm_base_m.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\221_icm_downloads_m.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\223_imonomy_m.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\226_set_campaign_id_m.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\231_revizer_ws_dynamic_2_m.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\246_setup.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\28_initializer.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\47_resources_background.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\64_appApiMessage.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\7_hooks.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\72_appApiValidation.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\78_CrossriderInfo.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\87_ginyas_wrapper.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\9_search_engine_hook.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\91_monetizationLoader.js.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\98_omniCommands.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\userCode\background.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\userCode\extension.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\install.rdf
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\locale\en-US\translations.dtd
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\button1.png
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\button2.png
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\button3.png
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\button4.png
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\button5.png
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\crossrider_statusbar.png
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\icon128.png
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\icon16.png
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\icon24.png
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\icon48.png
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\panelarrow-up.png
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\popup.html
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\skin.css
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\update.css
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\kgy4ep@aibp-.edu
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\kgy4ep@aibp-.edu\bootstrap.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\kgy4ep@aibp-.edu\chrome.manifest
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\kgy4ep@aibp-.edu\content\bg.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\kgy4ep@aibp-.edu\install.rdf
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\pjwpt_iy@mhouplacgtn.edu
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\pjwpt_iy@mhouplacgtn.edu\bootstrap.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\pjwpt_iy@mhouplacgtn.edu\chrome.manifest
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\pjwpt_iy@mhouplacgtn.edu\content\bg.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\pjwpt_iy@mhouplacgtn.edu\install.rdf
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\q8jc2.4h@ioelqsvatwtdrov.co.uk
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\q8jc2.4h@ioelqsvatwtdrov.co.uk\bootstrap.js
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\q8jc2.4h@ioelqsvatwtdrov.co.uk\chrome.manifest
c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\extensions\q8jc2.4h@ioelqsvatwtdrov.co.uk\install.rdf
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\mumxeijx.default\extensions\staged\kgy4ep@aibp-.edu
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\mumxeijx.default\extensions\staged\kgy4ep@aibp-.edu\bootstrap.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\mumxeijx.default\extensions\staged\kgy4ep@aibp-.edu\chrome.manifest
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\mumxeijx.default\extensions\staged\kgy4ep@aibp-.edu\content\bg.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\mumxeijx.default\extensions\staged\kgy4ep@aibp-.edu\install.rdf
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\mumxeijx.default\extensions\staged\pjwpt_iy@mhouplacgtn.edu
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\mumxeijx.default\extensions\staged\pjwpt_iy@mhouplacgtn.edu\bootstrap.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\mumxeijx.default\extensions\staged\pjwpt_iy@mhouplacgtn.edu\chrome.manifest
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\mumxeijx.default\extensions\staged\pjwpt_iy@mhouplacgtn.edu\content\bg.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\mumxeijx.default\extensions\staged\pjwpt_iy@mhouplacgtn.edu\install.rdf
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\mumxeijx.default\extensions\staged\uqnjc@ueeyuu.co.uk
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\mumxeijx.default\extensions\staged\uqnjc@ueeyuu.co.uk\bootstrap.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\mumxeijx.default\extensions\staged\uqnjc@ueeyuu.co.uk\chrome.manifest
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\mumxeijx.default\extensions\staged\uqnjc@ueeyuu.co.uk\content\bg.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\mumxeijx.default\extensions\staged\uqnjc@ueeyuu.co.uk\install.rdf
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\mumxeijx.default\extensions\staged\xbos.ii@vzoqlqm-.co.uk
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\mumxeijx.default\extensions\staged\xbos.ii@vzoqlqm-.co.uk\bootstrap.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\mumxeijx.default\extensions\staged\xbos.ii@vzoqlqm-.co.uk\chrome.manifest
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\mumxeijx.default\extensions\staged\xbos.ii@vzoqlqm-.co.uk\content\bg.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\mumxeijx.default\extensions\staged\xbos.ii@vzoqlqm-.co.uk\install.rdf
D:\zPharaoh.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-02-22 bis 2014-03-22 ))))))))))))))))))))))))))))))
.
.
2014-03-22 15:50 . 2014-03-22 15:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-22 15:50 . 2014-03-22 15:50 -------- d-----w- c:\users\Gast\AppData\Local\temp
2014-03-22 12:40 . 2014-03-22 12:43 -------- d-----w- C:\FRST
2014-03-22 12:29 . 2014-03-07 04:35 7969936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{33BC0866-FA34-425C-976D-F954FF533F3D}\mpengine.dll
2014-03-21 14:05 . 2014-03-21 14:05 -------- d-----w- c:\users\Eleen\AppData\Roaming\LavasoftStatistics
2014-03-21 14:05 . 2014-03-21 14:05 -------- d-----w- c:\programdata\Lavasoft
2014-03-21 14:04 . 2014-03-21 14:04 44424 ----a-w- c:\windows\system32\sbbd.exe
2014-03-21 14:04 . 2014-03-21 14:04 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys
2014-03-21 14:04 . 2014-03-21 14:04 -------- d-----w- c:\users\Eleen\AppData\Roaming\Ad-Aware Antivirus
2014-03-21 14:01 . 2013-09-20 09:49 18968 ----a-w- c:\windows\system32\sdnclean.exe
2014-03-21 14:01 . 2014-03-21 14:03 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2014-03-21 14:00 . 2014-03-21 14:01 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2014-03-14 11:21 . 2014-03-14 11:21 -------- d-----w- c:\users\Eleen\AppData\Local\Skype
2014-03-14 11:20 . 2014-03-14 11:20 -------- d-----w- c:\program files\Common Files\Skype
2014-03-14 00:05 . 2014-02-03 10:37 505344 ----a-w- c:\windows\system32\qedit.dll
2014-03-14 00:05 . 2014-02-07 10:38 2050560 ----a-w- c:\windows\system32\win32k.sys
2014-03-14 00:05 . 2014-01-30 07:46 876032 ----a-w- c:\windows\system32\wer.dll
2014-03-14 00:05 . 2013-11-13 00:30 2048 ----a-w- c:\windows\system32\tzres.dll
2014-03-07 08:47 . 2014-03-07 08:47 -------- d-----w- c:\programdata\AlulSaaVeR
2014-02-26 02:02 . 2014-02-26 02:02 -------- d-----w- c:\windows\Migration
2014-02-24 16:15 . 2014-02-24 16:15 -------- d-----w- c:\programdata\APN
2014-02-24 16:06 . 2012-12-07 10:34 25416 ----a-w- c:\windows\system32\drivers\ndiskhaz.sys
2014-02-24 15:49 . 2014-02-24 15:55 -------- d-----w- c:\program files\MyRouter
2014-02-24 15:48 . 2014-02-24 16:16 -------- d-----w- c:\program files\LPT
2014-02-24 15:44 . 2014-02-24 15:44 -------- d-----w- c:\program files\Plus-HD-7.6
2014-02-24 00:05 . 2013-04-05 20:26 1679360 ----a-w- c:\windows\system32\ac3filter.acm
2014-02-24 00:05 . 2014-02-24 00:05 -------- d-----w- c:\program files\AC3Filter
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-12 16:19 . 2013-02-09 12:39 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-12 16:19 . 2013-02-09 12:39 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2011-01-20 11:55 . 2014-02-16 21:29 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{0D2F2FDE-BEF9-8DA2-53D0-832ACC98B8F1}]
2014-02-02 12:43 422912 ----a-w- c:\programdata\YouTuAudBlockErr\UqCc_K4ZE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{F17F1F71-6079-2153-8AD0-AE6DFF2E9BB1}]
2014-01-06 21:42 425472 ----a-w- c:\programdata\ShopDroP\V.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-11-26 17:15 321752 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Eleen\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Eleen\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Eleen\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Eleen\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 14:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 14:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 14:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 14:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-27 39408]
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2013-03-27 6875136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UCam_Menu"="c:\program files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe" [2007-09-13 222504]
"RtHDVCpl"="RtHDVCpl.exe" [2008-07-03 6266880]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"OmniPass"="c:\program files\Softex\OmniPass\scureapp.exe" [2007-11-02 2564096]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-07-11 92704]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-11 13543968]
"LanguageShortcut"="c:\program files\HomeCinema\PowerDVD\Language\Language.exe" [2007-01-08 52256]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-08-31 102400]
"LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2007-09-01 32768]
"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2007-09-06 188416]
"LMgrOSD"="c:\program files\Launch Manager\OSD.exe" [2006-12-26 180224]
"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2007-09-07 86016]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2013-01-30 450560]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-11-26 3568312]
"Skytel"="Skytel.exe" [2008-06-25 1826816]
"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2013-07-25 5624784]
.
c:\users\Eleen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Eleen\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 30714328]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2013-02-13 02:37 1263952 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
2013-03-27 08:11 6875136 ----a-w- c:\program files\Free Download Manager\fdm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2011-01-20 11:55 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2008-02-28 16:07 1828136 ----a-w- c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2008-06-25 11:49 1826816 ----a-w- c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-05-27 16:27 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPStart]
2007-08-31 10:04 102400 ----a-w- c:\program files\Synaptics\SynTP\SynTPStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-06-17 08:05 273544 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
R2 4ccdc918;Smooth Browsing;c:\windows\system32\rundll32.exe [2006-11-02 44544]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 09:23 1210320 ----a-w- c:\program files\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-03-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-09 16:19]
.
2014-03-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1730723334-2492733915-1079002006-1001Core.job
- c:\users\Eleen\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-08 11:12]
.
2014-03-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1730723334-2492733915-1079002006-1001UA.job
- c:\users\Eleen\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-08 11:12]
.
2014-03-21 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-27 18:53]
.
2014-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-27 16:27]
.
2014-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-27 16:27]
.
2014-03-22 c:\windows\Tasks\Plus-HD-7.6-codedownloader.job
- c:\program files\Plus-HD-7.6\Plus-HD-7.6-codedownloader.exe [2014-02-24 15:44]
.
2014-03-22 c:\windows\Tasks\Plus-HD-7.6-enabler.job
- c:\program files\Plus-HD-7.6\Plus-HD-7.6-enabler.exe [2014-02-24 15:44]
.
2014-03-22 c:\windows\Tasks\Plus-HD-7.6-firefoxinstaller.job
- c:\program files\Plus-HD-7.6\Plus-HD-7.6-firefoxinstaller.exe [2014-02-24 15:44]
.
2014-03-22 c:\windows\Tasks\Plus-HD-7.6-updater.job
- c:\program files\Plus-HD-7.6\Plus-HD-7.6-updater.exe [2014-02-24 15:44]
.
2014-03-22 c:\windows\Tasks\Plus-HD-7.6-validator.job
- c:\program files\Plus-HD-7.6\Plus-HD-7.6-validator.exe [2014-02-24 15:44]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlO-xkuKtzfsTQg0qv79dAMnWSJSLxKg9PZHqRMH1pVZ9MeaGn4RyxdFZAIllGStgLtH9MKS3Rcmitd99spa2iihBzLXJ6I4wWTPiM2zjywEhzB2l_tBvL5edN1w0WgZBSK3U1GMfOZLS5A,,
mStart Page = hxxp://websearch.searchboxes.info/?pid=321&r=2013/07/16&hid=3944764155&lg=EN&cc=DE&unqvl=28
uSearchAssistant = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlO-xkuKtzfsTQg0qv79dAMnWSJSLxKg9PZHqRMH1pVZ9MeaGn4RyxdFZAIllGStgLtH9MKS3Rcmitd9x7v2FUW4_fjHSTcBuUtW8aoDonNGKo9Eloe3Xd9EquGhigkkQh04jGq6WJYwVqw,,&q={searchTerms}
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: Alles mit FDM herunterladen - file://c:\program files\Free Download Manager\dlall.htm
IE: Auswahl mit FDM herunterladen - file://c:\program files\Free Download Manager\dlselected.htm
IE: Datei mit FDM herunterladen - file://c:\program files\Free Download Manager\dllink.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Videos mit FDM herunterladen - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4
TCP: DhcpNameServer = 141.35.1.16 141.35.1.80
FF - ProfilePath - c:\users\Eleen\AppData\Roaming\Mozilla\Firefox\Profiles\dzsm78t6.default\
FF - prefs.js: browser.search.defaulturl - hxxp://websearch.searchboxes.info/?pid=321&r=2013/07/16&hid=3944764155&lg=EN&cc=DE&unqvl=28&l=1&q=
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?rls=org.mozilla:en-US:official&client=firefox-a&q=
FF - ExtSQL: !HIDDEN! 2009-09-30 22:23; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-CTSyncU.exe - c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe
HKLM-Run-toolbar_eula_launcher - c:\program files\GoogleEULA\EULALauncher.exe
HKLM-Run-CtrlVol - c:\program files\Launch Manager\CtrlVol.exe
Notify-SDWinLogon - SDWinLogon.dll
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-Adobe ARM - c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
AddRemove-{89182668-89F3-2E6B-C6ED-760879E0A25A} - c:\programdata\YouTuAudBlockErr\UqCc_K4ZE.exe
AddRemove-{B6D700D3-3D0D-FEEB-D675-2CE78F9EC5D6} - c:\programdata\ShopDroP\V.exe
AddRemove-{F5853CDF-2C63-6D1D-B286-CBB1CD5DFD62} - c:\programdata\AlulSaaVeR\3kq.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2014-03-22 16:51
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Zeit der Fertigstellung: 2014-03-22 16:54:58
ComboFix-quarantined-files.txt 2014-03-22 15:54
.
Vor Suchlauf: 10 Verzeichnis(se), 103.269.363.712 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 103.308.079.104 Bytes frei
.
- - End Of File - - 4553F4C724E874CF0ACA390B29A2D44D
5C616939100B85E558DA92B899A0FC36 Geändert von Zephyr1elf (22.03.2014 um 17:10 Uhr) |
| Themen zu Windows Vista 32bit: static.icmwebserv entfernen |
| ad-aware, adware.agent, chromium, converter, device driver, dvdvideosoft ltd., entfernen, error, flash player, free download, home, launch, mp3, newtab, pup.bundleinstaller.sol, pup.optional.amonetize, pup.optional.bundleinstaller.a, pup.optional.installex, pup.optional.linkury.a, pup.optional.multiplug.a, pup.optional.somoto.a, pup.smspay.pgen, safer networking, security, svchost.exe, system, tracker, trojan.sprotector, werbung, windows |
Baum-Darstellung