| |
| |||||||
Log-Analyse und Auswertung: Hab Adware auf mein rechner und will die los werdenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
06.04.2014, 09:39
| #1 |
| |  Hab Adware auf mein rechner und will die los werden hi leute... Hatte ursprünglich folgendes problem. Nachdem ich für Firefox ein adblock addon installiert hab ist mir aufgefallen, dass mein rechner mich von forn bis hinten nur noch mit werbung zu schmeißt, so das ich letzt endlich auf ebay kaum noch was sehe^^ Dazu haben sich dann auch laufend seiten wie srv123.com geöffnet. Ein anderer user hat das selbe problem mit exakt den selben symptomen beschrieben(hier der link: http://www.trojaner-board.de/151704-...s-verseht.html ) und eine hilfestellung von schrauber bekommen. Ich bin diese dann schritt für schritt durchgegangen (mit jeder menge fünden) und habe hier die entsprechenden logfiles. hier ist die frst logfile: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 Ran by phil (administrator) on PHIL-PC on 06-04-2014 08:40:22 Running from C:\Users\phil\Desktop Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (AMD) C:\Windows\system32\atiesrxx.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe (AMD) C:\Windows\system32\atieclxx.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe () C:\Program Files\ATKGFNEX\GFNEXSrv.exe () C:\Program Files (x86)\Re-markit Corp\Re-markit_wd.exe (ATK0100) C:\Program Files (x86)\ATK Hotkey\Hcontrol.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe () C:\Program Files\Wireless Console 2\wcourier.exe () C:\Program Files (x86)\ATK Hotkey\MsgTranAgt.exe () C:\Program Files (x86)\ATK Hotkey\MsgTranAgt64.exe (Microsoft Corporation) C:\Windows\vVX1000.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe () C:\Program Files (x86)\ATK Hotkey\Atouch64.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (ICQ, LLC.) C:\Program Files (x86)\ICQ7.5\ICQ.exe () C:\Program Files (x86)\ATK Hotkey\ATKOSD.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe (Akamai Technologies, Inc.) C:\Users\phil\AppData\Local\Akamai\netsession_win.exe (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe (ASUSTek Computer) C:\Program Files (x86)\ASUS\NB Probe\NBProbe.exe () C:\Program Files (x86)\Re-markit Corp\Re-markit158.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe () C:\Program Files (x86)\ASUS\NB Probe\SPM\spmgr.exe (Akamai Technologies, Inc.) C:\Users\phil\AppData\Local\Akamai\netsession_win.exe () C:\Program Files (x86)\ATK Hotkey\KBFiltr.exe () C:\Program Files (x86)\ATK Hotkey\WDC.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () C:\Program Files (x86)\ATK Hotkey\HControlUser.exe (ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [VX1000] - C:\Windows\vVX1000.exe [762736 2010-05-20] (Microsoft Corporation) HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2918656 2011-01-12] (ESET) HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-04-15] (Intel Corporation) HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1216808 2007-12-06] (Synaptics, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-04-08] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [LifeCam] - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation) HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-03-21] () HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ATK Hotkey\HcontrolUser.exe [98304 2008-01-11] () HKLM-x32\...\Run: [ADSMTray] - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [266240 2008-04-01] (ASUSTek Computer Inc.) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\S-1-5-21-402873747-22297607-3666971032-1001\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation) HKU\S-1-5-21-402873747-22297607-3666971032-1001\...\Run: [Skype] - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized HKU\S-1-5-21-402873747-22297607-3666971032-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd) HKU\S-1-5-21-402873747-22297607-3666971032-1001\...\Run: [EA Core] - "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent HKU\S-1-5-21-402873747-22297607-3666971032-1001\...\Run: [ICQ] - C:\Program Files (x86)\ICQ7.5\ICQ.exe [124480 2011-08-01] (ICQ, LLC.) HKU\S-1-5-21-402873747-22297607-3666971032-1001\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-402873747-22297607-3666971032-1001\...\Run: [Akamai NetSession Interface] - C:\Users\phil\AppData\Local\Akamai\netsession_win.exe [4672920 2014-03-06] (Akamai Technologies, Inc.) HKU\S-1-5-21-402873747-22297607-3666971032-1001\...\Run: [NB Probe] - C:\Program Files (x86)\ASUS\NB Probe\NBProbe.exe [813624 2008-06-20] (ASUSTek Computer) HKU\S-1-5-21-402873747-22297607-3666971032-1001\...\MountPoints2: {36ae5683-a544-11e3-b04f-0023547c5476} - E:\setup.exe HKU\S-1-5-21-402873747-22297607-3666971032-1001\...\MountPoints2: {65a236b9-aeb2-11e0-a472-001d72f2eb3e} - F:\setup.exe Lsa: [Notification Packages] scecli C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT Startup: C:\Users\phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== ProxyEnable: Internet Explorer proxy is enabled. ProxyServer: http=127.0.0.1:13828 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0 HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://start.facemoods.com/?a=ddrnw HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0&q={searchTerms} StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0 SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0&q={searchTerms} SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0&q={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0&q={searchTerms} SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0&q={searchTerms} SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0&q={searchTerms} SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0&q={searchTerms} SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search/web?q={searchTerms} BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited) BHO-x32: CescrtHlpr Object - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll (facemoods.com BHO) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: FlowSurf - {E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0} - C:\Program Files (x86)\Flowsurf\FlowSurf.dll (FlowSurf Inc.) Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll No File Toolbar: HKLM-x32 - facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll (facemoods.com) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default FF user.js: detected! => C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\user.js FF NewTab: chrome://quick_start/content/index.html FF Homepage: hxxp://istart.webssearches.com/?type=hp&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0 FF Keyword.URL: hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q= FF NetworkProxy: "http", "180.243.92.86" FF NetworkProxy: "http_port", 8080 FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\searchplugins\daemon-search.xml FF SearchPlugin: C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\searchplugins\icqplugin-1.xml FF SearchPlugin: C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\searchplugins\icqplugin-2.xml FF SearchPlugin: C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\searchplugins\icqplugin-3.xml FF SearchPlugin: C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\searchplugins\icqplugin-4.xml FF SearchPlugin: C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\searchplugins\icqplugin.xml FF SearchPlugin: C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\searchplugins\searchplugins-backup FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Quick Start - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\Extensions\quick_start@gmail.com [2014-04-04] FF Extension: Adblock Plus Pop-up Addon - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\Extensions\adblockpopups@jessehakanen.net.xpi [2011-07-13] FF Extension: Adblock Plus - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-01] FF Extension: Greasemonkey - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-04-01] FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-07-14] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-07-29] FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-07-23] FF HKLM-x32\...\Firefox\Extensions: [jid1-tofUlNEIFlkUIA@jetpack] - C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack FF Extension: FlowSurf - C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack [2014-04-04] FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com FF Extension: Quick Start - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com [2014-04-04] FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-07-29] FF HKCU\...\Firefox\Extensions: [{0f7da042-13b1-41ef-b3cd-56c3f0bc238c}] - C:\Program Files (x86)\Re-markit Corp\158.xpi FF Extension: No Name - C:\Program Files (x86)\Re-markit Corp\158.xpi [2014-04-04] FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://istart.webssearches.com/?type=sc&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0 Chrome: ======= CHR HomePage: hxxp://istart.webssearches.com/?type=hp&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0 CHR DefaultSearchKeyword: webssearches CHR DefaultSearchProvider: webssearches CHR DefaultSearchURL: hxxp://istart.webssearches.com/web/?type=ds&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0&q={searchTerms} CHR Plugin: (Shockwave Flash) - F:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll No File CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\gcswf32.dll No File CHR Plugin: (Shockwave Flash) - F:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll No File CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll () CHR Plugin: (Wajam) - F:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll No File CHR Plugin: (Adobe Acrobat) - F:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (Java Deployment Toolkit 6.0.170.4) - F:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll No File CHR Plugin: (2007 Microsoft Office system) - F:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL No File CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll No File CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll No File CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll No File CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll No File CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll No File CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File CHR Plugin: (Winamp Application Detector) - F:\Program Files\Mozilla Firefox\plugins\npwachk.dll No File CHR Plugin: (Microsoft® DRM) - F:\Program Files\Windows Media Player\npdrmv2.dll No File CHR Plugin: (Microsoft® DRM) - F:\Program Files\Windows Media Player\npwmsdrm.dll No File CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - F:\Program Files\Windows Media Player\npdsplay.dll No File CHR Plugin: (Google Update) - F:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File CHR Plugin: (Google Earth Plugin) - F:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File CHR Plugin: (Panda ActiveScan 2.0) - F:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll No File CHR Plugin: (iTunes Application Detector) - F:\Program Files\iTunes\Mozilla Plugins\npitunes.dll No File CHR Plugin: (Ma-Config.com plugin) - F:\Program Files\ma-config.com\nphardwaredetection.dll No File CHR Plugin: (Silverlight Plug-In) - f:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File CHR Extension: (Re-markit) - C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel [2014-04-04] CHR Extension: (Facemoods) - C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif [2011-07-14] CHR Extension: (Skype Extension) - C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-07-23] CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-07-23] CHR Extension: (FlowSurf) - C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn [2014-04-04] CHR Extension: (Quick Start) - C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-04-04] CHR HKLM-x32\...\Chrome\Extension: [ihflimipbcaljfnojhhknppphnnciiif] - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\facemoods.crx [2010-11-24] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2010-11-24] CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-05-23] CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-04-04] CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://istart.webssearches.com/?type=sc&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0 CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 ADSMService; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [42360 2011-01-12] (ESET) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [810144 2011-01-12] (ESET) R2 Re-markit; C:\Program Files (x86)\Re-markit Corp\Re-markit158.exe [143360 2014-04-04] () R2 spmgr; C:\Program Files (x86)\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] () S2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe -service [X] S2 o2flash; "C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe" [X] S2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe -service [X] ==================== Drivers (Whitelisted) ==================== R0 AsDsm; C:\Windows\System32\Drivers\AsDsm.sys [34872 2007-08-10] (Windows (R) Codename Longhorn DDK provider) R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] () R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-07-15] (DT Soft Ltd) R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [170640 2010-12-21] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2010-12-21] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [125296 2010-12-21] (ESET) R2 ghaio; C:\Program Files (x86)\ASUS\NB Probe\SPM\ghaio.sys [17464 2007-08-03] () R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [13168 2007-02-08] ( ) R3 MTsensor; C:\Windows\System32\DRIVERS\ATK64AMD.sys [13680 2007-08-09] () S3 O2MDRDR; C:\Windows\System32\DRIVERS\o2mdx64.sys [62424 2008-05-13] (O2Micro ) R3 smserial; C:\Windows\System32\DRIVERS\SmSerl64.sys [1227776 2009-06-10] (Motorola Inc.) S3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] () S3 ATICDSDr; \??\C:\Users\phil\AppData\Local\Temp\ATICDSDr.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-06 08:40 - 2014-04-06 08:41 - 00025219 _____ () C:\Users\phil\Desktop\FRST.txt 2014-04-06 08:39 - 2014-04-06 08:40 - 00000000 ____D () C:\FRST 2014-04-06 08:38 - 2014-04-06 08:38 - 02157056 _____ (Farbar) C:\Users\phil\Desktop\FRST64.exe 2014-04-04 14:06 - 2014-04-04 14:06 - 00000367 _____ () C:\Users\phil\Downloads\Shadow Company - Left For Dead.exe 2014-04-04 02:26 - 2014-04-04 02:28 - 00000000 ____D () C:\bands 2014-04-04 00:34 - 2014-04-04 00:34 - 00003446 _____ () C:\Windows\System32\Tasks\RegistryDr_Popup 2014-04-04 00:34 - 2014-04-04 00:34 - 00003182 _____ () C:\Windows\System32\Tasks\RegistryDr_Start 2014-04-04 00:34 - 2014-04-04 00:34 - 00000000 ____D () C:\Users\phil\AppData\Local\RegistryDR 2014-04-04 00:32 - 2014-04-04 00:32 - 00000000 ____D () C:\Users\phil\AppData\Local\EuroTrade_A.L._Ltd 2014-04-04 00:28 - 2014-04-04 00:34 - 00000000 ____D () C:\Users\phil\Documents\RegistryDr 2014-04-04 00:28 - 2014-04-04 00:30 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-04-04 00:28 - 2014-04-04 00:28 - 00001125 _____ () C:\Users\Public\Desktop\Opera.lnk 2014-04-04 00:28 - 2014-04-04 00:28 - 00000000 ____D () C:\Users\phil\AppData\Roaming\Opera Software 2014-04-04 00:28 - 2014-04-04 00:28 - 00000000 ____D () C:\Users\phil\AppData\Local\Opera Software 2014-04-04 00:28 - 2014-04-04 00:23 - 00036041 _____ () C:\download_repair.php 2014-04-04 00:27 - 2014-04-04 01:11 - 00000000 ____D () C:\ProgramData\IePluginService 2014-04-04 00:27 - 2014-04-04 00:30 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin 2014-04-04 00:27 - 2014-04-04 00:27 - 00000000 ____D () C:\Users\phil\Documents\PrivacyDR 2014-04-04 00:27 - 2014-04-04 00:27 - 00000000 ____D () C:\Users\phil\AppData\Roaming\SupTab 2014-04-04 00:27 - 2014-04-04 00:27 - 00000000 ____D () C:\Program Files (x86)\SupTab 2014-04-04 00:25 - 2014-04-06 08:26 - 00000390 _____ () C:\Windows\Tasks\Re-markit Update.job 2014-04-04 00:25 - 2014-04-06 08:24 - 00000334 _____ () C:\Windows\Tasks\AmiUpdXp.job 2014-04-04 00:25 - 2014-04-06 08:23 - 00000388 _____ () C:\Windows\Tasks\Re-markit_wd.job 2014-04-04 00:25 - 2014-04-04 00:25 - 00003352 _____ () C:\Windows\System32\Tasks\AmiUpdXp 2014-04-04 00:25 - 2014-04-04 00:25 - 00003036 _____ () C:\Windows\System32\Tasks\Re-markit Update 2014-04-04 00:25 - 2014-04-04 00:25 - 00002974 _____ () C:\Windows\System32\Tasks\Re-markit_wd 2014-04-04 00:25 - 2014-04-04 00:25 - 00000512 __RSH () C:\ProgramData\ntuser.pol 2014-04-04 00:25 - 2014-04-04 00:25 - 00000000 ____D () C:\Users\phil\AppData\Local\41 2014-04-04 00:25 - 2014-04-04 00:25 - 00000000 ____D () C:\Program Files (x86)\Re-markit Corp 2014-04-04 00:24 - 2014-04-04 00:24 - 00003160 _____ () C:\Windows\System32\Tasks\fsupdate 2014-04-04 00:24 - 2014-04-04 00:24 - 00000002 _____ () C:\END 2014-04-04 00:24 - 2014-04-04 00:24 - 00000000 ____D () C:\Program Files (x86)\Flowsurf 2014-04-04 00:20 - 2014-04-04 00:20 - 00000000 ____D () C:\Users\phil\AppData\Local\ESET 2014-04-04 00:19 - 2014-04-04 00:19 - 00993024 _____ () C:\Users\phil\Downloads\setup.exe 2014-04-03 19:51 - 2014-04-03 19:51 - 00000000 ____D () C:\ProgramData\Steam 2014-04-03 19:46 - 2014-04-03 19:46 - 00000647 _____ () C:\Users\Public\Desktop\NASCAR '14.lnk 2014-03-31 14:33 - 2014-03-31 14:34 - 27002009 _____ () C:\Users\phil\Downloads\YouPorn%20-%20Hot%20Squirting%20Dildo%20Sticky%20Cumshot.mp4 2014-03-29 00:54 - 2014-03-29 00:54 - 00000000 ____D () C:\Users\phil\Documents\ASUS 2014-03-29 00:54 - 2014-03-29 00:54 - 00000000 ____D () C:\Users\phil\AppData\Local\ASUS 2014-03-29 00:43 - 2014-03-29 00:54 - 00000000 ____D () C:\ProgramData\ASUS 2014-03-29 00:42 - 2014-03-29 00:42 - 00003258 _____ () C:\Windows\System32\Tasks\{4D531D85-B61A-4AA4-8C8F-ADC77E30A206} 2014-03-29 00:42 - 2014-03-29 00:42 - 00001088 _____ () C:\Users\Public\Desktop\LifeFrame.lnk 2014-03-29 00:41 - 2007-02-08 19:05 - 00013168 _____ ( ) C:\Windows\system32\Drivers\kbfiltr.sys 2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 ____D () C:\Program Files (x86)\ATK Hotkey 2014-03-29 00:37 - 2014-03-29 00:37 - 00000000 ____D () C:\Program Files\ATKGFNEX 2014-03-29 00:35 - 2014-03-29 00:35 - 00000815 _____ () C:\Users\Public\Desktop\ASUS Data Security Manager.lnk 2014-03-29 00:35 - 2014-03-29 00:35 - 00000000 ____D () C:\Program Files\ASUS 2014-03-29 00:35 - 2007-08-10 21:19 - 00034872 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\AsDsm.sys 2014-03-29 00:33 - 2014-03-29 00:33 - 00000000 ____D () C:\Program Files (x86)\Realtek 2014-03-29 00:33 - 2008-05-02 14:59 - 00166912 _____ (Realtek Corporation ) C:\Windows\system32\Drivers\Rtlh64.sys 2014-03-29 00:32 - 2014-03-29 00:32 - 00003154 _____ () C:\Windows\System32\Tasks\{3C2F17C0-7CD4-4F3C-97D7-755CEBFC232A} 2014-03-29 00:29 - 2014-03-29 00:29 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01000.Wdf 2014-03-29 00:29 - 2014-03-29 00:29 - 00000000 ____D () C:\Program Files\Synaptics 2014-03-29 00:28 - 2007-12-06 19:12 - 00320048 _____ (Synaptics, Inc.) C:\Windows\system32\Drivers\SynTP.sys 2014-03-29 00:28 - 2007-12-06 19:12 - 00138240 _____ (Synaptics, Inc.) C:\Windows\system32\SynTPCo4.dll 2014-03-29 00:28 - 2007-12-06 18:20 - 00196096 _____ (Synaptics, Inc.) C:\Windows\system32\SynTPAPI.dll 2014-03-29 00:28 - 2007-12-06 18:20 - 00102400 _____ (Synaptics, Inc.) C:\Windows\SysWOW64\SynTPCOM.dll 2014-03-29 00:28 - 2007-12-06 18:09 - 00253440 _____ (Synaptics, Inc.) C:\Windows\system32\SynCtrl.dll 2014-03-29 00:28 - 2007-12-06 18:09 - 00196608 _____ (Synaptics, Inc.) C:\Windows\SysWOW64\SynCtrl.dll 2014-03-29 00:28 - 2007-12-06 18:08 - 00402432 _____ (Synaptics, Inc.) C:\Windows\system32\SynCOM.dll 2014-03-29 00:28 - 2007-12-06 18:08 - 00163840 _____ (Synaptics, Inc.) C:\Windows\SysWOW64\SynCOM.dll 2014-03-29 00:28 - 2006-03-09 10:58 - 01491528 _____ () C:\Windows\system32\WdfCoInstaller01000.dll 2014-03-29 00:23 - 2014-03-29 00:23 - 00000000 ____D () C:\Program Files\Wireless Console 2 2014-03-29 00:23 - 2014-03-29 00:23 - 00000000 ____D () C:\Program Files (x86)\Wireless Console 2 2014-03-29 00:16 - 2014-03-29 00:16 - 00000000 ____D () C:\Users\phil\AppData\Roaming\Intel 2014-03-29 00:15 - 2014-03-29 00:15 - 00000000 ____D () C:\ProgramData\Intel 2014-03-29 00:15 - 2014-03-29 00:15 - 00000000 ____D () C:\Program Files\Intel 2014-03-29 00:15 - 2014-03-29 00:15 - 00000000 ____D () C:\Program Files\Common Files\Intel 2014-03-29 00:15 - 2014-03-29 00:15 - 00000000 ____D () C:\Program Files (x86)\Cisco 2014-03-29 00:07 - 2008-09-12 14:48 - 00406040 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys 2014-03-29 00:04 - 2014-03-29 00:04 - 00003086 _____ () C:\Windows\System32\Tasks\{569562BD-93C0-4BD8-B533-E7AD31D1C526} 2014-03-29 00:04 - 2014-03-29 00:04 - 00000000 ____D () C:\Windows\SysWOW64\x64 2014-03-29 00:04 - 2014-03-29 00:04 - 00000000 ____D () C:\Windows\SysWOW64\Lang 2014-03-29 00:04 - 2014-03-29 00:04 - 00000000 ____D () C:\Windows\SysWOW64\DEU 2014-03-29 00:04 - 2008-05-02 18:53 - 01034776 _____ (Intel Corporation) C:\Windows\SysWOW64\imsmudlg.exe 2014-03-29 00:03 - 2014-03-29 00:04 - 00000000 ____D () C:\Program Files (x86)\Intel 2014-03-29 00:03 - 2014-03-29 00:03 - 00000000 ____D () C:\Intel 2014-03-28 23:57 - 2014-03-28 23:57 - 00000000 ____D () C:\Asus treiber 2014-03-28 23:56 - 2014-04-03 12:52 - 00000000 ____D () C:\Users\phil\AppData\Local\Akamai 2014-03-28 23:56 - 2014-03-28 23:56 - 10028912 _____ (Akamai Technologies, Inc.) C:\Users\phil\Downloads\AsusInstaller.exe 2014-03-28 23:52 - 2014-03-28 23:52 - 00001039 _____ () C:\Users\phil\Desktop\StarCraft II.lnk 2014-03-28 23:18 - 2014-03-28 23:19 - 00275256 _____ () C:\Windows\Minidump\032814-45458-01.dmp 2014-03-28 23:16 - 2014-03-28 23:26 - 01648546 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-03-28 23:13 - 2014-03-28 23:13 - 00000000 ____D () C:\f7d25ada52fda653c1aeb0499a2a69ae 2014-03-28 23:12 - 2014-03-28 23:13 - 50449456 _____ (Microsoft Corporation) C:\Users\phil\Downloads\dotNetFx40_Full_x86_x64.exe 2014-03-28 23:03 - 2014-03-28 23:03 - 00000000 ____D () C:\Program Files\ATI Technologies 2014-03-28 22:35 - 2014-03-28 22:35 - 00275184 _____ () C:\Windows\Minidump\032814-39608-01.dmp 2014-03-28 19:15 - 2014-03-28 19:24 - 306244456 _____ (AMD Inc.) C:\Users\phil\Downloads\AMD_Catalyst_14.3_Beta_V1.0_Windows_B22_March12.exe 2014-03-26 21:32 - 2014-03-26 21:32 - 00000222 _____ () C:\Users\phil\Desktop\HAWKEN.url 2014-03-26 20:09 - 2014-03-26 20:09 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-03-26 20:09 - 2014-03-26 20:09 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-03-26 17:06 - 2014-03-26 17:07 - 41177600 _____ () C:\Users\phil\Downloads\PhysX-9.13.1220-SystemSoftware.msi ==================== One Month Modified Files and Folders ======= 2014-04-06 08:41 - 2014-04-06 08:40 - 00025219 _____ () C:\Users\phil\Desktop\FRST.txt 2014-04-06 08:40 - 2014-04-06 08:39 - 00000000 ____D () C:\FRST 2014-04-06 08:38 - 2014-04-06 08:38 - 02157056 _____ (Farbar) C:\Users\phil\Desktop\FRST64.exe 2014-04-06 08:29 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-06 08:29 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-06 08:28 - 2009-07-14 19:58 - 00726502 _____ () C:\Windows\system32\perfh007.dat 2014-04-06 08:28 - 2009-07-14 19:58 - 00157654 _____ () C:\Windows\system32\perfc007.dat 2014-04-06 08:28 - 2009-07-14 07:13 - 01670652 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-06 08:27 - 2011-06-22 08:40 - 01090289 _____ () C:\Windows\WindowsUpdate.log 2014-04-06 08:26 - 2014-04-04 00:25 - 00000390 _____ () C:\Windows\Tasks\Re-markit Update.job 2014-04-06 08:25 - 2011-06-22 17:16 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-04-06 08:24 - 2014-04-04 00:25 - 00000334 _____ () C:\Windows\Tasks\AmiUpdXp.job 2014-04-06 08:23 - 2014-04-04 00:25 - 00000388 _____ () C:\Windows\Tasks\Re-markit_wd.job 2014-04-06 08:23 - 2011-07-14 10:04 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-06 08:23 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-06 08:23 - 2009-07-14 06:51 - 00051593 _____ () C:\Windows\setupact.log 2014-04-06 07:50 - 2011-07-14 10:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-04 17:34 - 2011-10-16 20:07 - 00000000 _RSHD () C:\nvda 2014-04-04 14:06 - 2014-04-04 14:06 - 00000367 _____ () C:\Users\phil\Downloads\Shadow Company - Left For Dead.exe 2014-04-04 12:40 - 2011-07-15 18:10 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-04-04 12:39 - 2014-02-22 15:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-04-04 02:28 - 2014-04-04 02:26 - 00000000 ____D () C:\bands 2014-04-04 01:11 - 2014-04-04 00:27 - 00000000 ____D () C:\ProgramData\IePluginService 2014-04-04 00:34 - 2014-04-04 00:34 - 00003446 _____ () C:\Windows\System32\Tasks\RegistryDr_Popup 2014-04-04 00:34 - 2014-04-04 00:34 - 00003182 _____ () C:\Windows\System32\Tasks\RegistryDr_Start 2014-04-04 00:34 - 2014-04-04 00:34 - 00000000 ____D () C:\Users\phil\AppData\Local\RegistryDR 2014-04-04 00:34 - 2014-04-04 00:28 - 00000000 ____D () C:\Users\phil\Documents\RegistryDr 2014-04-04 00:32 - 2014-04-04 00:32 - 00000000 ____D () C:\Users\phil\AppData\Local\EuroTrade_A.L._Ltd 2014-04-04 00:30 - 2014-04-04 00:28 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-04-04 00:30 - 2014-04-04 00:27 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin 2014-04-04 00:28 - 2014-04-04 00:28 - 00001125 _____ () C:\Users\Public\Desktop\Opera.lnk 2014-04-04 00:28 - 2014-04-04 00:28 - 00000000 ____D () C:\Users\phil\AppData\Roaming\Opera Software 2014-04-04 00:28 - 2014-04-04 00:28 - 00000000 ____D () C:\Users\phil\AppData\Local\Opera Software 2014-04-04 00:27 - 2014-04-04 00:27 - 00000000 ____D () C:\Users\phil\Documents\PrivacyDR 2014-04-04 00:27 - 2014-04-04 00:27 - 00000000 ____D () C:\Users\phil\AppData\Roaming\SupTab 2014-04-04 00:27 - 2014-04-04 00:27 - 00000000 ____D () C:\Program Files (x86)\SupTab 2014-04-04 00:26 - 2011-06-22 08:50 - 00001629 _____ () C:\Users\phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-04-04 00:25 - 2014-04-04 00:25 - 00003352 _____ () C:\Windows\System32\Tasks\AmiUpdXp 2014-04-04 00:25 - 2014-04-04 00:25 - 00003036 _____ () C:\Windows\System32\Tasks\Re-markit Update 2014-04-04 00:25 - 2014-04-04 00:25 - 00002974 _____ () C:\Windows\System32\Tasks\Re-markit_wd 2014-04-04 00:25 - 2014-04-04 00:25 - 00000512 __RSH () C:\ProgramData\ntuser.pol 2014-04-04 00:25 - 2014-04-04 00:25 - 00000000 ____D () C:\Users\phil\AppData\Local\41 2014-04-04 00:25 - 2014-04-04 00:25 - 00000000 ____D () C:\Program Files (x86)\Re-markit Corp 2014-04-04 00:25 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-04-04 00:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy 2014-04-04 00:24 - 2014-04-04 00:24 - 00003160 _____ () C:\Windows\System32\Tasks\fsupdate 2014-04-04 00:24 - 2014-04-04 00:24 - 00000002 _____ () C:\END 2014-04-04 00:24 - 2014-04-04 00:24 - 00000000 ____D () C:\Program Files (x86)\Flowsurf 2014-04-04 00:23 - 2014-04-04 00:28 - 00036041 _____ () C:\download_repair.php 2014-04-04 00:20 - 2014-04-04 00:20 - 00000000 ____D () C:\Users\phil\AppData\Local\ESET 2014-04-04 00:19 - 2014-04-04 00:19 - 00993024 _____ () C:\Users\phil\Downloads\setup.exe 2014-04-03 23:55 - 2013-11-09 18:03 - 00000000 ____D () C:\Users\phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-04-03 19:51 - 2014-04-03 19:51 - 00000000 ____D () C:\ProgramData\Steam 2014-04-03 19:46 - 2014-04-03 19:46 - 00000647 _____ () C:\Users\Public\Desktop\NASCAR '14.lnk 2014-04-03 19:34 - 2011-10-10 17:17 - 00000000 ____D () C:\Spiele 2014-04-03 19:26 - 2013-11-26 20:15 - 00000000 ____D () C:\Games 2014-04-03 12:52 - 2014-03-28 23:56 - 00000000 ____D () C:\Users\phil\AppData\Local\Akamai 2014-04-01 13:33 - 2011-06-22 09:39 - 00000000 ____D () C:\Users\phil\AppData\Local\Mozilla 2014-04-01 13:33 - 2011-06-22 09:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-04-01 13:29 - 2011-06-22 16:56 - 00008738 _____ () C:\Windows\PFRO.log 2014-03-31 14:34 - 2014-03-31 14:33 - 27002009 _____ () C:\Users\phil\Downloads\YouPorn%20-%20Hot%20Squirting%20Dildo%20Sticky%20Cumshot.mp4 2014-03-30 02:38 - 2011-07-14 22:11 - 00000000 ____D () C:\Users\phil\AppData\Roaming\Skype 2014-03-30 02:36 - 2011-07-29 09:01 - 00000000 ____D () C:\ProgramData\Origin 2014-03-30 02:28 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-03-29 00:54 - 2014-03-29 00:54 - 00000000 ____D () C:\Users\phil\Documents\ASUS 2014-03-29 00:54 - 2014-03-29 00:54 - 00000000 ____D () C:\Users\phil\AppData\Local\ASUS 2014-03-29 00:54 - 2014-03-29 00:43 - 00000000 ____D () C:\ProgramData\ASUS 2014-03-29 00:50 - 2011-06-22 08:49 - 00000000 ____D () C:\Users\phil 2014-03-29 00:43 - 2013-11-09 17:52 - 00000000 ____D () C:\Program Files (x86)\ASUS 2014-03-29 00:43 - 2011-06-22 21:38 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-03-29 00:42 - 2014-03-29 00:42 - 00003258 _____ () C:\Windows\System32\Tasks\{4D531D85-B61A-4AA4-8C8F-ADC77E30A206} 2014-03-29 00:42 - 2014-03-29 00:42 - 00001088 _____ () C:\Users\Public\Desktop\LifeFrame.lnk 2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 ____D () C:\Program Files (x86)\ATK Hotkey 2014-03-29 00:37 - 2014-03-29 00:37 - 00000000 ____D () C:\Program Files\ATKGFNEX 2014-03-29 00:35 - 2014-03-29 00:35 - 00000815 _____ () C:\Users\Public\Desktop\ASUS Data Security Manager.lnk 2014-03-29 00:35 - 2014-03-29 00:35 - 00000000 ____D () C:\Program Files\ASUS 2014-03-29 00:33 - 2014-03-29 00:33 - 00000000 ____D () C:\Program Files (x86)\Realtek 2014-03-29 00:32 - 2014-03-29 00:32 - 00003154 _____ () C:\Windows\System32\Tasks\{3C2F17C0-7CD4-4F3C-97D7-755CEBFC232A} 2014-03-29 00:30 - 2011-06-22 10:28 - 00058364 _____ () C:\Windows\DPINST.LOG 2014-03-29 00:29 - 2014-03-29 00:29 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01000.Wdf 2014-03-29 00:29 - 2014-03-29 00:29 - 00000000 ____D () C:\Program Files\Synaptics 2014-03-29 00:23 - 2014-03-29 00:23 - 00000000 ____D () C:\Program Files\Wireless Console 2 2014-03-29 00:23 - 2014-03-29 00:23 - 00000000 ____D () C:\Program Files (x86)\Wireless Console 2 2014-03-29 00:16 - 2014-03-29 00:16 - 00000000 ____D () C:\Users\phil\AppData\Roaming\Intel 2014-03-29 00:16 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default 2014-03-29 00:15 - 2014-03-29 00:15 - 00000000 ____D () C:\ProgramData\Intel 2014-03-29 00:15 - 2014-03-29 00:15 - 00000000 ____D () C:\Program Files\Intel 2014-03-29 00:15 - 2014-03-29 00:15 - 00000000 ____D () C:\Program Files\Common Files\Intel 2014-03-29 00:15 - 2014-03-29 00:15 - 00000000 ____D () C:\Program Files (x86)\Cisco 2014-03-29 00:04 - 2014-03-29 00:04 - 00003086 _____ () C:\Windows\System32\Tasks\{569562BD-93C0-4BD8-B533-E7AD31D1C526} 2014-03-29 00:04 - 2014-03-29 00:04 - 00000000 ____D () C:\Windows\SysWOW64\x64 2014-03-29 00:04 - 2014-03-29 00:04 - 00000000 ____D () C:\Windows\SysWOW64\Lang 2014-03-29 00:04 - 2014-03-29 00:04 - 00000000 ____D () C:\Windows\SysWOW64\DEU 2014-03-29 00:04 - 2014-03-29 00:03 - 00000000 ____D () C:\Program Files (x86)\Intel 2014-03-29 00:03 - 2014-03-29 00:03 - 00000000 ____D () C:\Intel 2014-03-28 23:57 - 2014-03-28 23:57 - 00000000 ____D () C:\Asus treiber 2014-03-28 23:56 - 2014-03-28 23:56 - 10028912 _____ (Akamai Technologies, Inc.) C:\Users\phil\Downloads\AsusInstaller.exe 2014-03-28 23:52 - 2014-03-28 23:52 - 00001039 _____ () C:\Users\phil\Desktop\StarCraft II.lnk 2014-03-28 23:26 - 2014-03-28 23:16 - 01648546 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-03-28 23:19 - 2014-03-28 23:18 - 00275256 _____ () C:\Windows\Minidump\032814-45458-01.dmp 2014-03-28 23:18 - 2011-08-18 12:22 - 493116602 _____ () C:\Windows\MEMORY.DMP 2014-03-28 23:18 - 2011-08-18 12:22 - 00000000 ____D () C:\Windows\Minidump 2014-03-28 23:13 - 2014-03-28 23:13 - 00000000 ____D () C:\f7d25ada52fda653c1aeb0499a2a69ae 2014-03-28 23:13 - 2014-03-28 23:12 - 50449456 _____ (Microsoft Corporation) C:\Users\phil\Downloads\dotNetFx40_Full_x86_x64.exe 2014-03-28 23:04 - 2013-11-09 16:28 - 00000000 ____D () C:\AMD 2014-03-28 23:03 - 2014-03-28 23:03 - 00000000 ____D () C:\Program Files\ATI Technologies 2014-03-28 22:49 - 2014-02-22 14:12 - 00000000 ____D () C:\ProgramData\AMD 2014-03-28 22:35 - 2014-03-28 22:35 - 00275184 _____ () C:\Windows\Minidump\032814-39608-01.dmp 2014-03-28 19:24 - 2014-03-28 19:15 - 306244456 _____ (AMD Inc.) C:\Users\phil\Downloads\AMD_Catalyst_14.3_Beta_V1.0_Windows_B22_March12.exe 2014-03-27 17:52 - 2011-08-12 01:01 - 00000000 ____D () C:\Users\phil\Documents\My Games 2014-03-26 21:32 - 2014-03-26 21:32 - 00000222 _____ () C:\Users\phil\Desktop\HAWKEN.url 2014-03-26 21:32 - 2014-02-22 15:41 - 00000000 ____D () C:\Users\phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-03-26 20:09 - 2014-03-26 20:09 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-03-26 20:09 - 2014-03-26 20:09 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-03-26 17:07 - 2014-03-26 17:06 - 41177600 _____ () C:\Users\phil\Downloads\PhysX-9.13.1220-SystemSoftware.msi 2014-03-26 14:45 - 2011-07-14 10:04 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-03-26 14:45 - 2011-07-14 10:04 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-03-18 23:08 - 2011-06-22 21:38 - 00000000 ____D () C:\Users\phil\AppData\Roaming\ICQ Some content of TEMP: ==================== C:\Users\phil\AppData\Local\Temp\ami.exe C:\Users\phil\AppData\Local\Temp\drm_dialogs.dll C:\Users\phil\AppData\Local\Temp\drm_dyndata_7370014.dll C:\Users\phil\AppData\Local\Temp\drm_dyndata_7410004.dll C:\Users\phil\AppData\Local\Temp\EADA66B.exe C:\Users\phil\AppData\Local\Temp\EADB3E3.exe C:\Users\phil\AppData\Local\Temp\EADC12C.exe C:\Users\phil\AppData\Local\Temp\installerdll109278.dll C:\Users\phil\AppData\Local\Temp\installerdll110089.dll C:\Users\phil\AppData\Local\Temp\installerdll115924.dll C:\Users\phil\AppData\Local\Temp\installerdll117109.dll C:\Users\phil\AppData\Local\Temp\installerdll121009.dll C:\Users\phil\AppData\Local\Temp\installerdll126984.dll C:\Users\phil\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe C:\Users\phil\AppData\Local\Temp\KUIU.EXE C:\Users\phil\AppData\Local\Temp\Lifecam3.0.204.0.exe C:\Users\phil\AppData\Local\Temp\PrefJsonCpp.exe C:\Users\phil\AppData\Local\Temp\rootsupd.exe C:\Users\phil\AppData\Local\Temp\Setup.exe C:\Users\phil\AppData\Local\Temp\sqlite3.exe C:\Users\phil\AppData\Local\Temp\UninstallEADM.dll C:\Users\phil\AppData\Local\Temp\vcredist_x64.exe C:\Users\phil\AppData\Local\Temp\vcredist_x86.exe C:\Users\phil\AppData\Local\Temp\{BB9970D8-D38D-4A03-A336-56CB861B5E0D}-chrome_installer.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-30 12:45 ==================== End Of Log ============================ und hier die Addition: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014 Ran by phil at 2014-04-06 08:41:31 Running from C:\Users\phil\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1} AS: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.3.181.26 - Adobe Systems Incorporated) Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.183.7 - Adobe Systems Incorporated) Adobe Reader X (10.1.0) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated) Agama (HKLM-x32\...\{42C9C702-67B3-4308-9747-9E29B1D596E9}) (Version: 1.10.000 - KYE) Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc) ArcaniA - Gothic 4 (HKLM-x32\...\{EE74D039-45D7-44E9-BF95-B9CFB015964F}_is1) (Version: - Nordic Games GmbH) ASUS Data Security Manager (HKLM-x32\...\{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}) (Version: 1.00.0007 - ASUS) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.9 - ASUS) ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.11 - ASUS) ATK Generic Function Service (HKLM-x32\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK) ATK Hotkey (HKLM-x32\...\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}) (Version: 1.00.0034 - ATK) ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0056 - ASUS) Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts) Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward) Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward) CDDRV_Installer (Version: 4.60 - Logitech) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd) DivX-Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.5.0.15 - DivX, LLC) Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve) erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden ESET NOD32 Antivirus (HKLM\...\{50E9E32F-063A-412A-9627-553D5DA57C17}) (Version: 4.2.71.2 - ESET, spol. s r.o.) Facemoods Toolbar (HKLM-x32\...\facemoods) (Version: - ) <==== ATTENTION Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Bethesda Softworks) Fifa 12 (c) Electronic Arts version 1 (HKLM-x32\...\Fifa 12 (c) Electronic Arts_is1) (Version: 1 - ) GECK - New Vegas Edition (HKLM-x32\...\Steam App 22480) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.) Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden Gothic 3 (HKLM-x32\...\{17BADF87-3597-46FE-8D74-69C4FA78883E}) (Version: 1.0.0 - JoWood) HAWKEN (HKLM-x32\...\Steam App 271290) (Version: - Adhesive Games) ICQ7.5 (HKLM-x32\...\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}) (Version: 7.5 - ICQ) Intel PROSet Wireless (Version: - ) Hidden Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{52A7C6A6-6B88-47D1-922E-9F8A7E089E6A}) (Version: 12.01.1000 - Intel(R) Corporation) Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) Java Auto Updater (x32 Version: 2.0.5.1 - Sun Microsystems, Inc.) Hidden Java(TM) 6 Update 26 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.260 - Oracle) JDownloader 0.9 (HKLM-x32\...\1489-3350-5074-6281) (Version: 0.9 - AppWork GmbH) KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden LIMBO (HKLM-x32\...\Steam App 48000) (Version: - ) Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation) Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla) NASCAR '14 (HKLM-x32\...\TkFTQ0FSMTQ=_is1) (Version: 1 - ) NB Probe (HKLM-x32\...\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}) (Version: - ) NVIDIA Grafiktreiber 266.58 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 266.58 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.1.13.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.1.13.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.265.36.0 - NVIDIA Corporation) Hidden NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Systemsteuerung 266.58 (Version: 266.58 - NVIDIA Corporation) Hidden O2Micro Flash Memory Card Reader Driver (x64) (HKLM\...\{E3015C78-C196-4039-A279-9959940083DE}) (Version: 3.24.1 - O2Micro) OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org) Opera Stable 20.0.1387.91 (HKLM-x32\...\Opera 20.0.1387.91) (Version: 20.0.1387.91 - Opera Software ASA) Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve) Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek) Registry Dr (HKLM-x32\...\{982CB379-261E-4179-A4D7-E19F8141CC50}) (Version: 2.5.0 - EuroTrade A.L. Ltd) Re-markit (HKLM-x32\...\4f31d9d9-bb0a-4256-9fc0-679b972c56f8) (Version: - Re-markit Software) <==== ATTENTION RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.03 (HKLM-x32\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.55.03 - RICOH) Sacred 2 (HKLM-x32\...\{1023383E-D9F6-478C-A965-23A4657B3C9A}) (Version: 2.0.2.0 - Ascaron Entertainment) Skype Toolbars (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.3.7555 - Skype Technologies S.A.) Skype™ 5.3 (HKLM-x32\...\{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}) (Version: 5.3.120 - Skype Technologies S.A.) Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.3.8 - ) <==== ATTENTION Speed-Link SL-6535 USB Pad (HKLM-x32\...\{B0DC2DA9-2AF9-422A-88E0-1B84E0F65DB5}) (Version: 1.00.0000 - GASIA) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Super Street Fighter IV: Arcade Edition (HKLM-x32\...\GFWL_{43430FA0-49F0-4B13-B4C5-611000008100}) (Version: 1.0.0000.129 - CAPCOM U.S.A., INC) Super Street Fighter IV: Arcade Edition (x32 Version: 1.0.0000.129 - CAPCOM U.S.A., INC) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.1.8.0 - Synaptics) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation) VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN) Warhammer 40,000 Space Marine (HKLM-x32\...\Steam App 55150) (Version: - Relic) webssearches uninstaller (HKLM-x32\...\webssearches uninstaller) (Version: - webssearches) WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH) Wireless Console 2 (HKLM-x32\...\{83F73CB1-7705-49D1-9852-84D839CA2A45}) (Version: 2.0.10 - ATK) WPM17.8.0.3442 (HKLM-x32\...\WPM) (Version: 17.8.0.3442 - Cherished Technololgy LIMITED) <==== ATTENTION ==================== Restore Points ========================= 28-03-2014 22:37:18 ASUS Virtual Camera wird installiert 28-03-2014 22:37:44 Installiert ATK Generic Function Service 28-03-2014 22:39:34 Installiert ATK Hotkey 28-03-2014 22:42:31 Installed ASUS LifeFrame3 28-03-2014 22:43:36 Installed NB Probe 30-03-2014 10:43:24 Windows Update 05-04-2014 04:29:28 Windows Update ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {067DA6A0-E31E-4F40-A19D-3FB3641D66DE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-14] (Google Inc.) Task: {158E2A9A-692A-405C-A8B8-52B1E99401DE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-14] (Google Inc.) Task: {263EDD45-03DC-4855-B9EC-F0A0E6CDB4B6} - System32\Tasks\{E9D5354E-EFC6-4889-A096-85653F1C5997} => C:\Program Files (x86)\Skype\\Phone\Skype.exe Task: {3A83B3A0-0566-4FAD-9672-FB870DB1F4E4} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation) Task: {52E19981-7947-4E18-9F28-576ECA5E57EA} - System32\Tasks\Re-markit_wd => C:\Program Files (x86)\Re-markit Corp\Re-markit_wd.exe [2014-04-04] () <==== ATTENTION Task: {577C22C9-DE04-4BA2-892C-05453A868628} - System32\Tasks\RegistryDr_Popup => C:\Program Files (x86)\Registry Dr\Splash.exe <==== ATTENTION Task: {7F489534-3750-4BA1-B60F-EE3AFFD46269} - System32\Tasks\AmiUpdXp => C:\Users\phil\AppData\Local\41\a18467.exe [2014-04-04] () <==== ATTENTION Task: {84765F53-FF67-41DC-8117-9B30E903DDA7} - System32\Tasks\fsupdate => C:\Program Task: {A59A177F-733A-4FD8-B23B-9894AB9B0976} - System32\Tasks\RegistryDr_Start => C:\Program Files (x86)\Registry Dr\RegistryDr.exe <==== ATTENTION Task: {D1C0CA6D-BD45-482E-812B-29F88D4AF204} - System32\Tasks\Re-markit Update => C:\Program Files (x86)\Re-markit Corp\ReMar.exe [2014-04-04] () <==== ATTENTION Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\phil\AppData\Local\41\a18467.exe <==== ATTENTION Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\Re-markit Update.job => C:\Program Files (x86)\Re-markit Corp\ReMar.exe <==== ATTENTION Task: C:\Windows\Tasks\Re-markit_wd.job => C:\Program Files (x86)\Re-markit Corp\Re-markit_wd.exe <==== ATTENTION ==================== Loaded Modules (whitelisted) ============= 2007-09-06 11:27 - 2007-09-06 11:27 - 01331712 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll 2008-08-20 17:42 - 2008-08-20 17:42 - 00335360 _____ () C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL 2014-03-29 00:37 - 2007-08-08 01:08 - 00094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe 2014-03-29 00:35 - 2007-06-15 11:28 - 00104960 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt64.dll 2014-03-29 00:35 - 2007-06-01 17:52 - 00159744 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1_64.dll 2011-06-22 16:44 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll 2014-04-04 00:25 - 2014-04-04 00:25 - 00077312 _____ () C:\Program Files (x86)\Re-markit Corp\Re-markit_wd.exe 2014-03-29 00:23 - 2007-07-05 17:53 - 01317888 _____ () C:\Program Files\Wireless Console 2\wcourier.exe 2014-03-29 00:39 - 2007-11-04 20:48 - 00106496 _____ () C:\Program Files (x86)\ATK Hotkey\MsgTranAgt.exe 2014-03-29 00:39 - 2007-11-04 20:48 - 00115200 _____ () C:\Program Files (x86)\ATK Hotkey\MsgTranAgt64.exe 2014-03-29 00:39 - 2007-11-28 16:26 - 00294912 _____ () C:\Program Files (x86)\ATK Hotkey\Atouch64.exe 2014-03-29 00:39 - 2007-12-04 11:57 - 02486272 _____ () C:\Program Files (x86)\ATK Hotkey\ATKOSD.exe 2014-04-04 00:25 - 2014-04-04 00:25 - 00143360 _____ () C:\Program Files (x86)\Re-markit Corp\Re-markit158.exe 2014-03-29 00:43 - 2007-08-03 13:24 - 00125496 _____ () C:\Program Files (x86)\ASUS\NB Probe\SPM\spmgr.exe 2014-03-29 00:39 - 2007-08-15 12:20 - 00106496 _____ () C:\Program Files (x86)\ATK Hotkey\KBFiltr.exe 2014-03-29 00:39 - 2008-01-23 11:51 - 00151552 _____ () C:\Program Files (x86)\ATK Hotkey\WDC.exe 2011-03-21 20:56 - 2011-03-21 20:56 - 01230704 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 2014-03-29 00:39 - 2008-01-11 23:40 - 00098304 _____ () C:\Program Files (x86)\ATK Hotkey\HControlUser.exe 2014-03-29 00:39 - 2004-05-27 19:13 - 00057344 _____ () C:\Program Files (x86)\ATK Hotkey\CMSSC.dll 2014-03-29 00:43 - 2004-02-24 02:47 - 00040960 _____ () C:\Program Files (x86)\ASUS\NB Probe\3dpie.ocx 2014-03-29 00:43 - 2007-01-12 19:24 - 00028672 _____ () C:\Program Files (x86)\ASUS\NB Probe\VistaEdt.dll 2014-04-04 00:25 - 2014-04-04 00:25 - 00133120 _____ () C:\Program Files (x86)\Re-markit Corp\Re-markit158.dll 2014-03-29 00:43 - 2007-09-14 11:00 - 00147456 _____ () C:\Program Files (x86)\ASUS\NB Probe\SPM\spdiskex.dll 2014-03-29 00:43 - 2003-11-28 03:11 - 00135168 _____ () C:\Program Files (x86)\ASUS\NB Probe\SPM\spos.dll 2014-03-29 00:43 - 2005-08-29 16:24 - 00081920 _____ () C:\Program Files (x86)\ASUS\NB Probe\SPM\spnbacpi.dll 2014-03-29 00:43 - 2003-09-09 17:08 - 00049152 _____ () C:\Program Files (x86)\ASUS\NB Probe\SPM\spdmi.dll 2014-03-29 00:43 - 2006-04-04 11:24 - 00036864 _____ () C:\Program Files (x86)\ASUS\NB Probe\SPM\ghadmi.dll 2014-03-29 00:43 - 2005-04-07 20:25 - 00077824 _____ () C:\Program Files (x86)\ASUS\NB Probe\SPM\spmemory.dll 2011-03-21 20:57 - 2011-03-21 20:57 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll 2014-03-29 00:39 - 2007-11-12 16:41 - 00106496 _____ () C:\Program Files (x86)\ATK Hotkey\MsgTran.dll 2011-06-22 09:39 - 2014-04-01 13:33 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-03-29 00:35 - 2007-06-15 11:28 - 00147456 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll 2014-03-29 00:35 - 2007-06-01 18:08 - 00143360 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll 2011-06-22 17:19 - 2011-08-26 08:11 - 06277280 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= Name: Unknown Device Description: Unknown Device Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard-USB-Hostcontroller) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. Name: XAudio Description: XAudio Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: XAudio Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (04/02/2014 11:58:54 PM) (Source: Application Hang) (User: ) Description: Programm HawkenGame-Win32-Shipping.exe, Version 1.1.0.2800 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: fe4 Startzeit: 01cf4ebe727795da Endzeit: 185 Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe Berichts-ID: Error: (04/02/2014 11:56:54 PM) (Source: Steam Client Service) (User: ) Description: Error: Failed to poke open firewall Error: (03/30/2014 00:35:18 AM) (Source: Steam Client Service) (User: ) Description: Error: Failed to poke open firewall Error: (03/29/2014 00:42:07 AM) (Source: MsiInstaller) (User: phil-PC) Description: Product: ASUS LifeFrame3 -- This application can only run on Vista and later versions. Error: (03/28/2014 11:33:25 PM) (Source: Steam Client Service) (User: ) Description: Error: Failed to poke open firewall Error: (03/28/2014 11:32:04 PM) (Source: MsiInstaller) (User: phil-PC) Description: Produkt: AMD Catalyst Install Manager -- Fehler 1723. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Eine für den Abschluss der Installation erforderliche DLL konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: SetInstallDir, Eintrag: SetInstallDir, Bibliothek: C:\Windows\Installer\MSIF991.tmp Error: (03/28/2014 11:31:12 PM) (Source: MsiInstaller) (User: phil-PC) Description: Produkt: AMD Catalyst Install Manager -- Fehler 1723. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Eine für den Abschluss der Installation erforderliche DLL konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: SetInstallDir, Eintrag: SetInstallDir, Bibliothek: C:\Windows\Installer\MSI2C9E.tmp Error: (03/28/2014 11:22:46 PM) (Source: MsiInstaller) (User: phil-PC) Description: Produkt: Microsoft .NET Framework 4 Client Profile -- Fehler 1712. Mindestens eine Datei, die zum Wiederherstellen des ursprünglichen Zustands des Computers erforderlich ist, wurde nicht gefunden. Wiederherstellen nicht möglich. Error: (03/28/2014 11:22:43 PM) (Source: MsiInstaller) (User: phil-PC) Description: Produkt: Microsoft .NET Framework 4 Client Profile -- Fehler 1704. Eine Installation von Microsoft .NET Framework 4 Extended wurde unterbrochen. Sie müssen die von dieser Installation vorgenommenen Änderungen rückgängig machen, bevor Sie den Vorgang fortsetzen können. Möchten Sie diese Änderungen rückgängig machen? Error: (03/28/2014 11:07:55 PM) (Source: MsiInstaller) (User: phil-PC) Description: Produkt: AMD Catalyst Install Manager -- Fehler 1723. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Eine für den Abschluss der Installation erforderliche DLL konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: SetInstallDir, Eintrag: SetInstallDir, Bibliothek: C:\Windows\Installer\MSIBF05.tmp System errors: ============= Error: (04/06/2014 08:24:02 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "O2Micro Flash Memory Card Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (04/06/2014 08:23:48 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Wpm Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (04/06/2014 08:23:48 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "IePlugin Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (04/06/2014 08:23:36 AM) (Source: atikmdag) (User: ) Description: Display is not active Error: (04/06/2014 08:23:36 AM) (Source: atikmdag) (User: ) Description: CPLIB :: General - Invalid Parameter Error: (04/06/2014 08:23:39 AM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 06.04.2014 um 08:19:25 unerwartet heruntergefahren. Error: (04/06/2014 08:19:35 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Wpm Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (04/06/2014 08:19:35 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "IePlugin Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (04/06/2014 08:19:22 AM) (Source: atikmdag) (User: ) Description: Display is not active Error: (04/06/2014 08:19:22 AM) (Source: atikmdag) (User: ) Description: CPLIB :: General - Invalid Parameter Microsoft Office Sessions: ========================= Error: (04/02/2014 11:58:54 PM) (Source: Application Hang)(User: ) Description: HawkenGame-Win32-Shipping.exe1.1.0.2800fe401cf4ebe727795da185C:\Program Files (x86)\Steam\steamapps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe Error: (04/02/2014 11:56:54 PM) (Source: Steam Client Service)(User: ) Description: Failed to poke open firewall Error: (03/30/2014 00:35:18 AM) (Source: Steam Client Service)(User: ) Description: Failed to poke open firewall Error: (03/29/2014 00:42:07 AM) (Source: MsiInstaller)(User: phil-PC) Description: Product: ASUS LifeFrame3 -- This application can only run on Vista and later versions.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (03/28/2014 11:33:25 PM) (Source: Steam Client Service)(User: ) Description: Failed to poke open firewall Error: (03/28/2014 11:32:04 PM) (Source: MsiInstaller)(User: phil-PC) Description: Produkt: AMD Catalyst Install Manager -- Fehler 1723. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Eine für den Abschluss der Installation erforderliche DLL konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: SetInstallDir, Eintrag: SetInstallDir, Bibliothek: C:\Windows\Installer\MSIF991.tmp (NULL)(NULL)(NULL)(NULL)(NULL) Error: (03/28/2014 11:31:12 PM) (Source: MsiInstaller)(User: phil-PC) Description: Produkt: AMD Catalyst Install Manager -- Fehler 1723. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Eine für den Abschluss der Installation erforderliche DLL konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: SetInstallDir, Eintrag: SetInstallDir, Bibliothek: C:\Windows\Installer\MSI2C9E.tmp (NULL)(NULL)(NULL)(NULL)(NULL) Error: (03/28/2014 11:22:46 PM) (Source: MsiInstaller)(User: phil-PC) Description: Produkt: Microsoft .NET Framework 4 Client Profile -- Fehler 1712. Mindestens eine Datei, die zum Wiederherstellen des ursprünglichen Zustands des Computers erforderlich ist, wurde nicht gefunden. Wiederherstellen nicht möglich.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (03/28/2014 11:22:43 PM) (Source: MsiInstaller)(User: phil-PC) Description: Produkt: Microsoft .NET Framework 4 Client Profile -- Fehler 1704. Eine Installation von Microsoft .NET Framework 4 Extended wurde unterbrochen. Sie müssen die von dieser Installation vorgenommenen Änderungen rückgängig machen, bevor Sie den Vorgang fortsetzen können. Möchten Sie diese Änderungen rückgängig machen?(NULL)(NULL)(NULL)(NULL)(NULL) Error: (03/28/2014 11:07:55 PM) (Source: MsiInstaller)(User: phil-PC) Description: Produkt: AMD Catalyst Install Manager -- Fehler 1723. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Eine für den Abschluss der Installation erforderliche DLL konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: SetInstallDir, Eintrag: SetInstallDir, Bibliothek: C:\Windows\Installer\MSIBF05.tmp (NULL)(NULL)(NULL)(NULL)(NULL) CodeIntegrity Errors: =================================== Date: 2014-04-06 08:24:04.756 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\XAudio64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-04-06 08:24:04.659 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\XAudio64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-04-06 08:24:01.524 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mdmxsdk.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-04-06 08:24:01.434 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mdmxsdk.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-04-04 12:39:51.556 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\XAudio64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-04-04 12:39:51.460 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\XAudio64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-04-04 12:39:48.253 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mdmxsdk.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-04-04 12:39:48.128 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mdmxsdk.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-04-01 13:30:28.808 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\XAudio64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-04-01 13:30:28.718 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\XAudio64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Memory info =========================== Percentage of memory in use: 44% Total physical RAM: 4095.11 MB Available physical RAM: 2284.04 MB Total Pagefile: 8188.41 MB Available Pagefile: 6303.12 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:297.99 GB) (Free:71.13 GB) NTFS Drive e: (INTENSO) (Removable) (Total:14.83 GB) (Free:5.28 GB) FAT32 Drive f: (NASCAR '14) (CDROM) (Total:2.56 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: D4891DE1) Partition: GPT Partition Type. ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 15 GB) (Disk ID: C3072E18) Partition: GPT Partition Type. ==================== End Of Log ============================ und hier die fixlog.txt : Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014 Ran by phil at 2014-04-06 08:46:55 Run:1 Running from C:\Users\phil\Desktop Boot Mode: Normal ============================================== Content of fixlist.: ***************** GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ***************** C:\Windows\system32\GroupPolicy\Machine => Moved successfully. C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully. The system needed a reboot. ==== End of Fixlog ==== ...na ich müsste den beitrag in 2 hälften teilen... sonst wird der zu lang. |
|
06.04.2014, 09:57
| #2 |
| | Hab Adware auf mein rechner und will die los werden hier die mbam.txt
__________________Malwarebytes Anti-Malware Malwarebytes | Free Anti-Malware & Internet Security Software Suchlauf Datum: 06.04.2014 Suchlauf-Zeit: 09:42:44 Logdatei: mbam.txt Administrator: Ja Version: 2.00.1.1004 Malware Datenbank: v2014.04.06.04 Rootkit Datenbank: v2014.03.27.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Chameleon: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: phil Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 253691 Verstrichene Zeit: 20 Min, 27 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Shuriken: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 28 PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [28d82bd5e51b5fa13fc078941ce6ef11], PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [28d82bd5e51b5fa13fc078941ce6ef11], PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [28d82bd5e51b5fa13fc078941ce6ef11], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [28d82bd5e51b5fa13fc078941ce6ef11], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [28d82bd5e51b5fa13fc078941ce6ef11], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [28d82bd5e51b5fa13fc078941ce6ef11], PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{6CA2A4DE-483E-456B-8634-6445460D7097}, In Quarantäne, [837d18e8718f2ad6c5c38b808979db25], PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}, In Quarantäne, [837d18e8718f2ad6c5c38b808979db25], PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{C321541F-B22D-4593-AC1A-9634812A4E40}, In Quarantäne, [837d18e8718f2ad6c5c38b808979db25], PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A8018C54-B702-4D52-9ACC-8CA78911E633}, In Quarantäne, [837d18e8718f2ad6c5c38b808979db25], PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C6A846C5-D67F-48B4-8552-C22354E56966}, In Quarantäne, [837d18e8718f2ad6c5c38b808979db25], PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A8018C54-B702-4D52-9ACC-8CA78911E633}, In Quarantäne, [837d18e8718f2ad6c5c38b808979db25], PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C6A846C5-D67F-48B4-8552-C22354E56966}, In Quarantäne, [837d18e8718f2ad6c5c38b808979db25], PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{C321541F-B22D-4593-AC1A-9634812A4E40}, In Quarantäne, [837d18e8718f2ad6c5c38b808979db25], PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}, In Quarantäne, [837d18e8718f2ad6c5c38b808979db25], PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\EXTENSIONS\{6CA2A4DE-483E-456B-8634-6445460D7097}, In Quarantäne, [837d18e8718f2ad6c5c38b808979db25], PUP.Optional.FaceMoods.A, HKU\S-1-5-21-402873747-22297607-3666971032-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0D7562AE-8EF6-416d-A838-AB665251703A}, In Quarantäne, [3cc4d729c040a957dfc96f9c5aa8f40c], PUP.Optional.FaceMoods.A, HKU\S-1-5-21-402873747-22297607-3666971032-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}, In Quarantäne, [7e825ea28e72b8485d4a43c89c661ce4], PUP.Optional.FaceMoods.A, HKU\S-1-5-21-402873747-22297607-3666971032-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}, In Quarantäne, [7e825ea28e72b8485d4a43c89c661ce4], PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [0cf48b75926e23dd694491ff07fcb050], PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\webssearchesSoftware, In Quarantäne, [fa0604fc0df317e9315ac59c35cd10f0], PUP.Optional.QuickStart.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pelmeidfhdlhlbjimpabfcbnnojbboma, In Quarantäne, [ed13e51b6e929a66ed5ad19190727e82], PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [b050768a8f71fd038924fd930af91ee2], PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginService, In Quarantäne, [33cd2cd4b7492bd592bfc9a203ff3dc3], PUP.Optional.WpManager.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WPM, In Quarantäne, [c23e728eb34d4db36922573ebb4850b0], PUP.Optional.FlowSurf.A, HKU\S-1-5-21-402873747-22297607-3666971032-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\FLOWSURF, In Quarantäne, [9d630af6748c0bf50bd26d320ef54eb2], PUP.Optional.Qone8, HKU\S-1-5-21-402873747-22297607-3666971032-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [e61ade2249b732ce1597622eaa59cc34], PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\webssearches uninstaller, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], Registrierungswerte: 4 PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|jid1-tofUlNEIFlkUIA@jetpack, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack, In Quarantäne, [38c8ae52738d57a95743431c0df56799] PUP.Optional.QuickStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|quick_start@gmail.com, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com, In Quarantäne, [936d8c7407f9e61af256540e09f923dd] PUP.Optional.WpManager.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WPM|ImagePath, C:\ProgramData\WPM\wprotectmanager.exe -service, In Quarantäne, [c23e728eb34d4db36922573ebb4850b0] PUP.Optional.FlowSurf.A, HKU\S-1-5-21-402873747-22297607-3666971032-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\FLOWSURF|chrid, oglkiljdmflopemijdadoiepkhcaodjn, In Quarantäne, [9d630af6748c0bf50bd26d320ef54eb2] Registrierungsdaten: 16 PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" Webs Searches, Gut: (firefox.exe), Schlecht: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" Webs Searches,[47b9dd2337c941bfe4aeae5d34d0de22] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" Webs Searches, Gut: (Chrome.exe), Schlecht: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" Webs Searches,[36ca9868d32dd0300c887893689caf51] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe Webs Searches, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe Webs Searches,[fd0339c77b8520e06a2931da798b857b] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://istart.webssearches.com/web/?type=ds&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0&q={searchTerms}, Gut: (Google), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0&q={searchTerms}),Ersetzt,[33cde7190ef257a95046719a43c105fb] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, Webs Searches, Gut: (Google), Schlecht: (Webs Searches,[39c7df21709097693164cb406a9a7090] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, Webs Searches, Gut: (Google), Schlecht: (Webs Searches,[916fd927ee12b54b0a8d7398e71d5ca4] PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[04fc718fbf4138c89ee52fe6df25b14f] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" Webs Searches, Gut: (firefox.exe), Schlecht: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" Webs Searches,[45bb6b9508f8cb35a6ecf417b54fe51b] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" Webs Searches, Gut: (Chrome.exe), Schlecht: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" Webs Searches,[ce32f10f42bedf21eda745c64cb820e0] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe Webs Searches, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe Webs Searches,[d030e719c63ace32eea521ea52b2c43c] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://istart.webssearches.com/web/?type=ds&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0&q={searchTerms}, Gut: (Google), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0&q={searchTerms}),Ersetzt,[57a997692bd579877f173ad18084d62a] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, Webs Searches, Gut: (Google), Schlecht: (Webs Searches,[c040f808ef11f010b2e3d23944c07c84] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, Webs Searches, Gut: (Google), Schlecht: (Webs Searches,[857b6b95b848a55b5146a36822e27888] PUP.Optional.FaceMoods.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4, Gut: (Google), Schlecht: (hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4),Ersetzt,[c73937c95fa120e076e521f5b252669a] PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[a55b47b9c43ce11f3c47af667193c63a] PUP.Optional.WebsSearches.A, HKU\S-1-5-21-402873747-22297607-3666971032-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, Webs Searches, Gut: (Google), Schlecht: (Webs Searches,[de226e9225dbaf5108540e0843c1a759] Ordner: 117 PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\defaults, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\defaults\preferences, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\locale, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\resources, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\resources\addon-sdk, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\resources\addon-sdk\lib, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\resources\flowsurf, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\resources\flowsurf\data, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\resources\flowsurf\lib, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService, In Quarantäne, [2dd322de03fd55ab6cfe3a1d53af956b], PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\update, In Quarantäne, [2dd322de03fd55ab6cfe3a1d53af956b], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\include, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\include\tools, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\en, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\en-US, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\es, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\es-419, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\fr, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\fr-BE, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\fr-CA, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\fr-CH, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\fr-LU, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\it, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\it-CH, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\pl, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\pt-BR, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\ru, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\ru-MO, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\tr, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\vi, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\zh-CN, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\zh-TW, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\defaults, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\defaults\preferences, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\modules, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\img, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\img\weather, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\js, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\en, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\es, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\es_419, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\fr, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\fr-BE, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\fr-CA, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\fr-CH, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\fr-LU, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\it, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\it-CH, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\pl, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\pt_BR, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\ru, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\ru-MO, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\tr, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\vi, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\zh_CN, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\zh_TW, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\webssearches, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\webssearches\images, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\img, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\js, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\style, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\img, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\js, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\style, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\img, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\js, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\style, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\img, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\js, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\style, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\includes, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango-ui, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], Dateien: 326 PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, In Quarantäne, [28d82bd5e51b5fa13fc078941ce6ef11], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\flowsurf.dll, In Quarantäne, [837d18e8718f2ad6c5c38b808979db25], PUP.Optional.SupTab.A, C:\Users\phil\AppData\Roaming\SupTab\SupTab.dll, In Quarantäne, [35cb966a2ad6b848d377a095e21e5ea2], PUP.Optional.SkyTech.A, C:\Users\phil\AppData\Local\Temp\fullpackage_temp1396563939\alilog.dll, In Quarantäne, [35cb659b20e022de30e2f53d31cfa55b], PUP.Optional.SkyTech.A, C:\Users\phil\AppData\Local\Temp\fullpackage_temp1396563939\package1.zip, In Quarantäne, [27d93fc17f816f9160b2d9597f8102fe], PUP.Optional.OutBrowse, C:\Users\phil\Downloads\setup.exe, In Quarantäne, [f80841bf42bef7096f14109bc24113ed], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx, In Quarantäne, [4fb104fc9967728e194586dad52dbe42], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ihflimipbcaljfnojhhknppphnnciiif_0.localstorage, In Quarantäne, [a95722de12ee57a96105f26e5aa8d52b], PUP.Optional.WebsSearches.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml, In Quarantäne, [aa568e72df211ae69eefc29f46bc33cd], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\install.data, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\uninstall.exe, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WebDataJs, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\data.html, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE.html, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE8.html, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\main.css, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\ver.txt, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\arrow.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo_hover.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_logo.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo2.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\google_trends.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon128.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon16.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon48.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\loading.gif, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\logo32.ico, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\search.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\sliders.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\0.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\common.js, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ga.js, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ie8.js, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\js.js, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\library.js, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit.js, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\install.ico, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\atl110.dll, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\fsupd.exe, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\msvcr110.dll, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\bootstrap.js, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\harness-options.json, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\icon.png, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\icon64.png, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\install.rdf, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\locales.json, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\defaults\preferences\prefs.js, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\resources\flowsurf\lib\main.js, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\update\conf, In Quarantäne, [2dd322de03fd55ab6cfe3a1d53af956b], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome.manifest, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\install.rdf, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\index.html, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\quick_start.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\quick_start.xul, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\include\speed_dial.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\include\tools\about_blank_hook .js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\include\tools\misc.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\include\tools\popup_image_help er.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\include\tools\urlrequestor.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\js\common.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\js\ga.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\js\jquery.autocomplete.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\js\js.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\js\library.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\js\xagainit.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\en\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\en-US\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\es\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\es-419\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\fr\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\fr-BE\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\fr-CA\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\fr-CH\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\fr-LU\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\it\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\it-CH\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\pl\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\pt-BR\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\ru\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\ru-MO\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\tr\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\vi\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\zh-CN\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\zh-TW\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\default_add_logo.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\default_add_logo_hover.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\default_logo.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\google_trends.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\icon.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\icon128.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\icon16.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\icon48.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\iconsmall.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\loading.gif, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\logo.ico, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\logo.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\logo32.ico, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\search.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\style.css, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\27.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\0.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\1.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\10.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\11.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\12.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\13.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\14.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\15.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\16.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\17.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\18.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\19.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\2.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\20.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\21.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\22.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\23.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\24.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\25.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\26.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\28.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\29.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\3.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\30.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\31.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\32.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\33.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\34.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\35.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\36.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\37.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\38.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\39.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\4.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\40.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\41.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\42.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\43.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\44.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\45.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\46.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\47.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\5.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\6.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\7.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\8.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\9.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\defaults\preferences\fvd.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\modules\addonmanager.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\modules\aes.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\modules\config.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\modules\dialogs.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\modules\last_tab.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\modules\misc.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\modules\properties.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\modules\remoterequest.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\modules\restoreprefs.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\modules\settings.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\index.html, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\manifest.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\style.css, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\img\default_logo.png, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\img\icon128.png, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\img\icon16.png, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\img\icon48.png, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\img\loading.gif, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\img\search.png, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\img\weather\0.png, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\js\background.js, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\js\ga.js, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\js\jquery-base.js, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\js\jquery.autocomplete.js, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\js\js.js, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\js\xagainit.js, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\en\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\es\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\es_419\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\fr\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\fr-BE\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\fr-CA\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\fr-CH\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\fr-LU\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\it\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\it-CH\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\pl\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\pt_BR\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\ru\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\ru-MO\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\tr\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\vi\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\zh_CN\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\zh_TW\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\webssearches\92.json, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\webssearches\uninstallDlg.xml, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\webssearches\UninstallManager.exe, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\webssearches\images\bg1.png, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\webssearches\images\button1.png, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\webssearches\images\checked.png, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\webssearches\images\close.png, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\webssearches\images\min.png, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\webssearches\images\Thumbs.db, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\webssearches\images\unchecked.png, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\background_Obfs.html, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\manifest.json, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\img\128.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\img\16.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\img\32.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\img\48.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\img\64.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\img\ajax-loader.gif, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\js\FMLoader_Obfs.js, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\js\mtrprt_Obfs.js, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\style\facemoods_chrome_1.0.1.css, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\background_Obfs.html, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\manifest.json, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\img\128.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\img\16.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\img\32.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\img\48.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\img\64.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\img\ajax-loader.gif, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\js\FMLoader_Obfs.js, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\js\mtrprt_Obfs.js, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\style\facemoods_chrome_1.0.1.css, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\background_Obfs.html, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\manifest.json, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\img\128.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\img\16.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\img\32.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\img\48.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\img\64.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\img\ajax-loader.gif, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\js\FMLoader_Obfs.js, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\js\mtrprt_Obfs.js, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\style\facemoods_chrome_1.0.1.css, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\background.html, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\dropdown.html, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\manifest.json, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\img\128.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\img\16.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\img\32.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\img\48.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\img\64.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\img\ajax-loader.gif, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\js\FMLoader.js, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\js\mtrprt.js, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\style\facemoods_chrome_1.0.1.css, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\background.html, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\extension_info.json, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\extension_info.json.bak, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\flowsurf-drop.png, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\flowsurf.css, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\jquery-1.7.2.min.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\main.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\main.js.bak, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\manifest.json, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\readme.txt, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons\button.png, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons\icon100.png, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons\icon128.png, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons\icon16.png, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons\icon256.png, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons\icon32.png, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons\icon48.png, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons\icon64.png, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\includes\content_init.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\includes\content_kango.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\includes\invoke_async_module.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\includes\message_target_module.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\includes\userscript_client.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\backgroundscript_engine.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\browser.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\console.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\i18n.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\initialize.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\io.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\kango.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\lang.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\messaging.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\storage.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\userscript_engine.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\xhr.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango-ui\browser_button.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango-ui\kango_api.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango-ui\options.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango-ui\remote_popup_host.html, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango-ui\ui.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: ( "homepage": "hxxp://istart.webssearches.com/?type=hp&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0",), Ersetzt,[b749b34d837dd22e663f64dc020224dc] PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: ( "startup_urls": [ "hxxp://istart.webssearches.com/?type=hp&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0" ],), Ersetzt,[ed13f808ee12dc248c4c310ff311ed13] PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods._xpiupdate", true)  , Ersetzt,[b64aff01d22eba4608fbe45c43c1b34d]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.aflt", "_#ddrnw") , Ersetzt,[03fd88788d736f915aa955eb1be9ac54]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.dnsErr", true) , Ersetzt,[728e8c74c9377f81c93a2f11996b4db3]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.fcmdVrsn", "1.2.7.5.4") , Ersetzt,[d62ad828db25946cf310b7893bc9e917]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.firstRun", false) , Ersetzt,[e917ae52e51bca368281aa9614f039c7]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.first_time", false) , Ersetzt,[20e0ec140000c13f699ae35da3619c64]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.id", "_#323cfaf7ace74de6856cb5e9fb827477") , Ersetzt,[46babb45c739ec144fb4da66d92bdc24]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.instlDay", "_#15204") , Ersetzt,[ef1102feb34df808ef14a997a95bf30d]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.lastActv", "17") , Ersetzt,[e51b2ed2ee12c23ee81b55ebe0240bf5]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.newTab", true) , Ersetzt,[827ef60abe4210f041c2c27e1de736ca]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.prtnrId", "_#facemoods.com") , Ersetzt,[b44c31cf2bd527d924dfc08019eb2fd1]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.sid", "_#323cfaf7ace74de6856cb5e9fb827477") , Ersetzt,[5da3d52b000059a7a55e7fc103013dc3]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.update", "_#v1.4.0") , Ersetzt,[70902dd33ac6ca36e122053bf60e8b75]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.vrsn", "_#1.4.17.5") , Ersetzt,[39c7718f847ca55bd72c023e39cb08f8]PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hp&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0") , Ersetzt,[30d0718f27d98f71d1749da30ef6f60a]Physische Sektoren: 0 (No malicious items detected) (end) |
|
06.04.2014, 09:58
| #3 |
| | Hab Adware auf mein rechner und will die los werden hier die mbam.txt
__________________Malwarebytes Anti-Malware Malwarebytes | Free Anti-Malware & Internet Security Software Suchlauf Datum: 06.04.2014 Suchlauf-Zeit: 09:42:44 Logdatei: mbam.txt Administrator: Ja Version: 2.00.1.1004 Malware Datenbank: v2014.04.06.04 Rootkit Datenbank: v2014.03.27.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Chameleon: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: phil Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 253691 Verstrichene Zeit: 20 Min, 27 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Shuriken: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 28 PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [28d82bd5e51b5fa13fc078941ce6ef11], PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [28d82bd5e51b5fa13fc078941ce6ef11], PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [28d82bd5e51b5fa13fc078941ce6ef11], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [28d82bd5e51b5fa13fc078941ce6ef11], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [28d82bd5e51b5fa13fc078941ce6ef11], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [28d82bd5e51b5fa13fc078941ce6ef11], PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{6CA2A4DE-483E-456B-8634-6445460D7097}, In Quarantäne, [837d18e8718f2ad6c5c38b808979db25], PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}, In Quarantäne, [837d18e8718f2ad6c5c38b808979db25], PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{C321541F-B22D-4593-AC1A-9634812A4E40}, In Quarantäne, [837d18e8718f2ad6c5c38b808979db25], PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A8018C54-B702-4D52-9ACC-8CA78911E633}, In Quarantäne, [837d18e8718f2ad6c5c38b808979db25], PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C6A846C5-D67F-48B4-8552-C22354E56966}, In Quarantäne, [837d18e8718f2ad6c5c38b808979db25], PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A8018C54-B702-4D52-9ACC-8CA78911E633}, In Quarantäne, [837d18e8718f2ad6c5c38b808979db25], PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C6A846C5-D67F-48B4-8552-C22354E56966}, In Quarantäne, [837d18e8718f2ad6c5c38b808979db25], PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{C321541F-B22D-4593-AC1A-9634812A4E40}, In Quarantäne, [837d18e8718f2ad6c5c38b808979db25], PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}, In Quarantäne, [837d18e8718f2ad6c5c38b808979db25], PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\EXTENSIONS\{6CA2A4DE-483E-456B-8634-6445460D7097}, In Quarantäne, [837d18e8718f2ad6c5c38b808979db25], PUP.Optional.FaceMoods.A, HKU\S-1-5-21-402873747-22297607-3666971032-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0D7562AE-8EF6-416d-A838-AB665251703A}, In Quarantäne, [3cc4d729c040a957dfc96f9c5aa8f40c], PUP.Optional.FaceMoods.A, HKU\S-1-5-21-402873747-22297607-3666971032-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}, In Quarantäne, [7e825ea28e72b8485d4a43c89c661ce4], PUP.Optional.FaceMoods.A, HKU\S-1-5-21-402873747-22297607-3666971032-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}, In Quarantäne, [7e825ea28e72b8485d4a43c89c661ce4], PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [0cf48b75926e23dd694491ff07fcb050], PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\webssearchesSoftware, In Quarantäne, [fa0604fc0df317e9315ac59c35cd10f0], PUP.Optional.QuickStart.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pelmeidfhdlhlbjimpabfcbnnojbboma, In Quarantäne, [ed13e51b6e929a66ed5ad19190727e82], PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [b050768a8f71fd038924fd930af91ee2], PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginService, In Quarantäne, [33cd2cd4b7492bd592bfc9a203ff3dc3], PUP.Optional.WpManager.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WPM, In Quarantäne, [c23e728eb34d4db36922573ebb4850b0], PUP.Optional.FlowSurf.A, HKU\S-1-5-21-402873747-22297607-3666971032-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\FLOWSURF, In Quarantäne, [9d630af6748c0bf50bd26d320ef54eb2], PUP.Optional.Qone8, HKU\S-1-5-21-402873747-22297607-3666971032-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [e61ade2249b732ce1597622eaa59cc34], PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\webssearches uninstaller, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], Registrierungswerte: 4 PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|jid1-tofUlNEIFlkUIA@jetpack, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack, In Quarantäne, [38c8ae52738d57a95743431c0df56799] PUP.Optional.QuickStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|quick_start@gmail.com, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com, In Quarantäne, [936d8c7407f9e61af256540e09f923dd] PUP.Optional.WpManager.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WPM|ImagePath, C:\ProgramData\WPM\wprotectmanager.exe -service, In Quarantäne, [c23e728eb34d4db36922573ebb4850b0] PUP.Optional.FlowSurf.A, HKU\S-1-5-21-402873747-22297607-3666971032-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\FLOWSURF|chrid, oglkiljdmflopemijdadoiepkhcaodjn, In Quarantäne, [9d630af6748c0bf50bd26d320ef54eb2] Registrierungsdaten: 16 PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" Webs Searches, Gut: (firefox.exe), Schlecht: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" Webs Searches,[47b9dd2337c941bfe4aeae5d34d0de22] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" Webs Searches, Gut: (Chrome.exe), Schlecht: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" Webs Searches,[36ca9868d32dd0300c887893689caf51] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe Webs Searches, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe Webs Searches,[fd0339c77b8520e06a2931da798b857b] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://istart.webssearches.com/web/?type=ds&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0&q={searchTerms}, Gut: (Google), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0&q={searchTerms}),Ersetzt,[33cde7190ef257a95046719a43c105fb] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, Webs Searches, Gut: (Google), Schlecht: (Webs Searches,[39c7df21709097693164cb406a9a7090] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, Webs Searches, Gut: (Google), Schlecht: (Webs Searches,[916fd927ee12b54b0a8d7398e71d5ca4] PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[04fc718fbf4138c89ee52fe6df25b14f] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" Webs Searches, Gut: (firefox.exe), Schlecht: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" Webs Searches,[45bb6b9508f8cb35a6ecf417b54fe51b] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" Webs Searches, Gut: (Chrome.exe), Schlecht: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" Webs Searches,[ce32f10f42bedf21eda745c64cb820e0] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe Webs Searches, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe Webs Searches,[d030e719c63ace32eea521ea52b2c43c] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://istart.webssearches.com/web/?type=ds&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0&q={searchTerms}, Gut: (Google), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0&q={searchTerms}),Ersetzt,[57a997692bd579877f173ad18084d62a] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, Webs Searches, Gut: (Google), Schlecht: (Webs Searches,[c040f808ef11f010b2e3d23944c07c84] PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, Webs Searches, Gut: (Google), Schlecht: (Webs Searches,[857b6b95b848a55b5146a36822e27888] PUP.Optional.FaceMoods.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4, Gut: (Google), Schlecht: (hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4),Ersetzt,[c73937c95fa120e076e521f5b252669a] PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[a55b47b9c43ce11f3c47af667193c63a] PUP.Optional.WebsSearches.A, HKU\S-1-5-21-402873747-22297607-3666971032-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, Webs Searches, Gut: (Google), Schlecht: (Webs Searches,[de226e9225dbaf5108540e0843c1a759] Ordner: 117 PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\defaults, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\defaults\preferences, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\locale, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\resources, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\resources\addon-sdk, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\resources\addon-sdk\lib, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\resources\flowsurf, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\resources\flowsurf\data, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\resources\flowsurf\lib, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService, In Quarantäne, [2dd322de03fd55ab6cfe3a1d53af956b], PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\update, In Quarantäne, [2dd322de03fd55ab6cfe3a1d53af956b], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\include, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\include\tools, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\en, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\en-US, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\es, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\es-419, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\fr, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\fr-BE, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\fr-CA, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\fr-CH, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\fr-LU, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\it, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\it-CH, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\pl, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\pt-BR, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\ru, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\ru-MO, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\tr, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\vi, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\zh-CN, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\zh-TW, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\defaults, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\defaults\preferences, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\modules, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\img, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\img\weather, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\js, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\en, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\es, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\es_419, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\fr, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\fr-BE, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\fr-CA, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\fr-CH, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\fr-LU, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\it, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\it-CH, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\pl, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\pt_BR, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\ru, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\ru-MO, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\tr, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\vi, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\zh_CN, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\zh_TW, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\webssearches, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\webssearches\images, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\img, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\js, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\style, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\img, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\js, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\style, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\img, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\js, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\style, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\img, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\js, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\style, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\includes, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango-ui, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], Dateien: 326 PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, In Quarantäne, [28d82bd5e51b5fa13fc078941ce6ef11], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\flowsurf.dll, In Quarantäne, [837d18e8718f2ad6c5c38b808979db25], PUP.Optional.SupTab.A, C:\Users\phil\AppData\Roaming\SupTab\SupTab.dll, In Quarantäne, [35cb966a2ad6b848d377a095e21e5ea2], PUP.Optional.SkyTech.A, C:\Users\phil\AppData\Local\Temp\fullpackage_temp1396563939\alilog.dll, In Quarantäne, [35cb659b20e022de30e2f53d31cfa55b], PUP.Optional.SkyTech.A, C:\Users\phil\AppData\Local\Temp\fullpackage_temp1396563939\package1.zip, In Quarantäne, [27d93fc17f816f9160b2d9597f8102fe], PUP.Optional.OutBrowse, C:\Users\phil\Downloads\setup.exe, In Quarantäne, [f80841bf42bef7096f14109bc24113ed], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx, In Quarantäne, [4fb104fc9967728e194586dad52dbe42], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ihflimipbcaljfnojhhknppphnnciiif_0.localstorage, In Quarantäne, [a95722de12ee57a96105f26e5aa8d52b], PUP.Optional.WebsSearches.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml, In Quarantäne, [aa568e72df211ae69eefc29f46bc33cd], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\install.data, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\uninstall.exe, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WebDataJs, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\data.html, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE.html, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE8.html, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\main.css, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\ver.txt, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\arrow.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo_hover.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_logo.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo2.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\google_trends.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon128.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon16.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon48.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\loading.gif, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\logo32.ico, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\search.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\sliders.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\0.png, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\common.js, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ga.js, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ie8.js, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\js.js, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\library.js, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit.js, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json, In Quarantäne, [758bb947c13f738d2a2a81eaff03738d], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\install.ico, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\atl110.dll, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\fsupd.exe, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\msvcr110.dll, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\bootstrap.js, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\harness-options.json, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\icon.png, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\icon64.png, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\install.rdf, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\locales.json, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\defaults\preferences\prefs.js, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\resources\flowsurf\lib\main.js, In Quarantäne, [3fc127d934cceb156e6c554aff0452ae], PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\update\conf, In Quarantäne, [2dd322de03fd55ab6cfe3a1d53af956b], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome.manifest, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\install.rdf, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\index.html, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\quick_start.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\quick_start.xul, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\include\speed_dial.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\include\tools\about_blank_hook .js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\include\tools\misc.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\include\tools\popup_image_help er.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\include\tools\urlrequestor.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\js\common.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\js\ga.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\js\jquery.autocomplete.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\js\js.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\js\library.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\content\js\xagainit.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\en\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\en-US\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\es\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\es-419\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\fr\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\fr-BE\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\fr-CA\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\fr-CH\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\fr-LU\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\it\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\it-CH\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\pl\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\pt-BR\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\ru\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\ru-MO\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\tr\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\vi\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\zh-CN\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\locale\zh-TW\locale.properties, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\default_add_logo.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\default_add_logo_hover.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\default_logo.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\google_trends.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\icon.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\icon128.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\icon16.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\icon48.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\iconsmall.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\loading.gif, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\logo.ico, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\logo.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\logo32.ico, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\search.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\style.css, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\27.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\0.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\1.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\10.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\11.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\12.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\13.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\14.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\15.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\16.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\17.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\18.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\19.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\2.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\20.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\21.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\22.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\23.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\24.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\25.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\26.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\28.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\29.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\3.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\30.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\31.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\32.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\33.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\34.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\35.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\36.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\37.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\38.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\39.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\4.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\40.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\41.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\42.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\43.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\44.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\45.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\46.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\47.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\5.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\6.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\7.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\8.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\chrome\skin\weather\9.png, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\defaults\preferences\fvd.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\modules\addonmanager.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\modules\aes.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\modules\config.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\modules\dialogs.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\modules\last_tab.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\modules\misc.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\modules\properties.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\modules\remoterequest.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\modules\restoreprefs.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\extensions\quick_start@gmail.com\modules\settings.js, In Quarantäne, [34cc5fa18e722bd5152e3922986ad22e], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\index.html, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\manifest.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\style.css, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\img\default_logo.png, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\img\icon128.png, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\img\icon16.png, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\img\icon48.png, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\img\loading.gif, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\img\search.png, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\img\weather\0.png, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\js\background.js, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\js\ga.js, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\js\jquery-base.js, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\js\jquery.autocomplete.js, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\js\js.js, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\js\xagainit.js, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\en\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\es\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\es_419\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\fr\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\fr-BE\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\fr-CA\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\fr-CH\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\fr-LU\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\it\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\it-CH\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\pl\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\pt_BR\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\ru\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\ru-MO\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\tr\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\vi\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\zh_CN\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.QuickStart.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.0_0\_locales\zh_TW\messages.json, In Quarantäne, [7d83f10fad53827e2b19aab137cbf907], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\webssearches\92.json, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\webssearches\uninstallDlg.xml, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\webssearches\UninstallManager.exe, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\webssearches\images\bg1.png, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\webssearches\images\button1.png, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\webssearches\images\checked.png, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\webssearches\images\close.png, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\webssearches\images\min.png, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\webssearches\images\Thumbs.db, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\webssearches\images\unchecked.png, In Quarantäne, [8e72d42c847c10f0aafb6bf051b14cb4], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\background_Obfs.html, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\manifest.json, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\img\128.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\img\16.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\img\32.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\img\48.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\img\64.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\img\ajax-loader.gif, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\js\FMLoader_Obfs.js, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\js\mtrprt_Obfs.js, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_0\style\facemoods_chrome_1.0.1.css, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\background_Obfs.html, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\manifest.json, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\img\128.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\img\16.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\img\32.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\img\48.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\img\64.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\img\ajax-loader.gif, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\js\FMLoader_Obfs.js, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\js\mtrprt_Obfs.js, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_1\style\facemoods_chrome_1.0.1.css, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\background_Obfs.html, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\manifest.json, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\img\128.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\img\16.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\img\32.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\img\48.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\img\64.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\img\ajax-loader.gif, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\js\FMLoader_Obfs.js, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\js\mtrprt_Obfs.js, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.2.1_2\style\facemoods_chrome_1.0.1.css, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\background.html, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\dropdown.html, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\manifest.json, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\img\128.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\img\16.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\img\32.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\img\48.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\img\64.png, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\img\ajax-loader.gif, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\js\FMLoader.js, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\js\mtrprt.js, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\style\facemoods_chrome_1.0.1.css, In Quarantäne, [2ed236ca6c9435cbcc6080dce81ab54b], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\background.html, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\extension_info.json, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\extension_info.json.bak, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\flowsurf-drop.png, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\flowsurf.css, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\jquery-1.7.2.min.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\main.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\main.js.bak, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\manifest.json, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\readme.txt, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons\button.png, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons\icon100.png, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons\icon128.png, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons\icon16.png, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons\icon256.png, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons\icon32.png, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons\icon48.png, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons\icon64.png, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\includes\content_init.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\includes\content_kango.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\includes\invoke_async_module.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\includes\message_target_module.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\includes\userscript_client.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\backgroundscript_engine.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\browser.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\console.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\i18n.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\initialize.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\io.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\kango.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\lang.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\messaging.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\storage.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\userscript_engine.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\xhr.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango-ui\browser_button.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango-ui\kango_api.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango-ui\options.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango-ui\remote_popup_host.html, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.FlowSurf.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango-ui\ui.js, In Quarantäne, [b05024dc6898d927d1fff16b24de16ea], PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: ( "homepage": "hxxp://istart.webssearches.com/?type=hp&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0",), Ersetzt,[b749b34d837dd22e663f64dc020224dc] PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: ( "startup_urls": [ "hxxp://istart.webssearches.com/?type=hp&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0" ],), Ersetzt,[ed13f808ee12dc248c4c310ff311ed13] PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods._xpiupdate", true) , Ersetzt,[b64aff01d22eba4608fbe45c43c1b34d]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.aflt", "_#ddrnw") , Ersetzt,[03fd88788d736f915aa955eb1be9ac54]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.dnsErr", true) , Ersetzt,[728e8c74c9377f81c93a2f11996b4db3]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.fcmdVrsn", "1.2.7.5.4") , Ersetzt,[d62ad828db25946cf310b7893bc9e917]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.firstRun", false) , Ersetzt,[e917ae52e51bca368281aa9614f039c7]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.first_time", false) , Ersetzt,[20e0ec140000c13f699ae35da3619c64]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.id", "_#323cfaf7ace74de6856cb5e9fb827477") , Ersetzt,[46babb45c739ec144fb4da66d92bdc24]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.instlDay", "_#15204") , Ersetzt,[ef1102feb34df808ef14a997a95bf30d]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.lastActv", "17") , Ersetzt,[e51b2ed2ee12c23ee81b55ebe0240bf5]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.newTab", true) , Ersetzt,[827ef60abe4210f041c2c27e1de736ca]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.prtnrId", "_#facemoods.com") , Ersetzt,[b44c31cf2bd527d924dfc08019eb2fd1]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.sid", "_#323cfaf7ace74de6856cb5e9fb827477") , Ersetzt,[5da3d52b000059a7a55e7fc103013dc3]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.update", "_#v1.4.0") , Ersetzt,[70902dd33ac6ca36e122053bf60e8b75]PUP.Optional.FaceMoods.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.facemoods.vrsn", "_#1.4.17.5") , Ersetzt,[39c7718f847ca55bd72c023e39cb08f8]PUP.Optional.WebsSearches.A, C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hp&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0") , Ersetzt,[30d0718f27d98f71d1749da30ef6f60a]Physische Sektoren: 0 (No malicious items detected) (end) |
|
06.04.2014, 10:15
| #4 |
| | Hab Adware auf mein rechner und will die los werden hier die adwcleaner.txtAdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.023 - Bericht erstellt am 06/04/2014 um 09:51:45
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : phil - PHIL-PC
# Gestartet von : C:\Users\phil\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Dr
Ordner Gelöscht : C:\Program Files (x86)\DAEMON Tools Toolbar
Ordner Gelöscht : C:\Program Files (x86)\ICQ6Toolbar
Ordner Gelöscht : C:\Windows\SysWOW64\AI_RecycleBin
Ordner Gelöscht : C:\Users\phil\AppData\Local\RegistryDr
Ordner Gelöscht : C:\Users\phil\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\phil\AppData\LocalLow\facemoods.com
Ordner Gelöscht : C:\Users\phil\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\phil\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\phil\Documents\RegistryDr
Ordner Gelöscht : C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\ICQToolbarData
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\searchplugins\daemon-search.xml
Datei Gelöscht : C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\searchplugins\icqplugin.xml
Datei Gelöscht : C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\searchplugins\icqplugin-1.xml
Datei Gelöscht : C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\searchplugins\icqplugin-2.xml
Datei Gelöscht : C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\searchplugins\icqplugin-3.xml
Datei Gelöscht : C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\searchplugins\icqplugin-4.xml
Datei Gelöscht : C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\user.js
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\phil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\phil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\phil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\Software\supTab
Schlüssel Gelöscht : HKLM\Software\supWPM
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v28.0 (de)
[ Datei : C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js ]
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hp&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0");
Zeile gelöscht : user_pref("extensions.facemoods._xpiupdate", true);
Zeile gelöscht : user_pref("extensions.facemoods.aflt", "_#ddrnw");
Zeile gelöscht : user_pref("extensions.facemoods.dnsErr", true);
Zeile gelöscht : user_pref("extensions.facemoods.fcmdVrsn", "1.2.7.5.4");
Zeile gelöscht : user_pref("extensions.facemoods.firstRun", false);
Zeile gelöscht : user_pref("extensions.facemoods.first_time", false);
Zeile gelöscht : user_pref("extensions.facemoods.id", "_#323cfaf7ace74de6856cb5e9fb827477");
Zeile gelöscht : user_pref("extensions.facemoods.instlDay", "_#15204");
Zeile gelöscht : user_pref("extensions.facemoods.lastActv", "17");
Zeile gelöscht : user_pref("extensions.facemoods.newTab", true);
Zeile gelöscht : user_pref("extensions.facemoods.prtnrId", "_#facemoods.com");
Zeile gelöscht : user_pref("extensions.facemoods.sid", "_#323cfaf7ace74de6856cb5e9fb827477");
Zeile gelöscht : user_pref("extensions.facemoods.update", "_#v1.4.0");
Zeile gelöscht : user_pref("extensions.facemoods.vrsn", "_#1.4.17.5");
Zeile gelöscht : user_pref("icqtoolbar.allowSendURL", false);
Zeile gelöscht : user_pref("icqtoolbar.defSearchChange", true);
Zeile gelöscht : user_pref("icqtoolbar.engineVerified", true);
Zeile gelöscht : user_pref("icqtoolbar.firstTbRun", false);
Zeile gelöscht : user_pref("icqtoolbar.geolastmodified", 1392660138);
Zeile gelöscht : user_pref("icqtoolbar.history", "iphone%204s%2064gb||hd%203650%20treiber||skinny%20puppy||pulp%20fiction||wieselsnyder%20crazy%20drauf||wiesel%20Soundcloud||steam%20machine||xbox%20one||nintendo%203ds[...]
Zeile gelöscht : user_pref("icqtoolbar.hpChange", true);
Zeile gelöscht : user_pref("icqtoolbar.icqgeo", 49);
Zeile gelöscht : user_pref("icqtoolbar.installTime", "1384010897");
Zeile gelöscht : user_pref("icqtoolbar.installsource", "1");
Zeile gelöscht : user_pref("icqtoolbar.newtab_state", "1");
Zeile gelöscht : user_pref("icqtoolbar.numberOfSearches", 0);
Zeile gelöscht : user_pref("icqtoolbar.previousFFVersion", "6.0.2");
Zeile gelöscht : user_pref("icqtoolbar.skip_default_search", "no");
Zeile gelöscht : user_pref("icqtoolbar.suggestions", false);
Zeile gelöscht : user_pref("icqtoolbar.uniqueID", "130881854313088187841308864758376");
Zeile gelöscht : user_pref("icqtoolbar.usageStatstTimestamp", 1393059327);
Zeile gelöscht : user_pref("icqtoolbar.userEngineApproved", true);
Zeile gelöscht : user_pref("icqtoolbar.userHpApproved", true);
Zeile gelöscht : user_pref("icqtoolbar.version", "1.5.3");
Zeile gelöscht : user_pref("icqtoolbar.voucherHideClicks", 0);
Zeile gelöscht : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Zeile gelöscht : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Zeile gelöscht : user_pref("icqtoolbar.voucherWasShown", 0);
Zeile gelöscht : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Zeile gelöscht : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Zeile gelöscht : user_pref("icqtoolbar.xmlLanguage", "de");
Zeile gelöscht : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=");
-\\ Google Chrome v33.0.1750.154
[ Datei : C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht : search_url
*************************
AdwCleaner[R0].txt - [11714 octets] - [06/04/2014 09:49:35]
AdwCleaner[S0].txt - [10168 octets] - [06/04/2014 09:51:45]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10229 octets] ##########
hier die adwcleaner.txtAdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.023 - Bericht erstellt am 06/04/2014 um 09:51:45
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : phil - PHIL-PC
# Gestartet von : C:\Users\phil\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Dr
Ordner Gelöscht : C:\Program Files (x86)\DAEMON Tools Toolbar
Ordner Gelöscht : C:\Program Files (x86)\ICQ6Toolbar
Ordner Gelöscht : C:\Windows\SysWOW64\AI_RecycleBin
Ordner Gelöscht : C:\Users\phil\AppData\Local\RegistryDr
Ordner Gelöscht : C:\Users\phil\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\phil\AppData\LocalLow\facemoods.com
Ordner Gelöscht : C:\Users\phil\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\phil\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\phil\Documents\RegistryDr
Ordner Gelöscht : C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\ICQToolbarData
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\searchplugins\daemon-search.xml
Datei Gelöscht : C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\searchplugins\icqplugin.xml
Datei Gelöscht : C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\searchplugins\icqplugin-1.xml
Datei Gelöscht : C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\searchplugins\icqplugin-2.xml
Datei Gelöscht : C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\searchplugins\icqplugin-3.xml
Datei Gelöscht : C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\searchplugins\icqplugin-4.xml
Datei Gelöscht : C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\user.js
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\phil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\phil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\phil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\Software\supTab
Schlüssel Gelöscht : HKLM\Software\supWPM
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v28.0 (de)
[ Datei : C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\prefs.js ]
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hp&ts=1396563960&from=amt&uid=ST9320421AS_5TJ08SS0XXXX5TJ08SS0");
Zeile gelöscht : user_pref("extensions.facemoods._xpiupdate", true);
Zeile gelöscht : user_pref("extensions.facemoods.aflt", "_#ddrnw");
Zeile gelöscht : user_pref("extensions.facemoods.dnsErr", true);
Zeile gelöscht : user_pref("extensions.facemoods.fcmdVrsn", "1.2.7.5.4");
Zeile gelöscht : user_pref("extensions.facemoods.firstRun", false);
Zeile gelöscht : user_pref("extensions.facemoods.first_time", false);
Zeile gelöscht : user_pref("extensions.facemoods.id", "_#323cfaf7ace74de6856cb5e9fb827477");
Zeile gelöscht : user_pref("extensions.facemoods.instlDay", "_#15204");
Zeile gelöscht : user_pref("extensions.facemoods.lastActv", "17");
Zeile gelöscht : user_pref("extensions.facemoods.newTab", true);
Zeile gelöscht : user_pref("extensions.facemoods.prtnrId", "_#facemoods.com");
Zeile gelöscht : user_pref("extensions.facemoods.sid", "_#323cfaf7ace74de6856cb5e9fb827477");
Zeile gelöscht : user_pref("extensions.facemoods.update", "_#v1.4.0");
Zeile gelöscht : user_pref("extensions.facemoods.vrsn", "_#1.4.17.5");
Zeile gelöscht : user_pref("icqtoolbar.allowSendURL", false);
Zeile gelöscht : user_pref("icqtoolbar.defSearchChange", true);
Zeile gelöscht : user_pref("icqtoolbar.engineVerified", true);
Zeile gelöscht : user_pref("icqtoolbar.firstTbRun", false);
Zeile gelöscht : user_pref("icqtoolbar.geolastmodified", 1392660138);
Zeile gelöscht : user_pref("icqtoolbar.history", "iphone%204s%2064gb||hd%203650%20treiber||skinny%20puppy||pulp%20fiction||wieselsnyder%20crazy%20drauf||wiesel%20Soundcloud||steam%20machine||xbox%20one||nintendo%203ds[...]
Zeile gelöscht : user_pref("icqtoolbar.hpChange", true);
Zeile gelöscht : user_pref("icqtoolbar.icqgeo", 49);
Zeile gelöscht : user_pref("icqtoolbar.installTime", "1384010897");
Zeile gelöscht : user_pref("icqtoolbar.installsource", "1");
Zeile gelöscht : user_pref("icqtoolbar.newtab_state", "1");
Zeile gelöscht : user_pref("icqtoolbar.numberOfSearches", 0);
Zeile gelöscht : user_pref("icqtoolbar.previousFFVersion", "6.0.2");
Zeile gelöscht : user_pref("icqtoolbar.skip_default_search", "no");
Zeile gelöscht : user_pref("icqtoolbar.suggestions", false);
Zeile gelöscht : user_pref("icqtoolbar.uniqueID", "130881854313088187841308864758376");
Zeile gelöscht : user_pref("icqtoolbar.usageStatstTimestamp", 1393059327);
Zeile gelöscht : user_pref("icqtoolbar.userEngineApproved", true);
Zeile gelöscht : user_pref("icqtoolbar.userHpApproved", true);
Zeile gelöscht : user_pref("icqtoolbar.version", "1.5.3");
Zeile gelöscht : user_pref("icqtoolbar.voucherHideClicks", 0);
Zeile gelöscht : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Zeile gelöscht : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Zeile gelöscht : user_pref("icqtoolbar.voucherWasShown", 0);
Zeile gelöscht : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Zeile gelöscht : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Zeile gelöscht : user_pref("icqtoolbar.xmlLanguage", "de");
Zeile gelöscht : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=");
-\\ Google Chrome v33.0.1750.154
[ Datei : C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht : search_url
*************************
AdwCleaner[R0].txt - [11714 octets] - [06/04/2014 09:49:35]
AdwCleaner[S0].txt - [10168 octets] - [06/04/2014 09:51:45]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10229 octets] ##########
hier die jrt log:JRT Logfile: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by phil on 06.04.2014 at 9:58:20,96
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\phil\AppData\Roaming\mozilla\firefox\profiles\cfpkpv0d.default\minidumps [2 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.04.2014 at 10:45:11,29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
hier noch die frst die ich jetz nochmal gemacht hab: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by phil (administrator) on PHIL-PC on 06-04-2014 11:14:16
Running from C:\Users\phil\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(AMD) C:\Windows\system32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(ATK0100) C:\Program Files (x86)\ATK Hotkey\Hcontrol.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
() C:\Program Files\Wireless Console 2\wcourier.exe
() C:\Program Files (x86)\ATK Hotkey\MsgTranAgt.exe
() C:\Program Files (x86)\ATK Hotkey\MsgTranAgt64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\vVX1000.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\ATK Hotkey\Atouch64.exe
() C:\Program Files (x86)\ATK Hotkey\ATKOSD.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Akamai Technologies, Inc.) C:\Users\phil\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\phil\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\ATK Hotkey\KBFiltr.exe
() C:\Program Files (x86)\ATK Hotkey\WDC.exe
(ASUSTek Computer) C:\Program Files (x86)\ASUS\NB Probe\NBProbe.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
() C:\Program Files (x86)\ATK Hotkey\HControlUser.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\ASUS\NB Probe\SPM\spmgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [VX1000] - C:\Windows\vVX1000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2918656 2011-01-12] (ESET)
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-04-15] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1216808 2007-12-06] (Synaptics, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-04-08] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LifeCam] - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-03-21] ()
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ATK Hotkey\HcontrolUser.exe [98304 2008-01-11] ()
HKLM-x32\...\Run: [ADSMTray] - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [266240 2008-04-01] (ASUSTek Computer Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-402873747-22297607-3666971032-1001\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-402873747-22297607-3666971032-1001\...\Run: [Skype] - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
HKU\S-1-5-21-402873747-22297607-3666971032-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)
HKU\S-1-5-21-402873747-22297607-3666971032-1001\...\Run: [EA Core] - "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-402873747-22297607-3666971032-1001\...\Run: [ICQ] - C:\Program Files (x86)\ICQ7.5\ICQ.exe [124480 2011-08-01] (ICQ, LLC.)
HKU\S-1-5-21-402873747-22297607-3666971032-1001\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-402873747-22297607-3666971032-1001\...\Run: [Akamai NetSession Interface] - C:\Users\phil\AppData\Local\Akamai\netsession_win.exe [4672920 2014-03-06] (Akamai Technologies, Inc.)
HKU\S-1-5-21-402873747-22297607-3666971032-1001\...\Run: [NB Probe] - C:\Program Files (x86)\ASUS\NB Probe\NBProbe.exe [813624 2008-06-20] (ASUSTek Computer)
HKU\S-1-5-21-402873747-22297607-3666971032-1001\...\MountPoints2: {36ae5683-a544-11e3-b04f-0023547c5476} - E:\setup.exe
HKU\S-1-5-21-402873747-22297607-3666971032-1001\...\MountPoints2: {65a236b9-aeb2-11e0-a472-001d72f2eb3e} - F:\setup.exe
Lsa: [Notification Packages] scecli C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT
Startup: C:\Users\phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Google
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default
FF NewTab: chrome://quick_start/content/index.html
FF NetworkProxy: "http", "180.243.92.86"
FF NetworkProxy: "http_port", 8080
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus Pop-up Addon - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\Extensions\adblockpopups@jessehakanen.net.xpi [2011-07-13]
FF Extension: Adblock Plus - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-01]
FF Extension: Greasemonkey - C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Profiles\cfpkpv0d.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-04-01]
FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-07-14]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-07-29]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-07-23]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-07-29]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR DefaultSearchKeyword: webssearches
CHR DefaultSearchProvider: webssearches
CHR DefaultSearchURL: Google
CHR Plugin: (Shockwave Flash) - F:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - F:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Wajam) - F:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll No File
CHR Plugin: (Adobe Acrobat) - F:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.170.4) - F:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll No File
CHR Plugin: (2007 Microsoft Office system) - F:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Winamp Application Detector) - F:\Program Files\Mozilla Firefox\plugins\npwachk.dll No File
CHR Plugin: (Microsoft® DRM) - F:\Program Files\Windows Media Player\npdrmv2.dll No File
CHR Plugin: (Microsoft® DRM) - F:\Program Files\Windows Media Player\npwmsdrm.dll No File
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - F:\Program Files\Windows Media Player\npdsplay.dll No File
CHR Plugin: (Google Update) - F:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Google Earth Plugin) - F:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Panda ActiveScan 2.0) - F:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll No File
CHR Plugin: (iTunes Application Detector) - F:\Program Files\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Ma-Config.com plugin) - F:\Program Files\ma-config.com\nphardwaredetection.dll No File
CHR Plugin: (Silverlight Plug-In) - f:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Skype Extension) - C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-07-23]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-07-23]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-07-23]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-05-23]
CHR StartMenuInternet: Google Chrome - Chrome.exe
==================== Services (Whitelisted) =================
R2 ADSMService; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] ()
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [42360 2011-01-12] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [810144 2011-01-12] (ESET)
R2 spmgr; C:\Program Files (x86)\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
S2 o2flash; "C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe" [X]
==================== Drivers (Whitelisted) ====================
R0 AsDsm; C:\Windows\System32\Drivers\AsDsm.sys [34872 2007-08-10] (Windows (R) Codename Longhorn DDK provider)
R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-07-15] (DT Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [170640 2010-12-21] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2010-12-21] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [125296 2010-12-21] (ESET)
R2 ghaio; C:\Program Files (x86)\ASUS\NB Probe\SPM\ghaio.sys [17464 2007-08-03] ()
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [13168 2007-02-08] ( )
R3 MTsensor; C:\Windows\System32\DRIVERS\ATK64AMD.sys [13680 2007-08-09] ()
S3 O2MDRDR; C:\Windows\System32\DRIVERS\o2mdx64.sys [62424 2008-05-13] (O2Micro )
R3 smserial; C:\Windows\System32\DRIVERS\SmSerl64.sys [1227776 2009-06-10] (Motorola Inc.)
S3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 ATICDSDr; \??\C:\Users\phil\AppData\Local\Temp\ATICDSDr.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-06 10:45 - 2014-04-06 10:45 - 00000750 _____ () C:\Users\phil\Desktop\JRT.txt
2014-04-06 10:29 - 2014-04-06 10:29 - 00097900 _____ () C:\Users\phil\Desktop\mbam.txt
2014-04-06 09:58 - 2014-04-06 09:58 - 00000000 ____D () C:\Windows\ERUNT
2014-04-06 09:57 - 2014-04-06 09:57 - 01016261 _____ (Thisisu) C:\Users\phil\Desktop\JRT.exe
2014-04-06 09:49 - 2014-04-06 09:51 - 00000000 ____D () C:\AdwCleaner
2014-04-06 09:47 - 2014-04-06 09:47 - 01426178 _____ () C:\Users\phil\Desktop\adwcleaner.exe
2014-04-06 09:19 - 2014-04-06 10:27 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-06 09:18 - 2014-04-06 09:20 - 00001098 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-06 09:18 - 2014-04-06 09:20 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-04-06 09:18 - 2014-04-06 09:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-06 09:18 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-06 09:18 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-06 09:18 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-06 09:17 - 2014-04-06 09:18 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\phil\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-06 08:52 - 2014-04-06 08:52 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\phil\Downloads\revosetup95.exe
2014-04-06 08:52 - 2014-04-06 08:52 - 00001260 _____ () C:\Users\phil\Desktop\Revo Uninstaller.lnk
2014-04-06 08:52 - 2014-04-06 08:52 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-06 08:41 - 2014-04-06 08:42 - 00032646 _____ () C:\Users\phil\Desktop\Addition.txt
2014-04-06 08:40 - 2014-04-06 11:14 - 00016733 _____ () C:\Users\phil\Desktop\FRST.txt
2014-04-06 08:39 - 2014-04-06 11:14 - 00000000 ____D () C:\FRST
2014-04-06 08:38 - 2014-04-06 08:38 - 02157056 _____ (Farbar) C:\Users\phil\Desktop\FRST64.exe
2014-04-04 14:06 - 2014-04-04 14:06 - 00000367 _____ () C:\Users\phil\Downloads\Shadow Company - Left For Dead.exe
2014-04-04 02:26 - 2014-04-04 02:28 - 00000000 ____D () C:\bands
2014-04-04 00:34 - 2014-04-04 00:34 - 00003446 _____ () C:\Windows\System32\Tasks\RegistryDr_Popup
2014-04-04 00:34 - 2014-04-04 00:34 - 00003182 _____ () C:\Windows\System32\Tasks\RegistryDr_Start
2014-04-04 00:32 - 2014-04-04 00:32 - 00000000 ____D () C:\Users\phil\AppData\Local\EuroTrade_A.L._Ltd
2014-04-04 00:28 - 2014-04-04 00:30 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-04 00:28 - 2014-04-04 00:28 - 00001125 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-04-04 00:28 - 2014-04-04 00:28 - 00000000 ____D () C:\Users\phil\AppData\Roaming\Opera Software
2014-04-04 00:28 - 2014-04-04 00:28 - 00000000 ____D () C:\Users\phil\AppData\Local\Opera Software
2014-04-04 00:28 - 2014-04-04 00:23 - 00036041 _____ () C:\download_repair.php
2014-04-04 00:27 - 2014-04-04 00:27 - 00000000 ____D () C:\Users\phil\Documents\PrivacyDR
2014-04-04 00:25 - 2014-04-06 08:49 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-04-04 00:24 - 2014-04-04 00:24 - 00003160 _____ () C:\Windows\System32\Tasks\fsupdate
2014-04-04 00:20 - 2014-04-04 00:20 - 00000000 ____D () C:\Users\phil\AppData\Local\ESET
2014-04-03 19:51 - 2014-04-03 19:51 - 00000000 ____D () C:\ProgramData\Steam
2014-04-03 19:46 - 2014-04-03 19:46 - 00000647 _____ () C:\Users\Public\Desktop\NASCAR '14.lnk
2014-03-31 14:33 - 2014-03-31 14:34 - 27002009 _____ () C:\Users\phil\Downloads\YouPorn%20-%20Hot%20Squirting%20Dildo%20Sticky%20Cumshot.mp4
2014-03-29 00:54 - 2014-03-29 00:54 - 00000000 ____D () C:\Users\phil\Documents\ASUS
2014-03-29 00:54 - 2014-03-29 00:54 - 00000000 ____D () C:\Users\phil\AppData\Local\ASUS
2014-03-29 00:43 - 2014-03-29 00:54 - 00000000 ____D () C:\ProgramData\ASUS
2014-03-29 00:42 - 2014-03-29 00:42 - 00003258 _____ () C:\Windows\System32\Tasks\{4D531D85-B61A-4AA4-8C8F-ADC77E30A206}
2014-03-29 00:42 - 2014-03-29 00:42 - 00001088 _____ () C:\Users\Public\Desktop\LifeFrame.lnk
2014-03-29 00:41 - 2007-02-08 19:05 - 00013168 _____ ( ) C:\Windows\system32\Drivers\kbfiltr.sys
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 ____D () C:\Program Files (x86)\ATK Hotkey
2014-03-29 00:37 - 2014-03-29 00:37 - 00000000 ____D () C:\Program Files\ATKGFNEX
2014-03-29 00:35 - 2014-03-29 00:35 - 00000815 _____ () C:\Users\Public\Desktop\ASUS Data Security Manager.lnk
2014-03-29 00:35 - 2014-03-29 00:35 - 00000000 ____D () C:\Program Files\ASUS
2014-03-29 00:35 - 2007-08-10 21:19 - 00034872 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\AsDsm.sys
2014-03-29 00:33 - 2014-03-29 00:33 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-03-29 00:33 - 2008-05-02 14:59 - 00166912 _____ (Realtek Corporation ) C:\Windows\system32\Drivers\Rtlh64.sys
2014-03-29 00:32 - 2014-03-29 00:32 - 00003154 _____ () C:\Windows\System32\Tasks\{3C2F17C0-7CD4-4F3C-97D7-755CEBFC232A}
2014-03-29 00:29 - 2014-03-29 00:29 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01000.Wdf
2014-03-29 00:29 - 2014-03-29 00:29 - 00000000 ____D () C:\Program Files\Synaptics
2014-03-29 00:28 - 2007-12-06 19:12 - 00320048 _____ (Synaptics, Inc.) C:\Windows\system32\Drivers\SynTP.sys
2014-03-29 00:28 - 2007-12-06 19:12 - 00138240 _____ (Synaptics, Inc.) C:\Windows\system32\SynTPCo4.dll
2014-03-29 00:28 - 2007-12-06 18:20 - 00196096 _____ (Synaptics, Inc.) C:\Windows\system32\SynTPAPI.dll
2014-03-29 00:28 - 2007-12-06 18:20 - 00102400 _____ (Synaptics, Inc.) C:\Windows\SysWOW64\SynTPCOM.dll
2014-03-29 00:28 - 2007-12-06 18:09 - 00253440 _____ (Synaptics, Inc.) C:\Windows\system32\SynCtrl.dll
2014-03-29 00:28 - 2007-12-06 18:09 - 00196608 _____ (Synaptics, Inc.) C:\Windows\SysWOW64\SynCtrl.dll
2014-03-29 00:28 - 2007-12-06 18:08 - 00402432 _____ (Synaptics, Inc.) C:\Windows\system32\SynCOM.dll
2014-03-29 00:28 - 2007-12-06 18:08 - 00163840 _____ (Synaptics, Inc.) C:\Windows\SysWOW64\SynCOM.dll
2014-03-29 00:28 - 2006-03-09 10:58 - 01491528 _____ () C:\Windows\system32\WdfCoInstaller01000.dll
2014-03-29 00:23 - 2014-03-29 00:23 - 00000000 ____D () C:\Program Files\Wireless Console 2
2014-03-29 00:23 - 2014-03-29 00:23 - 00000000 ____D () C:\Program Files (x86)\Wireless Console 2
2014-03-29 00:16 - 2014-03-29 00:16 - 00000000 ____D () C:\Users\phil\AppData\Roaming\Intel
2014-03-29 00:15 - 2014-03-29 00:15 - 00000000 ____D () C:\ProgramData\Intel
2014-03-29 00:15 - 2014-03-29 00:15 - 00000000 ____D () C:\Program Files\Intel
2014-03-29 00:15 - 2014-03-29 00:15 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-03-29 00:15 - 2014-03-29 00:15 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-03-29 00:07 - 2008-09-12 14:48 - 00406040 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys
2014-03-29 00:04 - 2014-03-29 00:04 - 00003086 _____ () C:\Windows\System32\Tasks\{569562BD-93C0-4BD8-B533-E7AD31D1C526}
2014-03-29 00:04 - 2014-03-29 00:04 - 00000000 ____D () C:\Windows\SysWOW64\x64
2014-03-29 00:04 - 2014-03-29 00:04 - 00000000 ____D () C:\Windows\SysWOW64\Lang
2014-03-29 00:04 - 2014-03-29 00:04 - 00000000 ____D () C:\Windows\SysWOW64\DEU
2014-03-29 00:04 - 2008-05-02 18:53 - 01034776 _____ (Intel Corporation) C:\Windows\SysWOW64\imsmudlg.exe
2014-03-29 00:03 - 2014-03-29 00:04 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-29 00:03 - 2014-03-29 00:03 - 00000000 ____D () C:\Intel
2014-03-28 23:57 - 2014-03-28 23:57 - 00000000 ____D () C:\Asus treiber
2014-03-28 23:56 - 2014-04-03 12:52 - 00000000 ____D () C:\Users\phil\AppData\Local\Akamai
2014-03-28 23:56 - 2014-03-28 23:56 - 10028912 _____ (Akamai Technologies, Inc.) C:\Users\phil\Downloads\AsusInstaller.exe
2014-03-28 23:52 - 2014-03-28 23:52 - 00001039 _____ () C:\Users\phil\Desktop\StarCraft II.lnk
2014-03-28 23:18 - 2014-03-28 23:19 - 00275256 _____ () C:\Windows\Minidump\032814-45458-01.dmp
2014-03-28 23:16 - 2014-03-28 23:26 - 01648546 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-28 23:13 - 2014-03-28 23:13 - 00000000 ____D () C:\f7d25ada52fda653c1aeb0499a2a69ae
2014-03-28 23:12 - 2014-03-28 23:13 - 50449456 _____ (Microsoft Corporation) C:\Users\phil\Downloads\dotNetFx40_Full_x86_x64.exe
2014-03-28 23:03 - 2014-03-28 23:03 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-03-28 22:35 - 2014-03-28 22:35 - 00275184 _____ () C:\Windows\Minidump\032814-39608-01.dmp
2014-03-28 19:15 - 2014-03-28 19:24 - 306244456 _____ (AMD Inc.) C:\Users\phil\Downloads\AMD_Catalyst_14.3_Beta_V1.0_Windows_B22_March12.exe
2014-03-26 21:32 - 2014-03-26 21:32 - 00000222 _____ () C:\Users\phil\Desktop\HAWKEN.url
2014-03-26 20:09 - 2014-03-26 20:09 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-26 20:09 - 2014-03-26 20:09 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-26 17:06 - 2014-03-26 17:07 - 41177600 _____ () C:\Users\phil\Downloads\PhysX-9.13.1220-SystemSoftware.msi
==================== One Month Modified Files and Folders =======
2014-04-06 11:14 - 2014-04-06 08:40 - 00016733 _____ () C:\Users\phil\Desktop\FRST.txt
2014-04-06 11:14 - 2014-04-06 08:39 - 00000000 ____D () C:\FRST
2014-04-06 10:50 - 2011-07-14 10:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-06 10:45 - 2014-04-06 10:45 - 00000750 _____ () C:\Users\phil\Desktop\JRT.txt
2014-04-06 10:29 - 2014-04-06 10:29 - 00097900 _____ () C:\Users\phil\Desktop\mbam.txt
2014-04-06 10:27 - 2014-04-06 09:19 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-06 10:26 - 2011-06-22 08:40 - 01132199 _____ () C:\Windows\WindowsUpdate.log
2014-04-06 10:00 - 2009-07-14 19:58 - 00726502 _____ () C:\Windows\system32\perfh007.dat
2014-04-06 10:00 - 2009-07-14 19:58 - 00157654 _____ () C:\Windows\system32\perfc007.dat
2014-04-06 10:00 - 2009-07-14 07:13 - 01670652 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-06 09:59 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-06 09:59 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-06 09:58 - 2014-04-06 09:58 - 00000000 ____D () C:\Windows\ERUNT
2014-04-06 09:57 - 2014-04-06 09:57 - 01016261 _____ (Thisisu) C:\Users\phil\Desktop\JRT.exe
2014-04-06 09:54 - 2011-06-22 17:16 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-06 09:53 - 2011-07-14 10:04 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-06 09:53 - 2011-06-22 16:56 - 00160194 _____ () C:\Windows\PFRO.log
2014-04-06 09:53 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-06 09:53 - 2009-07-14 06:51 - 00051761 _____ () C:\Windows\setupact.log
2014-04-06 09:51 - 2014-04-06 09:49 - 00000000 ____D () C:\AdwCleaner
2014-04-06 09:51 - 2011-06-22 08:50 - 00000993 _____ () C:\Users\phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-06 09:47 - 2014-04-06 09:47 - 01426178 _____ () C:\Users\phil\Desktop\adwcleaner.exe
2014-04-06 09:20 - 2014-04-06 09:18 - 00001098 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-06 09:20 - 2014-04-06 09:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-04-06 09:18 - 2014-04-06 09:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-06 09:18 - 2014-04-06 09:17 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\phil\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-06 08:58 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-06 08:52 - 2014-04-06 08:52 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\phil\Downloads\revosetup95.exe
2014-04-06 08:52 - 2014-04-06 08:52 - 00001260 _____ () C:\Users\phil\Desktop\Revo Uninstaller.lnk
2014-04-06 08:52 - 2014-04-06 08:52 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-06 08:49 - 2014-04-04 00:25 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-04-06 08:42 - 2014-04-06 08:41 - 00032646 _____ () C:\Users\phil\Desktop\Addition.txt
2014-04-06 08:38 - 2014-04-06 08:38 - 02157056 _____ (Farbar) C:\Users\phil\Desktop\FRST64.exe
2014-04-04 17:34 - 2011-10-16 20:07 - 00000000 _RSHD () C:\nvda
2014-04-04 14:06 - 2014-04-04 14:06 - 00000367 _____ () C:\Users\phil\Downloads\Shadow Company - Left For Dead.exe
2014-04-04 12:40 - 2011-07-15 18:10 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-04-04 12:39 - 2014-02-22 15:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-04 02:28 - 2014-04-04 02:26 - 00000000 ____D () C:\bands
2014-04-04 00:34 - 2014-04-04 00:34 - 00003446 _____ () C:\Windows\System32\Tasks\RegistryDr_Popup
2014-04-04 00:34 - 2014-04-04 00:34 - 00003182 _____ () C:\Windows\System32\Tasks\RegistryDr_Start
2014-04-04 00:32 - 2014-04-04 00:32 - 00000000 ____D () C:\Users\phil\AppData\Local\EuroTrade_A.L._Ltd
2014-04-04 00:30 - 2014-04-04 00:28 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-04 00:28 - 2014-04-04 00:28 - 00001125 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-04-04 00:28 - 2014-04-04 00:28 - 00000000 ____D () C:\Users\phil\AppData\Roaming\Opera Software
2014-04-04 00:28 - 2014-04-04 00:28 - 00000000 ____D () C:\Users\phil\AppData\Local\Opera Software
2014-04-04 00:27 - 2014-04-04 00:27 - 00000000 ____D () C:\Users\phil\Documents\PrivacyDR
2014-04-04 00:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-04 00:24 - 2014-04-04 00:24 - 00003160 _____ () C:\Windows\System32\Tasks\fsupdate
2014-04-04 00:23 - 2014-04-04 00:28 - 00036041 _____ () C:\download_repair.php
2014-04-04 00:20 - 2014-04-04 00:20 - 00000000 ____D () C:\Users\phil\AppData\Local\ESET
2014-04-03 23:55 - 2013-11-09 18:03 - 00000000 ____D () C:\Users\phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-04-03 19:51 - 2014-04-03 19:51 - 00000000 ____D () C:\ProgramData\Steam
2014-04-03 19:46 - 2014-04-03 19:46 - 00000647 _____ () C:\Users\Public\Desktop\NASCAR '14.lnk
2014-04-03 19:34 - 2011-10-10 17:17 - 00000000 ____D () C:\Spiele
2014-04-03 19:26 - 2013-11-26 20:15 - 00000000 ____D () C:\Games
2014-04-03 12:52 - 2014-03-28 23:56 - 00000000 ____D () C:\Users\phil\AppData\Local\Akamai
2014-04-03 09:51 - 2014-04-06 09:18 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-06 09:18 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-06 09:18 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-01 13:33 - 2011-06-22 09:39 - 00000000 ____D () C:\Users\phil\AppData\Local\Mozilla
2014-04-01 13:33 - 2011-06-22 09:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-31 14:34 - 2014-03-31 14:33 - 27002009 _____ () C:\Users\phil\Downloads\YouPorn%20-%20Hot%20Squirting%20Dildo%20Sticky%20Cumshot.mp4
2014-03-30 02:38 - 2011-07-14 22:11 - 00000000 ____D () C:\Users\phil\AppData\Roaming\Skype
2014-03-30 02:36 - 2011-07-29 09:01 - 00000000 ____D () C:\ProgramData\Origin
2014-03-30 02:28 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-29 00:54 - 2014-03-29 00:54 - 00000000 ____D () C:\Users\phil\Documents\ASUS
2014-03-29 00:54 - 2014-03-29 00:54 - 00000000 ____D () C:\Users\phil\AppData\Local\ASUS
2014-03-29 00:54 - 2014-03-29 00:43 - 00000000 ____D () C:\ProgramData\ASUS
2014-03-29 00:50 - 2011-06-22 08:49 - 00000000 ____D () C:\Users\phil
2014-03-29 00:43 - 2013-11-09 17:52 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-03-29 00:43 - 2011-06-22 21:38 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-29 00:42 - 2014-03-29 00:42 - 00003258 _____ () C:\Windows\System32\Tasks\{4D531D85-B61A-4AA4-8C8F-ADC77E30A206}
2014-03-29 00:42 - 2014-03-29 00:42 - 00001088 _____ () C:\Users\Public\Desktop\LifeFrame.lnk
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 ____D () C:\Program Files (x86)\ATK Hotkey
2014-03-29 00:37 - 2014-03-29 00:37 - 00000000 ____D () C:\Program Files\ATKGFNEX
2014-03-29 00:35 - 2014-03-29 00:35 - 00000815 _____ () C:\Users\Public\Desktop\ASUS Data Security Manager.lnk
2014-03-29 00:35 - 2014-03-29 00:35 - 00000000 ____D () C:\Program Files\ASUS
2014-03-29 00:33 - 2014-03-29 00:33 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-03-29 00:32 - 2014-03-29 00:32 - 00003154 _____ () C:\Windows\System32\Tasks\{3C2F17C0-7CD4-4F3C-97D7-755CEBFC232A}
2014-03-29 00:30 - 2011-06-22 10:28 - 00058364 _____ () C:\Windows\DPINST.LOG
2014-03-29 00:29 - 2014-03-29 00:29 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01000.Wdf
2014-03-29 00:29 - 2014-03-29 00:29 - 00000000 ____D () C:\Program Files\Synaptics
2014-03-29 00:23 - 2014-03-29 00:23 - 00000000 ____D () C:\Program Files\Wireless Console 2
2014-03-29 00:23 - 2014-03-29 00:23 - 00000000 ____D () C:\Program Files (x86)\Wireless Console 2
2014-03-29 00:16 - 2014-03-29 00:16 - 00000000 ____D () C:\Users\phil\AppData\Roaming\Intel
2014-03-29 00:16 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-03-29 00:15 - 2014-03-29 00:15 - 00000000 ____D () C:\ProgramData\Intel
2014-03-29 00:15 - 2014-03-29 00:15 - 00000000 ____D () C:\Program Files\Intel
2014-03-29 00:15 - 2014-03-29 00:15 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-03-29 00:15 - 2014-03-29 00:15 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-03-29 00:04 - 2014-03-29 00:04 - 00003086 _____ () C:\Windows\System32\Tasks\{569562BD-93C0-4BD8-B533-E7AD31D1C526}
2014-03-29 00:04 - 2014-03-29 00:04 - 00000000 ____D () C:\Windows\SysWOW64\x64
2014-03-29 00:04 - 2014-03-29 00:04 - 00000000 ____D () C:\Windows\SysWOW64\Lang
2014-03-29 00:04 - 2014-03-29 00:04 - 00000000 ____D () C:\Windows\SysWOW64\DEU
2014-03-29 00:04 - 2014-03-29 00:03 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-29 00:03 - 2014-03-29 00:03 - 00000000 ____D () C:\Intel
2014-03-28 23:57 - 2014-03-28 23:57 - 00000000 ____D () C:\Asus treiber
2014-03-28 23:56 - 2014-03-28 23:56 - 10028912 _____ (Akamai Technologies, Inc.) C:\Users\phil\Downloads\AsusInstaller.exe
2014-03-28 23:52 - 2014-03-28 23:52 - 00001039 _____ () C:\Users\phil\Desktop\StarCraft II.lnk
2014-03-28 23:26 - 2014-03-28 23:16 - 01648546 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-28 23:19 - 2014-03-28 23:18 - 00275256 _____ () C:\Windows\Minidump\032814-45458-01.dmp
2014-03-28 23:18 - 2011-08-18 12:22 - 493116602 _____ () C:\Windows\MEMORY.DMP
2014-03-28 23:18 - 2011-08-18 12:22 - 00000000 ____D () C:\Windows\Minidump
2014-03-28 23:13 - 2014-03-28 23:13 - 00000000 ____D () C:\f7d25ada52fda653c1aeb0499a2a69ae
2014-03-28 23:13 - 2014-03-28 23:12 - 50449456 _____ (Microsoft Corporation) C:\Users\phil\Downloads\dotNetFx40_Full_x86_x64.exe
2014-03-28 23:04 - 2013-11-09 16:28 - 00000000 ____D () C:\AMD
2014-03-28 23:03 - 2014-03-28 23:03 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-03-28 22:49 - 2014-02-22 14:12 - 00000000 ____D () C:\ProgramData\AMD
2014-03-28 22:35 - 2014-03-28 22:35 - 00275184 _____ () C:\Windows\Minidump\032814-39608-01.dmp
2014-03-28 19:24 - 2014-03-28 19:15 - 306244456 _____ (AMD Inc.) C:\Users\phil\Downloads\AMD_Catalyst_14.3_Beta_V1.0_Windows_B22_March12.exe
2014-03-27 17:52 - 2011-08-12 01:01 - 00000000 ____D () C:\Users\phil\Documents\My Games
2014-03-26 21:32 - 2014-03-26 21:32 - 00000222 _____ () C:\Users\phil\Desktop\HAWKEN.url
2014-03-26 21:32 - 2014-02-22 15:41 - 00000000 ____D () C:\Users\phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-03-26 20:09 - 2014-03-26 20:09 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-26 20:09 - 2014-03-26 20:09 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-26 17:07 - 2014-03-26 17:06 - 41177600 _____ () C:\Users\phil\Downloads\PhysX-9.13.1220-SystemSoftware.msi
2014-03-26 14:45 - 2011-07-14 10:04 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-26 14:45 - 2011-07-14 10:04 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-18 23:08 - 2011-06-22 21:38 - 00000000 ____D () C:\Users\phil\AppData\Roaming\ICQ
Some content of TEMP:
====================
C:\Users\phil\AppData\Local\Temp\ami.exe
C:\Users\phil\AppData\Local\Temp\drm_dialogs.dll
C:\Users\phil\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\phil\AppData\Local\Temp\drm_dyndata_7410004.dll
C:\Users\phil\AppData\Local\Temp\EADA66B.exe
C:\Users\phil\AppData\Local\Temp\EADB3E3.exe
C:\Users\phil\AppData\Local\Temp\EADC12C.exe
C:\Users\phil\AppData\Local\Temp\installerdll109278.dll
C:\Users\phil\AppData\Local\Temp\installerdll110089.dll
C:\Users\phil\AppData\Local\Temp\installerdll115924.dll
C:\Users\phil\AppData\Local\Temp\installerdll117109.dll
C:\Users\phil\AppData\Local\Temp\installerdll121009.dll
C:\Users\phil\AppData\Local\Temp\installerdll126984.dll
C:\Users\phil\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\phil\AppData\Local\Temp\KUIU.EXE
C:\Users\phil\AppData\Local\Temp\Lifecam3.0.204.0.exe
C:\Users\phil\AppData\Local\Temp\PrefJsonCpp.exe
C:\Users\phil\AppData\Local\Temp\Quarantine.exe
C:\Users\phil\AppData\Local\Temp\rootsupd.exe
C:\Users\phil\AppData\Local\Temp\Setup.exe
C:\Users\phil\AppData\Local\Temp\sqlite3.exe
C:\Users\phil\AppData\Local\Temp\UninstallEADM.dll
C:\Users\phil\AppData\Local\Temp\vcredist_x64.exe
C:\Users\phil\AppData\Local\Temp\vcredist_x86.exe
C:\Users\phil\AppData\Local\Temp\{BB9970D8-D38D-4A03-A336-56CB861B5E0D}-chrome_installer.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-30 12:45
==================== End Of Log ============================
--- --- --- |
|
07.09.2014, 14:42
| #5 |
| Administrator /// technical service   | Hab Adware auf mein rechner und will die los werden Hallo, leider wurde Dein Thema aus (technischen Gründen) übersehen. Da mehrere Antworten in Deinem Thema vorhanden waren, wurde es versehentlich als 'bereits in Arbeit' eingestuft. Dies bitten wir zu entschuldigen. Wir versuchen jedem Hilfesuchenden binnen kurzer Zeit zu antworten und Lösungen für das Problem anzubieten. Bitte erstelle ggf. ein neues Thema, damit sich ein Teammitglied deinem Problem annehmen kann. Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten? Vielen Dank für Dein Verständnis. |
|
| Themen zu Hab Adware auf mein rechner und will die los werden |
| akamai, antivirus, chromium, device driver, flash player, homepage, iexplore.exe, installation, malware, minidump, mozilla, msiinstaller, newtab, programm, pup.optional.facemoods.a, pup.optional.flowsurf.a, pup.optional.iepluginservice.a, pup.optional.outbrowse, pup.optional.qone8, pup.optional.quickstart.a, pup.optional.skytech.a, pup.optional.suptab.a, pup.optional.webssearches.a, pup.optional.wpmanager.a, registry, rückgängig, software, svchost.exe, vcredist, werbung, windows xp |
Linear-Darstellung
